Microsoft said late Saturday that dozens of computer systems at an unspecified number of Ukrainian government agencies have been infected with destructive malware disguised as ransomware, a disclosure suggesting an attention-grabbing defacement attack on official websites was a diversion. The extent of the damage was not immediately clear.

The attack comes as the threat of a Russian invasion of Ukraine looms and diplomatic talks to resolve the tense stand-off appear stalled.

Microsoft said in a short blog post that amounted to the clanging of an industry alarm that it first detected the malware on Thursday. That would coincide with the attack that simultaneously took some 70 government websites temporarily offline.

The disclosure followed a Reuters report earlier in the day quoting a top Ukrainian security official as saying the defacement was indeed cover for a malicious attack.

Separately, a top private sector cybersecurity executive in Kyiv told The Associated Press how the attack succeeded: The intruders penetrated the government networks through a shared software supplier in a so-called supply-chain attack in the fashion of the 2000 SolarWinds Russian cyberespionage campaign targeting the U.S. government.

Microsoft said in a different, technical post that the affected systems “span multiple government, non-profit, and information technology organizations.” It said it did not know how many more organizations in Ukraine or elsewhere might be affected but said it expected to learn of more infections.

“The malware is disguised as ransomware but, if activated by the attacker, would render the infected computer system inoperable,” Microsoft said. In short, it lacks a ransom recovery mechanism.

Microsoft said the malware “executes when an associated device is powered down,” a typical initial reaction to a ransomware attack.

Microsoft said it was not yet able to assess the intent of the destructive activity or associate the attack with any known threat actors. The Ukrainian security official, Serhiy Demedyuk, was quoted by Reuters as saying the attackers used malware similar to that used by Russian intelligence. He is deputy secretary of the National Security and Defense Council.

A preliminary investigation led Ukraine’s Security Service, the SBU, to blame the web defacement on “hacker groups linked to Russia’s intelligence services.” Moscow has repeatedly denied involvement in cyberattacks against Ukraine.

Tensions with Russia have been running high in recent weeks after Moscow amassed an estimated 100,000 troops near Ukraine’s border. Experts say they expect any invasion would have a cyber component, which is integral to modern “hybrid” warfare.

Demedyuk told Reuters in written comments that the defacement “was just a cover for more destructive actions that were taking place behind the scenes and the consequences of which we will feel in the near future.” The story did not elaborate and Demedyuk could not immediately be reached for comment.

Oleh Derevianko, a leading private sector expert and founder of the ISSP cybersecurity firm, told the AP he did not know how serious the damage was. He said also unknown is what else the attackers might have achieved after breaking into KitSoft, the developer exploited to sow the malware.

In 2017, Russia targeted Ukraine with one of the most damaging cyberattacks on record with the NotPetya virus, causing more than $10 billion in damage globally. That virus, also disguised as ransomware, was a so-called “wiper” that erased entire networks.

Ukraine has suffered the unfortunate fate of being the world’s proving ground for cyberconflict. Russia state-backed hackers nearly thwarted its 2014 national elections and briefly crippling parts of its power grid during the winters of 2015 and 2016.

In Friday’s mass web defacement, a message left by the attackers claimed they had destroyed data and placed it online, which Ukrainian authorities said had not happened.

The message told Ukrainians to “be afraid and expect the worst.”

Ukrainian cybersecurity professionals have been fortifying the defenses of critical infrastructure since 2017, with more than $40 million in U.S. assistance. They are particularly concerned about Russian attacks on the power grid, rail network and central bank.

 
…

Chinese technology and expertise is making it possible for Venezuela and Cuba to exercise suffocating control over digital communications in the two countries, according to insider accounts and several international investigations. 

Venezuela and Cuba do more to block internet access than any other governments in Latin America, according to the U.S.-based advocacy group Freedom House, which has documented what it describes as “digital authoritarianism” in the region since 2018. 

“Whoever believes that privacy exists in Venezuela through email communications, Twitter, WhatsApp, Facebook and Instagram is wrong. All these tools” are totally subject to government intervention, said Anthony Daquin, former adviser on computer security matters to the Ministry of Justice of Venezuela. 

Daquin participated between 2002 and 2008 in delegations sent by former President Hugo Chávez to China to learn how Beijing uses software to identify Chinese citizens, and to implement a similar system in Venezuela. 

Key to those efforts was the introduction in 2016 of the “carnet de la patria” or homeland card, developed by the Chinese company ZTE. While theoretically voluntary, possession of the cards is required to access a vast range of goods and services, ranging from doctor’s appointments to government pensions. 

The cards were presented as a way to make public services and supply chains more efficient, but critics denounced them as a form of “citizen control.” 

Daquin said China’s role in recent years has been to provide technology and technical assistance to help the Venezuelan government process large amounts of data and monitor people whom the government considers enemies of the state. 

“They have television camera systems, fingerprints, facial recognition, word algorithm systems for the internet and conversations,” he said. 

Daquin said one of the few means that Venezuelans have to communicate electronically free from government monitoring is the encrypted messaging platform Signal, which the government has found it very costly to control. 

The former adviser said Venezuela’s digital surveillance structure is divided into five “rings,” with “Ring 5 being the most trusted, 100 percent Chinese personnel supervising.” 

According to Daquin, the government receives daily reports from the monitors that become the basis for decisions on media censorship, internet shutdowns and arbitrary arrests. 

US accusations against Chinese companies 

Several Chinese technology companies are active in Venezuela, including ZTE, Huawei and the China National Electronics Import & Export Corp. (CEIEC). The latter was sanctioned in 2020 by the U.S. Treasury Department on the grounds that its work in Venezuela had helped the government of President Nicolas Maduro “restrict internet service” and “conduct digital surveillance and cyber operations against political opponents.”

The U.S. Senate Foreign Relations Committee also issued an alert in 2020. In a report, Big Brother, China Digital Authoritarianism, it accused Chinese telecommunications companies of facilitating “digital authoritarianism” around the world and cited Venezuela as a case study. 

Specifically, the committee mentions the existence of a team of ZTE employees working within the facilities of the state telecommunications company CANTV, which manages the homeland card database. 

The document cites an investigation by the Reuters news agency, which reported it was told by CANTV employees that the card system allows them to monitor a vast range of information about individuals, including “birthdays, family information, employment and income, property owned, medical history, state benefits received, presence on social media, membership of a political party and whether a person voted.” 

“Maduro takes full advantage of Chinese hardware and services in his effort to control Venezuelan citizens,” the report says. 

Sophisticated and simple internet blockades 

The Maduro government’s efforts to block access to the internet by domestic opponents are “very crude,” according to Luis Carlos Díaz, president of the Venezuelan chapter of the Internet Society, a U.S.-based nonprofit that advocates for open development of the internet. 

He said it takes nothing more than a phone call from a government official to the operator of a web portal to have a website or social media outlet blocked for a time. 

However, in 2019, Venezuela blocked The Onion Router, or TOR, one of the most sophisticated systems used globally to allow internet users to remain anonymous and bypass censorship. The platform directs messages through a worldwide network of servers so the origin of a message cannot be identified. 

Diaz said that, unlike other recurrent blockades in Venezuela, the TOR hack did require a higher level of knowledge. 

“There, we raised alerts because it was excessively serious,” he told VOA. “It meant that the Venezuelan government was using technology like the one used in China to block users who had TOR, a tool used to circumvent censorship.” 

The TOR blockade lasted a week, and Díaz said he doubts that the Venezuelan government did it by itself, because it lacks the highly trained people needed for such a complex operation. 

China’s role in Cuba 

The internet infrastructure in Cuba was also built with equipment acquired from Chinese companies. The Swedish organization Qurium, in a report published at the beginning of 2020, said it had detected Huawei eSight network management software on the Cuban internet. The purpose of the software is to help filter web searches, according to this organization. 

Cuban dissidents say the only way to access pages censored by the government on the island is through a virtual private network or VPN, which tricks the system into believing that the user is in another country. 

This “is the only way to enter any controlled website,” said journalist Luz Escobar, who converts web content into PDF format or newsletters and sends those by email to users of 14yMedio, an independent digital news outlet that is blocked from uploading its content to the internet. In Cuba, however, “few people master this technique,” she said. 

Internet censorship in Cuba was investigated in 2017 by the Open Observatory of Network Interference (OONI), a volunteer-based organization that monitors internet censorship around the world. The group said it was able to determine that a Chinese company had developed software for public Wi-Fi portals on the island “because they left comments in the source code in Chinese.” 

“We also found a wide use of Huawei equipment,” said Arturo Filastó, a project leader at OONI who had traveled to Cuba and tested various Wi-Fi connection points provided by the government. 

Voice of America asked for comments from the three government entities in question — Cuba, Venezuela and China — but did not receive responses from any of them before publication. 

China continues to tutor countries with an “authoritarian tendency” 

In a 2021 report on internet censorship, Freedom House said Venezuelan officials, along with representatives from 36 other countries including Saudi Arabia and Syria, participated in Chinese government training and seminars on new media and information management. 

China has organized forums such as the World Internet Conference in 2017 “where it imparts its norms to authoritarian-leaning governments,” the report concluded. 

Justin Sherman, an information security expert at the Atlantic Council’s Cyber Statecraft Initiative, told VOA that Chinese companies like Huawei and ZTE have “been involved all over the world, not just in Venezuela, in creating programs of internet censorship surveillance for governments, intelligence services and police agencies.” 

Sherman said it is not clear whether Chinese companies sell their surveillance technology to authoritarian governments solely for profit. The thesis of the 2020 Senate Relations Committee report is that there is an interest in China to go beyond the sale of its technology services to extend its policy of “digital authoritarianism in the world.” 

This article originated in VOA’s Latin America Division.
…

European Union officials have condemned Friday’s cyberattack on Ukraine that shut down government and emergency services websites and pledged to use EU resources to assist the nation.

Ukraine’s foreign ministry reported Friday the websites of the country’s cabinet — seven ministries, including the treasury, the national emergency service and the state services, where Ukrainians’ electronic passports and vaccination certificates are stored — were temporarily unavailable Friday as a result of the hack.

The websites contained a message in Ukrainian, Russian and Polish, saying Ukrainians’ personal data has been leaked into the public domain. The message said, in part, “Be afraid and expect the worst. This is for your past, present and future.”

Ukraine’s State Service of Communication and Information Protection told the Associated Press there was no evidence personal data has been leaked.

In a statement, NATO Secretary General Jens Stoltenberg strongly condemned the attacks, saying the alliance’s cyber experts have been exchanging information with their Ukrainian counterparts on “the current malicious cyber activities.” He said NATO allied experts in the country also are supporting the Ukrainian authorities.

“In the coming days, NATO and Ukraine will sign an agreement on enhanced cyber cooperation, including Ukrainian access to NATO’s malware information sharing platform,” Stoltenberg said in a statement.

Speaking to reporters on the sidelines of a meeting of EU foreign ministers in Brest, France, EU Foreign Affairs chief Josep Borrell issued the “strongest condemnation” of the attack and said an emergency meeting of the EU political committee would be held to discuss how to react. He pledged to “mobilize all our resources to help Ukraine” increase its cyberattack-resistance capability.

When asked if he knew who was behind the attack, Borrell said they are still investigating, noting it is often difficult to trace cyberattacks, though he added “I don’t have any proof, but one can guess …”

Ukraine’s foreign ministry said Russia has a long history of such attacks. The incident also follows weeks of apparently failed diplomatic efforts to de-escalate tensions on the border with Russia and Ukraine where Moscow has amassed an estimated 100,000 troops and equipment, raising fears of an imminent invasion.

Russia insists the troops are there for its own protection, but is demanding NATO provide guarantees it will stop its eastward expansion, beginning with not allowing Ukraine to join the alliance, a move Moscow perceives as a threat. NATO has repeatedly rejected that request, saying Russia has no veto over NATO membership.

Some information for this report was provided by The Associated Press, Reuters and Agence France-Presse.
…

A SpaceX rocket launch Thursday carried three small South African-made satellites that will help with policing South African waters against illegal fishing operations.

Produced at the Cape Peninsula University of Technology, the satellites could also be used to help other African countries to protect their coastal waters.

SpaceX’s billionaire boss Elon Musk has given three nano satellites produced in his birth country, South Africa, a ride into space.

The company’s Falcon rocket launched from Cape Canaveral in the U.S. state of Florida with 105 spacecraft on board. All three South African satellites deployed successfully.

This mission, known as Transporter 3, is part of SpaceX’s rideshare program which in two previous outings has put over 220 small satellites into orbit.

The three South African nano satellites on this trip were designed at the Cape Peninsula University of Technology’s Africa Space Innovation Centre.

The institution’s deputy vice chancellor for research, technology and innovation Professor David Phaho says “it marks a quantum leap in terms of South Africa’s capability to participate in the space sector. As you can imagine the issue of oceans economy has become topical globally. And the fact that we’ve developed this capacity in South Africa, and we are launching this (sic) satellites will go a long way in enhancing our capabilities to monitor our coastline and grow our economy.”

Phaho notes the university has been building up to the launch of these satellites, known collectively as MDASat-1, with a previous satellite launch in 2018.

“These three satellites, there was a precursor to these current three satellite constellation. Zcube2 is the most advanced nano satellite developed on the African continent and it was launched in December 2018 so these ones are basically part and parcel of that development. And they are probably the most advanced nano satellites developed on the African continent,” Phaho expressed.

Stephen Cupido studied at the space center and graduated in 2014. Today, he works here as a software engineer and points out that “it’s been a ride, it’s been amazing, ups and downs but this is definitely an up today. Just to get everything ready for today has been a lot of pressure.”

And the interaction with SpaceX has been complicated he says laughing “but it’s necessary. We are putting objects in space and space is for everyone, we have to keep it safe for everybody so we understand the paperwork involved but we’ve got all the information through to them. They’re launching our satellite so everything is in order.”

The university paid almost $260,000 to secure its spot on the SpaceX craft. It says it hopes to continue the relationship with Elon Musk’s company. 
…

A new Hong Kong mandate that restaurants and other establishments require use of an app aimed at recording people’s locations and telling them if they have been near a COVID-19 patient has spurred opposition from the city’s pro-democracy voices.

The LeaveHomeSafe app scans a two-dimensional QR barcode at taxis and other locations. If a COVID-19 patient has been there, the app will alert users and provide health advice. The government required the use of the app Dec. 9 in all indoor premises including government buildings, restaurants, public facilities, and karaoke venues. Those over the age of 65, 15 years or younger, the homeless and those with disabilities are exempt.

Previously Hong Kongers could record these movements using a paper form, but the cursive characters written by opposition Hong Kongers or pro-democracy activists expressing their distrust in government were often illegible for authorities.

Hong Kongers believe the app can be a tool used by authorities to monitor citizens, according to a human rights advocate.

“Given Beijing’s use of mass surveillance in China, many Hong Kong people suspect that the app is one way for the Hong Kong and Beijing governments to normalize the use of government surveillance in Hong Kong,” Human Rights Watch senior China researcher Maya Wang told VOA by email.

An office worker in her 20s entering a Taiwanese restaurant recently was one of the Hong Kongers harboring doubts about the app. Before entering the restaurant, she said she stopped texting on her phone to use a second phone to scan the restaurant’s QR code using LeaveHomeSafe.

“It’s an act of human right and privacy violation as we can no longer choose the way we live and the app is part of the digital surveillance system,” she told VOA, referring to the government app.

Government officials sought to allay such privacy concerns last February, as health secretary Sophia Chan said the COVID-19 tracking app would not send personal data to the authorities.

“The fact is there is no issue of data privacy, because the data would be just stored in the phone of the person. There is no platform that collects those data,” Chan told reporters.

Hong Kong also has a new Health Code app for people to show they have not been exposed to COVID-19 to travel to mainland China, using LeaveHomeSafe records. The LeaveHomeSafe privacy statement says users are required to upload their visit records from the app to the health code system “only with their express consent” and “at their sole discretion.”

“The visit record, which by itself in isolation is not personal data, will be kept in users’ mobile phones for 31 days and will then be erased automatically,” the privacy statement adds.

The government announced the requirement for broader use of the LeaveHomeSafe app in November, before the omicron variant and when Hong Kong’s confirmed infection number was in single digits.

The government said in a statement then it had made the decision “amid the severe COVID-19 pandemic situation across the world” and that “it strives to foster favourable conditions for resuming cross-boundary travel with the Mainland and cross-border travel in the future.”

Wang said Hong Kongers are right to be suspicious of the government’s intentions with the tracing app.

Even though Hong Kong differs from China in significant ways, such as a privacy ordinance that protected people’s privacy for many years, she said, “these legal protections are increasingly being undermined as Beijing and Hong Kong governments do away with other protections of civil liberties, such as a free press and freedom of expression.”

The announcement of the mandate followed a clampdown on the use of the fake version of the app in the same month. The police arrested five people for using fake apps.

Two were confirmed to be arrested on suspicion of using false instruments — the same charge for using a falsified passport or fabricated visa to enter the city — that can send offenders to prison for up to 14 years and incur up to about $19,000 in penalty.

Officials have long been wary of certain residents’ opposition to the use of the app. In September, the police arrested three core members, aged 18-20, of the pro-democracy student activism group Student Politicism under the national security law.

They have been charged with conspiracy to incite subversion for “stirring hatred towards the government … including urging people not to use the LeaveHomeSafe app and to fill in fake [personal] information on the paper forms,” Steve Li Kwai-wah, superintendent of the police national security department told media in a September press conference.

Eric Lai, researcher at Georgetown University’s Center for Asian Law, said the measure seeks to “repress” Hong Kongers’ rights.

“The government of Hong Kong has a track record of using COVID-preventive measures to repress the exercise of citizen’s rights, such as the use of social distancing rules to criminalize citizens protesting in public sites” he told VOA by email.

The police were accused of targeting restaurants and shops that support democracy by conducting checks only in such shops, according to local media StandNews, which is now closed.

Many of such shops complained about losing the freedom not to use the app and said they would offer carry-out orders that do not require its use instead.

 
…

Cyberthreats and the growing space race are emerging risks to the global economy, adding to existing challenges posed by climate change and the coronavirus pandemic, the World Economic Forum said in a report Tuesday.  

The Global Risks Report is usually released ahead of the annual elite winter gathering of CEOs and world leaders in the Swiss ski resort of Davos, but the event has been postponed for a second year in a row because of COVID-19. The World Economic Forum still plans some virtual sessions next week. 

Here’s a rundown of the report, which is based on a survey of about 1,000 experts and leaders:  

World outlook 

As 2022 begins, the pandemic and its economic and societal impacts still pose a “critical threat” to the world, the report said. Big differences between rich and poor nations’ access to vaccines mean their economies are recovering at uneven rates, which could widen social divisions and heighten geopolitical tensions. 

By 2024, the global economy is forecast to be 2.3% smaller than it would have been without the pandemic. But that masks the different rates of growth between developing nations, whose economies are forecast to be 5.5% smaller than before the pandemic, and rich countries, which are expected to expand 0.9%.  

Digital dangers 

The pandemic forced a huge shift — requiring many people to work or attend class from home and giving rise to an exploding number of online platforms and devices to aid a transformation that has dramatically increased security risks, the report said.  

“We’re at the point now where cyberthreats are growing faster than our ability to effectively prevent and manage them,” said Carolina Klint, a risk management leader at Marsh, whose parent company Marsh McLennan co-authored the report with Zurich Insurance Group and SK Group.  

Cyberattacks are becoming more aggressive and widespread, as criminals use tougher tactics to go after more vulnerable targets, the report said. Malware and ransomware attacks have boomed, while the rise of cryptocurrencies makes it easy for online criminals to hide payments they have collected.  

While those responding to the survey cited cybersecurity threats as a short- and medium-term risk, Klint said the report’s authors were concerned that the issue wasn’t ranked higher, suggesting it’s a “blind spot” for companies and governments. 

Space race 

Space is the final frontier — for risk.  

Falling costs for launch technology has led to a new space race between companies and governments. Last year, Amazon founder Jeff Bezos’ space tourism venture Blue Origin and Virgin Galactic’s Richard Branson took off, while Elon Musk’s Space X business made big gains in launching astronauts and satellites.  

Meanwhile, a host of countries are beefing up their space programs as they chase geopolitical and military power or scientific and commercial gains, the report said.  

But all these programs raise the risk of friction in orbit.  

“Increased exploitation of these orbits carries the risk of congestion, an increase in debris and the possibility of collisions in a realm with few governance structures to mitigate new threats,” the report said.  

Space exploitation is one of the areas that respondents thought had among the least amount of international collaboration to deal with the challenges.  

Experts and leaders responding to the survey “don’t believe that much is being done in the best possible way moving forward,” World Economic Forum’s managing director, Saadia Zahidi, said at a virtual press briefing from Geneva.  

Other areas include artificial intelligence, cyberattacks and migration and refugees, she said.  

Climate crisis  

The environment remains the biggest long-term worry.  

The planet’s health over the next decade is the dominant concern, according to survey respondents, who cited failure to act on climate change, extreme weather, and loss of biodiversity as the top three risks.  

The report noted that different countries are taking different approaches, with some moving faster to adopt a zero-carbon model than others. Both approaches come with downsides. While moving slowly could radicalize more people who think the government isn’t acting urgently, a faster shift away from carbon intense industries could spark economic turmoil and throw millions out of work.  

“Adopting hasty environmental policies could also have unintended consequences for nature,” the report added. “There are still many unknown risks from deploying untested biotechnical and geoengineering technologies.” 
…

U.S. cybersecurity officials are still sounding an alarm about the so-called Log4j software vulnerability more than a month after it was first discovered, warning some criminals and nation state adversaries may be waiting to make use of their newfound access to critical systems.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said Monday that the vulnerability, also known as Log4shell, has been subject to widespread exploitation by criminals over the past several weeks, but that more serious and damaging attacking could still be in the works.

“We do expect Log4Shell to be used in intrusions well into the future,” CISA Director Jen Easterly told reporters during a phone briefing, adding, “at this time we have not seen the use of Log4shell resulting in significant intrusions.”

“This may be the case because sophisticated adversaries have already used this vulnerability to exploit targets and are just waiting to leverage their new access until network defenders are on a lower alert,” she said.

The vulnerability in the open-source software produced by the U.S.-based Apache Software Foundation, was first discovered in late November by the Chinese tech giant Alibaba. The first warnings to the public went out in early December. 

Cybersecurity officials and experts initially described the flaw in the software as perhaps the worst vulnerability ever discovered, noting the software’s widespread use – in at least 2,800 products used by both private companies and governments around the world.

CISA on Monday said the vulnerability has impacted hundreds of millions of devices around the world, with many software vendors racing to issue security patches to their customers.

So far, U.S. agencies appear to be unscathed.

“We, at this point, are not seeing any confirmed compromises of federal agencies across the broader country, including critical infrastructure,” CISA Executive Assistant Director for Cybersecurity Eric Goldstein told reporters.

But he cautioned the danger has not yet passed despite the lack of destructive attacks by sophisticated hacking groups and foreign adversaries.

“It is certainly possible that that may change, that adversaries may be utilizing this vulnerability to gain persistent access that they could use in the future, which is why we are so focused on remediating the vulnerability across the country and ensuring that we are detecting any intrusions if and when they arise,” he said.

Yet there are reports that other countries have already been targeted by cyber actors seeking to exploit the software vulnerability.

Belgium’s Ministry of Defense said last month that some of its computer systems went down last month following an attack, in which the Log4j vulnerability was believed to be exploited.

And some security experts warn other countries, including China, Iran, North Korea and Turkey, have sought to exploit Log4j.

“This activity ranges from experimentation during development, integration of the vulnerabilities to in-the-wild payload deployment, and exploitation against targets to achieve the actor’s objectives,” Microsoft’s Threat Intelligence Center wrote in a blog post last week.

In particular, Microsoft said the Iran cyber threat actor known as Phosphorus, known for launching ransomware attacks, has already modified the Log4j vulnerability for use in attacks, while the Chinese group known as Hafnium has also used it for some targeting activities.

The private cybersecurity firm CrowdStrike separately assessed that a Chinese-based group called Aquatic Panda sought to use the Log4j vulnerability to target an unnamed academic institution.

CISA on Monday said it could not independently confirm such reports, and further said it had yet to discover any ransomware attacks in which the attackers used the Log4j vulnerability to penetrate the victim’s systems.

CISA’s director said one reason could be that “there may be a lag between when this vulnerability is being used and when it is being actively deployed.”

Easterly also warned about information that U.S. officials are unable to see due to the failure of Congress to pass legislation that would require private companies to report cyberattacks – something the White House and many lawmakers have been advocating for some time.

“We are concerned that threat actors are going to start taking advantage of this vulnerability and having impacts in particular on critical infrastructure, and because there is no legislation in place, we will likely not know about it,” she said. 
…

Six months ago, pilot Hana Khan saw her picture on an app that appeared to be auctioning scores of Muslim women in India. The app was quickly taken down, no one was charged, and the issue shelved – until a similar app popped up on New Year’s Day.

Khan was not on the new app called Bulli Bai – a slur for Muslim women – that was hawking activists, journalists, an actor, politicians and Nobel Laureate Malala Yousafzai as maids.

Amid growing outrage, the app was taken down, and four suspects arrested this week.

The fake auctions that were shared widely on social media are just the latest examples of how technology is being used – often with ease, speed and little expense – to put women at risk through online abuse, theft of privacy or sexual exploitation.

For Muslim women in India who are often abused online, it is an everyday risk, even as they use social media to call out hatred and discrimination against their minority community.

“When I saw my picture on the app, my world shook. I was upset and angry that someone could do this to me, and I became angrier as I realized this nameless person was getting away with it,” said Khan, who filed a police complaint against the first app, Sulli Deals, another pejorative term for Muslim women.

“This time, I felt so much dread and despair that it was happening again to my friends, to Muslim women like me. I don’t know how to make it stop,” Khan, a commercial pilot in her 30s, told the Thomson Reuters Foundation.

Mumbai police said they were investigating whether the Bulli Bai app was “part of a larger conspiracy”.

A spokesperson for GitHub, which hosted both apps, said it had “longstanding policies against content and conduct involving harassment, discrimination, and inciting violence.

“We suspended a user account following the investigation of reports of such activity, all of which violate our policies.”

Misconception

Advances in technology have heightened risks for women across the world, be it trolling or doxxing with their personal details revealed, surveillance cameras, location tracking, or deepfake pornographic videos featuring doctored images.

Deepfakes – or artificial, intelligence-generated, synthetic media – are used to create porn, with apps that let users strip clothes off women or swap their faces into explicit videos.

Digital abuse of women is pervasive because “everybody has a device and a digital presence,” said Adam Dodge, chief executive of EndTAB, a U.S.-based nonprofit tackling tech-enabled abuse.

“The violence has become easier to perpetrate, as you can get at somebody anywhere in the world. The order of magnitude of harm is also greater because you can upload something and show it to the world in a matter of seconds,” he said.

“And there is a permanency to it because that photo or video exists forever online,” he added.

The emotional and psychological impact of such abuse is “just as excruciating” as physical abuse, with the effects compounded by the virality, public nature, and permanence of the content online, said Noelle Martin, an Australian activist.

At 17, Martin discovered her image had been photoshopped into pornographic images and distributed. Her campaign against image-based abuse helped change the law in Australia.

But victims struggle to be heard, she said.

“There is a dangerous misconception that the harms of technology-facilitated abuse are not as real, serious, or potentially lethal as abuse with a physical element,” she said.

“For victims, this misconception makes speaking out, seeking support, and accessing justice much more difficult.”

Persecution

Tracking lone creators and rogue coders is hard, and technology platforms tend to shield anonymous users who can easily create a fake email or social media profile.

Even lawmakers are not spared: in November, the U.S. House of Representatives censured Republican Paul Gosar over a photoshopped anime video that showed him killing Democrat Alexandra Ocasio-Cortez. He then retweeted the video.

“With any new technology we should immediately be thinking about how and when it will be misused and weaponized to harm girls and women online,” said Dodge.

“Technology platforms have created a very imbalanced atmosphere for victims of online abuse, and the traditional ways of seeking help when we are harmed in the physical world are not as available when the abuse occurs online,” he said .

Some technology firms are taking action.

Following reports that its AirTags – locator devices that can be attached to keys and wallets – were being used to track women, Apple launched an app to help users shield their privacy.

In India, the women on the auction apps are still shaken.

Ismat Ara, a journalist showcased on Bulli Bai, called it “nothing short of online harassment.”

It was “violent, threatening and intending to create a feeling of fear and shame in my mind, as well as in the minds of women in general and the Muslim community,” Ara said in a police complaint that she posted on social media.

Arfa Khanum Sherwani, also featured for sale, wrote on Twitter: “The auction may be fake but the persecution is real.”
…

President Joe Biden touted an agreement Tuesday between wireless carriers and U.S. regulators to allow the deployment of 5G wireless technology in two weeks.

AT&T and Verizon said Monday they would delay activating the new service for two weeks following a request by Transportation Secretary Pete Buttigieg. He cited airline industry concerns that the technology’s rollout could interfere with sensitive electronic systems on aircraft and disrupt thousands of daily flights.

The telecommunications giants’ announcement came one day after they maintained they would not postpone the introduction of the service. But they agreed to the delay amid pressure from the White House and aviation unions, and concerns expressed by the U.S. Federal Aviation Administration.

Biden said in a statement Tuesday the “agreement ensures that there will be no disruptions to air operations over the next two weeks and puts us on track to substantially reduce disruptions to air operations when AT&T and Verizon launch 5G on January 19th.”

In an email Tuesday to employees, Verizon Chief Executive Hans Vestberg said the company saw no aviation safety issue with 5G, but added the FAA “intended to disrupt an already difficult time for air travel if we move ahead with our planned activation… We felt that it was the right thing to do for the flying public, which includes our customers and all of us, to give the FAA a little time to work out its issues with the aviation community.”

Buttigieg and FAA Administrator chief Steve Dickson said in a letter sent Monday to AT&T and Verizon that the agencies would not seek any further delays beyond January 19 if there are not any “unforeseen aviation safety issues,” according to Reuters.

The letter also reportedly said the agreement “will give us additional time and space to reduce the impacts to commercial flights.”

Some information in this report came from The Associated Press and Reuters.
…

Rangers protecting threatened wildlife in Cambodia are using artificial intelligence to predict poachers’ next moves. Matt Dibble reports.
…

It’s a chaotic time for the Consumer Electronics Show 2022, the world’s largest technology event. Last-minute COVID-19-related cancellations have wreaked havoc on the organizers’ plans to host exhibitors and welcome visitors in person in Las Vegas and online. But as VOA’s JulieTaboh reports, the show will go on.
…

Twitter on Sunday banned the personal account of Rep. Marjorie Taylor Greene for multiple violations of its COVID-19 misinformation policy, according to a statement from the company. 

The Georgia Republican’s account was permanently suspended under the “strike” system Twitter launched in March, which uses artificial intelligence to identify posts about the coronavirus that are misleading enough to cause harm to people. Two or three strikes earn a 12-hour account lock; four strikes prompt a weeklong suspension, and five or more strikes can get someone permanently removed from Twitter. 

In a statement on the messaging app Telegram, Greene blasted Twitter’s move as un-American. She wrote that her account was suspended after tweeting statistics from the Vaccine Adverse Event Reporting System, a government database which includes unverified raw data. 

“Twitter is an enemy to America and can’t handle the truth,” Greene said. “That’s fine, I’ll show America we don’t need them and it’s time to defeat our enemies.” 

Twitter had previously suspended the account for periods ranging from 12 hours to a full week. 

The ban applies to Greene’s personal account, @mtgreenee, but does not affect her official Twitter account, @RepMTG. 

A Greene tweet posted shortly before her weeklong suspension in July claimed that the virus “is not dangerous for non-obese people and those under 65.” According to the U.S. Centers for Disease Control and Prevention, people under 65 account for nearly 250,000 of the U.S. deaths involving COVID-19. 

Greene previously blasted a weeklong suspension as a “Communist-style attack on free speech.” 
…

Looking west from Hazel Mountain, Brad Kreps can see forested hills stretching to the Tennessee border and beyond, but it is the flat, denuded area in front of him he finds exciting.

Surface coal mining ended on this site several years ago. But with a clean-up underway, it is now being prepared for a new chapter in the region’s longstanding role as a major energy producer – this time from a renewable source: the sun.

While using former mining land to generate solar energy has long been discussed, this and five related sites are among the first projects to move forward in the coalfields of the central Appalachian Mountains, as well as nationally.

Backers say the projects could help make waste land productive and boost economic fortunes in the local area, part of a 250,000-acre (101,171-hectare) land purchase by The Nature Conservancy (TNC) in 2019, one of its largest such acquisitions.

“There’s very little activity going on this land, so if we can bring in a new use like solar, we can bring tax revenue into these counties that are really trying to diversify their economies,” said Kreps, a TNC program director.

Besides creating a new source of green energy, the project offers a model for solar development that does not impinge on forests or farmland, he said.

TNC, a U.S.-based environmental nonprofit, has identified six initial sites for solar plants in the area and is now moving forward with projects on parcels covering about 1,700 acres.

The two companies that have bid to do the work – solar developer Sun Tribe and major utility Dominion Energy – estimate the projects could produce around 120 megawatts (MW) of electricity, potentially enough to power 30,000 homes.

Construction is expected to start in two or three years after pre-development work and permitting are completed.

“This is a ground-breaking model,” said Emil Avram, Dominion’s vice president of business development for renewables in Virginia.

Dominion believes it is the largest utility-scale renewable energy initiative to be developed on former coal mining land, and could be replicated elsewhere, Avram added.

Renewables targets

The U.S. government formally began looking at putting renewable energy installations on disturbed land – including mines, but also contaminated sites and landfills – in 2008.

Since then, the RE-Powering America’s Land program has mapped over 100,000 potential sites covering more than 44 million acres, and helped establish 417 installations producing 1.8 gigawatts (GW) of electricity, according to March data.

A toxic landfill site in New Jersey, for instance, now hosts a 6.5-MW solar installation, while a former steel mill in New York has been turned into a wind farm with capacity of 35 MW.

Yet on mine land, the work has so far been mostly limited to doing inventories and providing technical assistance, resulting in fewer than a half-dozen projects, said Nels Johnson, TNC’s North America director for energy.

That has stunted solar developers’ interest in mine land, he said – a knowledge gap he hopes the new projects can help fill, particularly amid a surging focus on meeting clean energy goals.

“After five to 10 years of almost nobody paying attention to this, there’s an awakening starting to take place,” he said. “As more and more states pass renewable energy commitments, it’s kind of a situation of the dog catching the car.”

Virginia, for instance, has a 2020 clean energy bill that, among other things, pushes for Dominion Energy’s electricity in the state to be carbon-free by 2045.

There are about 100,000 acres affected by coal mining in southwest Virginia alone, said Daniel Kestner, who manages the Innovative Reclamation Program for the state’s energy department.

“Reusing land like former coal mines makes a lot of sense instead of looking at prime farmland … or lands near populated areas where there may be conflict,” he said.

Kestner’s team is now exploring renewable energy development as an approved option for required post-mining reclamation work.

‘LIFE AFTER COAL’

Appalachia had harbored a deep-rooted skepticism toward renewable energy, said Adam Wells, regional director of community and economic development with Appalachian Voices, a nonprofit that works in former coal communities.

But recent years have seen a turnaround, he noted, with the recognition that the coal industry – the region’s longstanding main economic driver – will not return to its former strength.

Across the country, the number of coal mines dropped by 62% from 2008 to 2020, based on U.S. government figures, translating into a loss of 100,000 jobs since the mid-1980s, according to the Environmental Defense Fund.

Starting around 2015, Wells said, “it became necessary to talk about what life after coal looks like in Appalachia. And so, as a result, it became safe to talk about solar.”

While the number of jobs from utility-scale solar development does not compare to coal-industry jobs, he said, it could still be significant.

“It does generate notable and meaningful tax revenues for localities at a time of declining revenues from coal,” he added.

For now, communities are watching the shift with a “wait-and-see” attitude, he said.

Dominion Energy’s 50-MW project is the largest of the six local solar initiatives now underway.

While Dominion does not have job and tax revenue estimates for that project, it noted in a recent regulatory filing that 15 newly proposed solar projects across Virginia would generate more than $880 million in economic benefits and support almost 4,200 jobs associated with construction.

The company is under major pressure to increase solar production and is planning for an additional 16,000 MW by 2035, executive Avram said, requiring new capacity of about 1,000 MW annually through that date.

“That will require a fair amount of land – a thousand acres per project, roughly,” he said.

While the initial mine-land project in southwestern Virginia is relatively small, he said, it is an important “stepping stone” in learning how to work on previously disturbed sites.

TNC’s Kreps sees much more opportunity, literally on the horizon.

“There’s hundreds of thousands of acres like this across the region – and in many cases, right now they aren’t creating a lot of economic value,” he said.

His organization, he added, aims to demonstrate “that we can manage these lands for nature outcomes and people outcomes.” 
…

U.S. authorities have asked telecom operators AT&T and Verizon to delay for up to two weeks their already postponed rollout of 5G networks amid uncertainty about interference with vital flight safety equipment.

The U.S. rollout of the high-speed mobile broadband technology had been set for December 5, but was delayed to January 5 after aerospace giants Airbus and Boeing raised concerns about potential interference with the devices used by planes to measure altitude.

U.S. Transportation Secretary Pete Buttigieg and the head of the Federal Aviation Administration, Steve Dickson, asked for the latest delay in a letter sent Friday to AT&T and Verizon, two of the country’s biggest telecom operators.

The U.S. letter asked the companies to “continue to pause introducing commercial C-Band service” — the frequency range used for 5G — “for an additional short period of no more than two weeks beyond the currently scheduled deployment date of January 5.”

The companies did not immediately respond to a request for comment.

The U.S. officials’ letter assures the companies that 5G service will be able to begin “as planned in January with certain exceptions around priority airports.”

The officials say their priority has been “to protect flight safety, while ensuring that 5G deployment and aviation operations can co-exist.”

Last February, Verizon and AT&T were authorized to start using 3.7-3.8 GHz frequency bands on December 5, after obtaining licenses worth tens of billions of dollars.

But when Airbus and Boeing raised their concerns about possible interference with airplanes’ radio altimeters, which can operate in the same frequencies, the launch date was pushed back to January. 

The FAA requested further information about the instruments, and it issued directives limiting the use of altimeters in certain situations, which sparked airline fears over the potential costs.

When Verizon and AT&T wrote to federal authorities in November to confirm their intention to start deploying 5G in January, they said they would take extra precautions beyond those required by U.S. law until July 2022 while the FAA completes its investigation.

The conflict between 5G networks and aircraft equipment led French authorities to recommend switching off mobile phones with 5G on planes in February.

France’s civil aviation authority said interference from a signal on a nearby frequency to the radio altimeter could cause “critical” errors during landing. 
…

U.S. Transportation Secretary Pete Buttigieg and the head of the Federal Aviation Administration (FAA) on Friday asked AT&T and Verizon Communications to delay the planned Jan. 5 introduction of new 5G wireless service over aviation safety concerns.

In a letter Friday seen by Reuters, Buttigieg and FAA Administrator Steve Dickson asked AT&T Chief Executive John Stankey and Verizon Chief Executive Hans Vestberg for a delay of no more than two weeks as part of a “proposal as a near-term solution for advancing the co-existence of 5G deployment in the C-Band and safe flight operations.”

The aviation industry and FAA have raised concerns about potential interference of 5G with sensitive aircraft electronics like radio altimeters that could disrupt flights.

“We ask that your companies continue to pause introducing commercial C-Band service for an additional short period of no more than two weeks beyond the currently scheduled deployment date of January 5,” the letter says.

Verizon and AT&T both said they received the letter and were reviewing it. Earlier Friday the two companies accused the aerospace industry of seeking to hold C-Band spectrum deployment “hostage until the wireless industry agrees to cover the costs of upgrading any obsolete altimeters.”

Buttigieg and Dickson said under the framework “commercial C-band service would begin as planned in January with certain exceptions around priority airports.”

The FAA and the aviation industry would identify priority airports “where a buffer zone would permit aviation operations to continue safely while the FAA completes its assessments of the interference potential.”

The government would work to identify “mitigations for all priority airports” to enable most “large commercial aircraft to operate safely in all conditions.” That would allow deployment around “priority airports on a rolling basis,” aiming to ensure activation by March 31 barring unforeseen issues.

The carriers, which won the spectrum in an $80 billion government auction, previously agreed to precautionary measures for six months to limit interference.

On Thursday, trade group Airlines for America asked the Federal Communications Commission (FCC) to halt deployment of new 5G wireless service around many airports, warning thousands of flights could be disrupted.

Sara Nelson, president of the Association of Flight Attendants-CWA, representing 50,000 flight attendants at 17 airlines, called the Transportation Department proposal “the right move to successfully implement 5G without using the traveling public (and the crews on their flights) as guinea pigs for two systems that need to coexist without questions for safety.”

Wireless industry group CTIA said 5G is safe and spectrum is being used in about 40 other countries.

House Transportation Committee chair Peter DeFazio on Friday backed the airline group petition warning “we can’t afford to experiment with aviation safety.” 
…

This year’s Consumer Electronics Show will end a day earlier than planned, the organizer of the global technology and gadget show said, after companies including Amazon and General Motors dropped out of attending the Las Vegas event in person because of omicron concerns. 

“The step was taken as an additional safety measure to the current health protocols that have been put in place for CES,” event organizer Consumer Technology Association said on Friday, announcing the event will now end on January 7. 

The spread of the omicron variant has led to a sharp jump in COVID-19 infections across the world, making many reconsider their travel plans and leading to thousands of flight cancellations. 

The number of new COVID-19 cases in the U.S. has doubled in eight days to a record of 587,143 new cases on Thursday, according to a Reuters tally. 

As worries over the new variant loom, many companies have withdrawn from presenting in-person at the event, planned both virtually and in-person, that begins on January 5 with more than 2,200 exhibitors. 

Over the last few days, a host of firms including Advanced Micro Devices, Proctor & Gamble, Google, and Facebook parent Meta Platforms have also dropped their in-person plans. 

Sony Group’s Sony Electronics has said it will have limited staffing and attendees at the event. 

All attendees in Las Vegas will be required to be fully vaccinated and masked. COVID-19 test kits will also be provided at the venue, according to CTA’s statement. 

 
…

Iran has used a satellite launch rocket to send three research devices into space, a Defense Ministry spokesman said on Thursday, as indirect U.S.-Iran talks take place in Austria to try to salvage a 2015 nuclear deal. 

He did not clarify whether the devices had reached orbit. 

Iran, which has one of the biggest missile programs in the Middle East, has suffered several failed satellite launches in the past few years due to technical issues. 

Spokesman Ahmad Hosseini said the Simorgh satellite carrier rocket, whose name translates as “Phoenix”, had launched the three research devices at an altitude of 470 kilometers (290 miles). He did not give further details. 

“The intended research objectives of this launch were achieved,” Hosseini said, in comments broadcast on state television. “This was done as a preliminary launch … God willing, we will have an operational launch soon.” 

Iranian state television showed footage of what it said was the firing of the launch vehicle. 

Thursday’s reported space launch comes as Tehran and Washington hold indirect talks in Vienna in an attempt to salvage a nuclear accord that Iran reached with world powers and that former U.S. president Donald Trump abandoned in 2018. 

The United States imposed sanctions on Iran’s civilian space agency and two research organizations in 2019, claiming they were being used to advance Tehran’s ballistic missile program. 

Tehran denies such activity is a cover for ballistic missile development. 

Iran launched its first satellite Omid (Hope) in 2009 and its Rasad (Observation) satellite was also sent into orbit in June 2011. Tehran said in 2012 that it had successfully put its third domestically-made satellite, Navid (Promise), into orbit. 

In April 2020, Iran said it successfully launched the country’s first military satellite into orbit, following repeated failed launch attempts in the previous months. 
…

For U.S. social media companies, the violent mob storming the U.S. Capitol on January 6 last year spurred action. They shut down then-President Donald Trump’s accounts. One year later, are Facebook, Twitter and YouTube any better prepared to face similar situations in the U.S. or in other countries? Michelle Quinn reports.

Camera: Deana Mitchell Produced by: Matt Dibble
…

2021 was a historic year for all-things space … from the success of private spaceflight companies to robots exploring Mars in a road trip for the ages. VOA’s Arash Arabasadi beams us through the Year in Space.
…

The White Fox restaurant in Mosul, Iraq, isn’t known for its comfortable atmosphere or its great food and drinks. It’s known for its servers. VOA’s Kawa Omar filed this report, narrated by Rikar Hussein.

Producer and camera: Kawa Omar.
…

“White-knuckle” — That’s how Rusty Whitman describes the month ahead, after the launch of the historic James Webb Space Telescope, now tentatively set for Saturday. 

From a secure control room in Baltimore, Maryland, Whitman and his colleagues will hold their breath as Webb comes online. But that’s just the beginning. 

For the first six months after Webb’s launch, Whitman and the team at the Space Telescope Science Institute will monitor the observatory around the clock, making tiny adjustments to ensure it is perfectly calibrated for astronomers across the world to explore the universe.

The most crucial moments will come at the beginning of the mission: the telescope must be placed on a precise trajectory, while at the same time unfurling its massive mirror and even larger sun-shade — a perilous choreography.   

“At the end of 30 days, I will be able to breathe a sigh of relief if we’re on schedule,” said Whitman, flight operations system engineering manager. 

He leads the team of technicians who set up Webb’s control room — a high-tech hub with dozens of screens to monitor and control the spacecraft. 

In the first row, one person alone will have the power to send commands to the $10 billion machine, which will eventually settle into an orbit over 1.5 million kilometers away. 

In other stations, engineers will monitor specific systems for any anomalies. 

After launch, Webb’s operations are largely automated, but the team in Baltimore must be ready to handle any unexpected issues.   

Luckily, they have had lots of practice. 

Over the course of a dozen simulations, the engineers practiced quickly diagnosing and correcting malfunctions thought up by the team, as well as experts flown in from Europe and California.   

During one of those tests, the power in the building cut out. 

“It was totally unexpected,” said Whitman. “The people who didn’t know — they thought it was part of the plan.” 

Fortunately, the team had already prepared for such an event: a back-up generator quickly restored power to the control room.   

Even with the practice, Whitman is still worried about what could go wrong: “I’m nervous about the possibility that we forgot something. I’m always trying to think ‘what did we forget?”

In addition to its job of keeping Webb up and running, the Space Telescope Science Institute — based out of the prestigious Johns Hopkins University — manages who gets to use the pricey science tool. 

While the telescope will operate practically 24/7, that only leaves 8,760 hours a year to divvy up among the scientists clamoring for their shot at a ground-breaking discovery. 

Black holes, exoplanets, star clusters — how to decide which exciting experiment gets priority? 

By the end of 2020, researchers from around the world submitted over 1,200 proposals, of which 400 were eventually chosen for the first year of operation. 

Hundreds of independent specialists met over two weeks in early 2021 — online due to the pandemic — to debate the proposals and pare down the list. 

The proposals were anonymized, a practice the Space Telescope Science Institute first put in place for another project it manages, the Hubble Telescope. As a result, many more projects by women and early-career scientists were chosen. 

“These are exactly the kind of people we want to use the observatory, because these are new ideas,” explained Klaus Pontoppidan, the science lead for Webb.   

The time each project requires for observations varies in length, some needing only a few hours and the longest needing about 200.   

What will be the first images revealed to the public? “I can’t say,” said Pontoppidan, “that is meant to be a surprise.” 

The early release of images and data will quickly allow scientists to understand the telescope’s capacities and set up systems that work in lock step.    

“We want them to be able to do their science with it quickly,” Pontoppidan explained. “Then they can come back and say ‘hey – we need to do more observations based on the data we already have.'” 

Pontoppidan, himself an astronomer, believes Webb will lead to many discoveries “far beyond what we’ve seen before.”  

“I’m most excited about the things that we are not predicting right now,” he said. 

Before the Hubble launched, no exoplanets — planets that orbit stars outside our solar system — had been discovered. Scientists have since found thousands. 
…

U.S. chipmaker Intel is facing criticism in China after it apologized Thursday for a letter the firm sent to suppliers asking them “to ensure that its supply chain does not use any labor or source goods or services from the Xinjiang region.”

On Thursday, Intel posted a Chinese-language message on its WeChat and Weibo accounts apologizing for “trouble caused to our respected Chinese customers, partners and the public. Intel is committed to becoming a trusted technology partner and accelerating joint development with China.”

Intel’s apology came as U.S. President Joe Biden signed the Uyghur Forced Labor Prevention Act, which bans the import of goods produced by Uyghur slave labor. Under the measure, a company is prohibited from importing from China’s Xinjiang region unless it can prove that its supply chains have not used labor from Uyghurs, ethnic Muslims reportedly enslaved in Chinese camps.

Beijing denies complaints of abuses in the mostly Muslim region.

Intel is just the latest multinational firm to be caught up in the struggle over the Uyghurs issue as China prepares to host the Winter Olympics in February. Intel is among the International Olympic Committee sponsors. According to Reuters, 26% of Intel’s 2020 total revenue was earned in China.

Earlier this month, Intel’s letter to suppliers asking them to be sure not to use labor, products or services from Xinjiang cited restrictions imposed by “multiple governments.”

That sparked a backlash in China, with calls for a boycott and criticism of the company in state and social media. Global Times, a Chinese state-run newspaper, called Intel’s request to suppliers “arrogant and vicious,” according to reports.

Wang Junkai, also known as Karry Wang, a singer with the popular boy band TFBOYS, said on Weibo on Wednesday that he would not serve as an Intel brand ambassador. “National interests exceed everything,” he said, according to wire service reports.

Chinese officials acknowledged Intel’s apology.

China’s Foreign Ministry spokesperson said at a daily briefing in Beijing that “we note the statement and hope the relevant company will respect facts and tell right from wrong,” according to Reuters.

The White House also appeared to note the company’s apology.

Without naming Intel, Jen Psaki, the White House press secretary, said at a briefing Thursday that U.S. companies “should never feel the need to apologize for standing up for fundamental human rights or opposing repression,” according to reports.

Some information for this report came from The Associated Press and Reuters. 

 
…

Polish Senator Krzysztof Brejza’s mobile phone was hacked with sophisticated spyware nearly three dozen times in 2019 when he was running the opposition’s campaign against the right-wing populist government in parliamentary elections, an internet watchdog found.

Text messages stolen from Brejza’s phone — then doctored in a smear campaign — were aired by state-controlled TV in the heat of that race, which the ruling party narrowly won. With the hacking revelation, Brejza now questions whether the election was fair. 

It’s the third finding by the University of Toronto’s nonprofit Citizen Lab that a Polish opposition figure was hacked with Pegasus spyware from the Israeli hacking tools firm NSO Group. Brejza’s phone was digitally broken into 33 times from April 26, 2019, to October 23, 2019, said Citizen Lab researchers, who have been tracking government abuses of NSO malware for years. 

The other two hacks were identified earlier this week after a joint Citizen Lab-Associated Press investigation. All three victims blame Poland’s government, which has refused to confirm or deny whether it ordered the hacks or is a client of NSO Group. State security services spokesman Stanislaw Zaryn insisted Thursday that the government does not wiretap illegally and obtains court orders in “justified cases.” He said any suggestions the Polish government surveils for political ends were false. 

NSO, which was blacklisted by the U.S. government last month, says it sells its spyware only to legitimate government law enforcement and intelligence agencies vetted by Israel’s Defense Ministry for use against terrorists and criminals. It does not name its clients and would not say if Poland is among them.

Citizen Lab said it believes NSO keeps logs of intrusions so an investigation could determine who was behind the Polish hacks.

EU response 

In response to the revelations, European Union lawmakers said they would hasten efforts to investigate allegations that member nations such as Poland have abused Pegasus spyware.

The other two Polish victims are Ewa Wrzosek, an outspoken prosecutor fighting the increasingly hardline government’s undermining of judicial independence, and Roman Giertych, a lawyer who has represented senior leaders of Brejza’s party, Civic Platform, in sensitive cases. 

Prime Minister Mateusz Morawiecki on Wednesday dismissed revelations that Giertych and Wrzosek were hacked as “fake news.” Justice Minister Zbigniew Ziobro said he had no knowledge of “illegal actions aimed at the surveillance of citizens” but also said Poland was “not helpless” in taking action against people suspected of crimes. 

Giertych was hacked 18 times, also in the run-up to 2019 parliamentary elections that the ruling Law and Justice party won by a razor-thin margin. That victory has continued an erosion of democracy in the nation where the popular 1980s protest movement Solidarity presaged the eventual collapse of the Soviet empire. 

The intense tempo of the hacks of Brejza and Giertych “indicates an extreme level of monitoring” that raises pressing questions about abuses of power, Citizen Lab senior researcher John Scott-Railton said. Pegasus gives its operators complete access to a mobile device: They can extract passwords, photos, messages, contacts and browsing history, and activate the microphone and camera for real-time eavesdropping. 

“My heart sinks with each case we find,” Scott-Railton added. “This seems to be confirming our worst fear: Even when used in a democracy, this kind of spyware has an almost immutable abuse potential.”

Other confirmed victims have included Mexican and Saudi journalists, British attorneys, Palestinian human rights activists, heads of state and Uganda-based U.S. diplomats. 

An NSO spokesperson said Thursday that “the company does not and cannot know who the targets of its customers are, yet implements measures to ensure that these systems are used solely for the authorized uses.” The spokesperson said there is zero tolerance for governments that abuse the software; NSO says it has terminated multiple contracts of governments that have abused Pegasus, although it has not named any publicly. 

Despite any measures NSO might be taking, Citizen Lab notes, the list of abuse cases continues to grow. 

Doctored texts

Brejza, a 38-year-old attorney, told the AP that he has no doubt data stolen from his phone while he was chief of staff of the opposition coalition’s parliamentary campaign provided critical strategy insights. Combined with the smear effort against him, he said, it prevented “a fair electoral process.”

Text messages stolen from Brejza’s phone were doctored to make it appear as if he created an online group that spread hateful anti-government propaganda; reports in state-controlled media cited the altered texts. But the group didn’t exist. 

Brejza says he now understands where TVP state television got them. 

“This operation wrecked the work of staff and destabilized my campaign,” he said. “I don’t know how many votes it took from me and the entire coalition.” 

Brejza won his Senate seat in that October 2019 race. But since the ruling party held on to the more powerful lower house of parliament, it has steered Poland further away from EU standards of liberal democracy. 

Election monitors from the Organization for Security and Cooperation in Europe said at the time that control of state media gave the ruling party an unfair advantage but called the elections essentially free. They were unaware of the hacking. 

Brejza has been a Law and Justice party critic since it won power in 2015. For example, he has exposed large bonuses paid to senior government officials. In another case, he revealed that the postal service sent tens of thousands of dollars to a company tied to ruling party leader Jaroslaw Kaczynski. Brejza fears the hacking could have compromised whistleblowers who had reached out to him with evidence. 

NSO Group is facing daunting financial and legal challenges — including the threat of default on more than $300 million in debt — after governments used Pegasus spyware to spy on dissidents, journalists, diplomats and human rights activists from countries including Saudi Arabia, the United Arab Emirates, Mexico and the United States. The U.S. blacklisting of NSO has effectively barred U.S. companies from supplying technology to the Israeli firm.
…

Under pressure from U.S. auto safety regulators, Tesla has agreed to stop allowing video games to be played on center touch screens while its vehicles are moving. 

The National Highway Traffic Safety Administration says the company will send out a software update over the Internet so the function called “Passenger Play” will be locked and won’t work while vehicles are in motion. 

The move comes one day after the agency announced it would open a formal investigation into distracted driving concerns about Tesla’s video games, some of which could be played while cars are being driven. 

An agency spokeswoman says in a statement Thursday that the change came after regulators discussed concerns about the system with Tesla.

The statement says NHTSA regularly talks about infotainment screens with all automakers. A message was left Thursday seeking comment from Tesla, which has disbanded its media relations department. 

The agency says its investigation of Tesla’s feature will continue even with the update. 

“The Vehicle Safety Act prohibits manufacturers from selling vehicles with defects posing unreasonable risks to safety, including technologies that distract drivers from driving safely,” NHTSA’s statement said. The agency said it assesses how manufacturers identify and guard against distraction hazards through misuse or intended use of screens and other convenience technology. 

The agency announced Wednesday that it would formally investigate Tesla’s screens after an owner from the Portland, Oregon, area filed a complaint when he discovered that a driver could play games while the cars are moving. 

The agency said that the “Passenger Play” feature could distract the driver and increase the risk of a crash. 

The probe covers about 580,000 Tesla Models S, X, Y and 3 from the 2017 through 2022 model years. 
…

The U.S. Securities and Exchange Commission has declined an effort by Apple Inc. to skip a shareholder proposal asking the iPhone maker to provide greater transparency in its efforts to keep forced labor out of its supply chain. 

A group of shareholders earlier this year asked Apple’s board to prepare a report on how the company protects workers in its supply chain from forced labor. The request for information covered the extent to which Apple has identified suppliers and sub-suppliers that are a risk for forced labor, and how many suppliers Apple has taken action against. 

In a letter from the SEC reviewed by Reuters on Wednesday, regulators denied Apple’s move to block the proposal, saying that “it does not appear that the essential objectives of the proposal have been implemented” so far. 

The letter means that Apple will have to face a vote on the proposal at its annual shareholder meeting next year, barring a deal with the shareholders who made it. 

Apple did not immediately respond to a request for comment. 

American lawmakers last week passed a bill banning imports from China’s Xinjiang region over concerns about forced labor. 

“There’s rightfully growing concern at all levels of government about the concentration camplike conditions for Uyghurs and other Turkic Muslims living under Chinese government rule,” Vicky Wyatt, campaign director for SumOfUs, a group supporting the shareholder proposal, said in a statement on Wednesday. 

Apple routinely asks the SEC to skip shareholder proposals, and the requests are granted about half the time. 

The SEC also denied Apple’s request to skip a shareholder proposal that would give investors more information about the company’s use of nondisclosure agreements.
…

New York’s largest convention center hosts about 175 events each year that draw hundreds of thousands of people to the city. To help offset the environmental impact, the owners have installed an urban farm and solar farm…on the building’s roof. Tina Trinh reports.
…

In the months since President Joe Biden warned Russia’s Vladimir Putin that he needed to crack down on ransomware gangs in his country, there hasn’t been a massive attack like the one last May that resulted in gasoline shortages. But that’s small comfort to Ken Trzaska.

Trzaska is president of Lewis & Clark Community College, a small Illinois school that canceled classes for days after a ransomware attack last month that knocked critical computer systems offline.

“That first day,” Trzaska said, “I think all of us were probably up 20-plus hours, just moving through the process, trying to get our arms around what happened.”

Even if the United States isn’t currently enduring large-scale, front-page ransomware attacks on par with ones earlier this year that targeted the global meat supply or kept millions of Americans from filling their gas tanks, the problem hasn’t disappeared. In fact, the attack on Trzaska’s college was part of a barrage of lower-profile episodes that have upended the businesses, governments, schools and hospitals that were hit.

The college’s ordeal reflects the challenges the Biden administration faces in stamping out the threat — and its uneven progress in doing so since ransomware became an urgent national security problem last spring.

Smaller-scale attacks continue

U.S. officials have recaptured some ransom payments, cracked down on abuses of cryptocurrency, and made some arrests. Spy agencies have launched attacks against ransomware groups and the U.S. has pushed federal, state and local governments, as well as private industries, to boost protections.

Yet six months after Biden’s admonitions to Putin, it’s hard to tell whether hackers have eased up because of U.S. pressure. Smaller-scale attacks continue, with ransomware criminals continuing to operate from Russia with seeming impunity. Administration officials have given conflicting assessments about whether Russia’s behavior has changed since last summer. Further complicating matters, ransomware is no longer at the top of the U.S.-Russia agenda, with Washington focused on dissuading Putin from invading Ukraine.

The White House said it was determined to “fight all ransomware” through its various tools but that the government’s response depends on the severity of the attack.

“There are some that are law enforcement matters and others that are high impact, disruptive ransomware activity posing a direct national security threat that require other measures,” the White House statement said.

Ransomware attacks — in which hackers lock up victims’ data and demand exorbitant sums to return it — surfaced as a national security emergency for the administration after a May attack on Colonial Pipeline, which supplies nearly half the fuel consumed on the East Coast.

The attack prompted the company to halt operations, causing gas shortages for days, though it resumed service after paying more than $4 million in ransom. Soon after came an attack on meat processor JBS, which paid an $11 million ransom.

Biden met with Putin in June in Geneva, where he suggested critical infrastructure sectors should be “off limits” for ransomware and said the U.S. should know in six months to a year “whether we have a cybersecurity arrangement that begins to bring some order.”

He reiterated the message in July, days after a major attack on a software company, Kaseya, that affected hundreds of businesses, and said he expected Russia to take action on cybercriminals when the U.S. provides enough information to do so.

Since then, there have been some notable attacks from groups believed to be based in Russia, including against Sinclair Broadcast Group and the National Rifle Association, but none of the same consequence or impact of those from last spring or summer.

‘Whole-of government’ effort

One reason may be increased U.S. government scrutiny, or fear of it.

The Biden administration in September sanctioned a Russia-based virtual currency exchange that officials say helped ransomware gangs launder funds. Last month, the Justice Department unsealed charges against a suspected Ukrainian ransomware operator who was arrested in Poland and has recovered millions of dollars in ransom payments. Gen. Paul Nakasone, the head of U.S. Cyber Command, told The New York Times his agency has begun offensive operations against ransomware groups. The White House says that “whole-of-government” effort will continue.

“I think the ransomware folks, the ones conducting them, are stepping back like, ‘Hey, if we do that, that’s going to get the United States government coming after us offensively,'” Kevin Powers, security strategy adviser for cyber risk firm CyberSaint, said of attacks against critical infrastructure.

U.S. officials, meanwhile, have shared a small number of names of suspected ransomware operators with Russian officials, who have said they have started investigating, according to two people familiar with the matter who were not authorized to speak publicly.

It’s unclear what Russia will do with those names, though Kremlin spokesperson Dmitry Peskov insisted the countries have been having a useful dialogue and said “a working mechanism has been established and is actually functioning.”

It’s also hard to measure the impact of individual arrests on the overall threat. Even as the suspected ransomware hacker awaits extradition to the U.S. following his arrest in Poland, another who was indicted by federal prosecutors was later reported by a British tabloid to be living comfortably in Russia and driving luxury cars.

Some are skeptical about attributing any drop-off in high-profile attacks to U.S. efforts.

“It could have just been a fluke,” said Dmitri Alperovitch, former chief technology officer of the cybersecurity firm Crowdstrike. He said asking Russia to crack down on large-scale attacks won’t work because “it’s way too granular of a request to calibrate criminal activity they don’t even fully control.”

Top American officials have given conflicting answers about ransomware trends since Biden’s discussions with Putin. Some FBI and Justice Department officials say they’ve seen no change in Russian behavior. National Cyber Director Chris Inglis said there’s been a discernible decrease in attacks but that it was too soon to say why.

It’s hard to quantify the number of attacks given the lack of baseline information and uneven reporting from victims, though the absence of disruptive incidents is an important marker for a White House trying to focus its attention on the most significant national security risks and catastrophic breaches.

Victims of ransomware attacks in the past few months have included hospitals, small businesses, colleges like Howard University — which briefly took many of its systems offline after discovering a September attack — and Virginia’s Legislature.

Not if, but when

The attack at Lewis & Clark, in Godfrey, Illinois, was discovered two days before Thanksgiving when the school’s IT director detected suspicious activity and proactively took systems offline, said Trzaska, the president.

A ransom note from hackers demanded a payment, though Trzaska declined to reveal the sum or identify the culprits. Though many attacks come from hackers in Russia or Eastern Europe, some originate elsewhere.

With vital education systems affected, including email and the school’s online learning platform, administrators canceled classes for days after the Thanksgiving break and communicated updates to students via social media and through a public alert system.

The college, which had backups on the majority of its servers, resumed operations this month.

The ordeal was daunting enough to inspire Trzaska and another college president who he says endured a similar experience to plan a cybersecurity panel.

“The stock quote from everyone,” Trzaska said, “is, ‘Not if it’s going to happen, but when it’s going to happen.’” 
…

After internal Facebook documents were shared widely with news organizations, the question remains whether and how Facebook will change. Michelle Quinn reports.
…

China and Russia have begun collaborating on technology to rival the United States’ GPS and European Galileo satellite navigation systems, as the two countries pursue closer military and strategic ties.

Earlier this year, China agreed to host ground monitoring stations for Russia’s GLONASS positioning system on its soil, which improves global range and accuracy but can pose a security risk. In turn, Russia agreed to host ground stations for China’s BeiDou system.

The reciprocal agreement indicates a growing level of trust and cooperation between Moscow and Beijing, says analyst Alexander Gabuev, senior fellow and chair of the Russia in the Asia-Pacific Program at the Carnegie Moscow Center.

“Russia’s schism with the West and deepening confrontation and competition between China and the U.S. as two superpowers is definitely contributing to rapprochement between Moscow and Beijing. There is a natural economic complementarity where Russia has (an) abundance of natural resources, and China has capital and technology to develop those resources. And finally, both are authoritarian states, so they don’t have this allergy when talking domestic political setup, or the poisoning of (Russian opposition leader) Alexi Navalny, or issues like Hong Kong or human rights in Xinjiang,” Gabuev told VOA.

It will take some time for the collaboration on satellite navigation systems to be felt on the ground.

“So far, we have yet to see important results, because in Russia, Russia still relies increasingly on GLONASS but also on GPS. We don’t have major BeiDou-linked projects,” Gabuev added.

Satellites

Satellites are seen as a crucial component of 21st century military power. Last month, Russia tested a missile against one of its own satellites. The U.S. said the resulting debris threatened astronauts on the International Space Station.

“What’s most troubling about that is the danger that it creates for the international community. It undermines strategic stability,” U.S. Secretary of Defense Lloyd Austin told reporters Nov. 17.

Russia, China and the U.S. are among several nations developing hypersonic missiles, which travel through the upper atmosphere at up to five times the speed of sound.

Space treaty

Russian Foreign Minister Sergei Lavrov said the U.S. had failed to engage on a joint Russian-Chinese space treaty.

“They have ignored for many years the initiative of Russia and China to prepare a treaty to prevent an arms race in space. They simply ignore it, insisting instead on developing some sort of universal rules,” Lavrov said.

In an interview June 11 with U.S. broadcaster NBC, Russian President Vladimir Putin said cooperation with Beijing was deepening.

“We have been working and will continue to work with China, which applies to all kinds of programs, including exploring deep space. And I think there is nothing but positive information here. Frankly, I don’t see any contradictions here,” Putin said.

There are limits to Russian and Chinese cooperation, Gabuev said.

“Both Russia and China are religious about their strategic autonomy. There is deep-seated nationalism, there is some level of mistrust and some level of competition in many of those areas where there is seeming complementarity, like space programs. I think that these advances in military technology is happening mostly in parallel, but not jointly.”

India

Gabuev notes that Russia has worked more closely with India than China, including on the development of the joint BrahMos cruise missile system since the 1990s.

“Russia felt secure enough to develop BrahMos missiles together with Indian colleagues. So, this military cooperation between Russia and China is deepening, it’s definitely causing a significant challenge to the West, particularly because it helps the PLA (China’s People’s Liberation Army) to become a really 21st century fighting power and a global military power. But at the same time, we don’t see the depth that exists between, for example, the U.S. and America’s allies,” Gabuev said.

India has also purchased Russia’s S-400 missile defense system, an attempt to counter China’s military might that also risks angering Delhi’s ally, the United States, and an indication of the complexity of strategic relations in a changing world order. 

 
…

Airbus is set to deliver the final A380 superjumbo to Dubai’s Emirates on Thursday, marking the end of a 14-year run that gave Europe an instantly recognized symbol across the globe but failed to fulfil the commercial vision of its designers. 

Production of the world’s largest airliner — capable of seating 500 people on two decks together with perks like showers in first class — has ended after 272 were built compared with the 1,000 or more once predicted. 

Airbus, a planemaking conglomerate drawn together from separate entities in Britain, France, Germany and Spain to carry out their brainchild of mega-jets to beat congestion, pulled the plug in 2019 after airlines went for smaller, leaner models. 

Thursday’s handover is expected to be low key, partly because of COVID restrictions and also because Airbus is these days focusing its PR on environmental benefits of smaller jets. 

That’s in stark contrast to the spectacular light show that revealed the new behemoth in front of European leaders in 2005. 

Emirates is by far the largest buyer and still believes in the superjumbo’s ability to lure passengers. Even though no more A380s will be built, it will keep flying them for years. Many airlines disagree and have axed the A380 during the pandemic. 

Airline president Tim Clark refuses to bow to sceptics who say the days of spacious four-engined jets like the A380 are numbered as an airline seat becomes a commodity like any other. 

“I don’t share that view at all … And I still believe there is a place for the A380,” Clark recently told reporters. 

“Technocrats and accountants said it was not fit for purpose … That doesn’t resonate with our travelling public. They absolutely love that airplane,” he said. 

Shower talks

 The A380’s demise left deserted one of the world’s largest buildings, a 122,500-square-metre assembly plant in Toulouse. 

Airbus plans to use part of it to build some of the bread-and-butter narrowbody models that dominate sales like a deal with Qantas announced earlier on Thursday. 

But it is in Hamburg that some of the most striking features of the A380 evolved. 

Clark recalled how he huddled with Airbus developers in northern Germany to persuade Airbus chiefs in France to pay for the engineering needed to make in-flight showers a reality. 

“There was a lot of arm-folding and my friends in France were a little circumspect,” Clark said. 

“I had to sit with friends in the development unit in Hamburg having to build the showers, and then asked Toulouse management to see how it could be done, and so they bought in.” 

That innovation generated headlines but did not translate into sales needed to keep the A380 going. 

The plane was designed in the 1990s when travel demand was soaring and China offered seemingly unlimited potential. 

By the time the first delivery came in 2007, the plane was more than two years late. And when Emirates got its first A380 a year later, the emerging financial crisis was already forcing analysts to trim their forecasts for the biggest jets. 

Boeing was meanwhile capturing orders for a revolutionary new 787 Dreamliner, to be followed by the Airbus A350. 

“There was a slowing down of appetite and enthusiasm. We didn’t share that view; we put this great [A380] aircraft to work,” Clark said on the sidelines of an airlines meeting. 

“We have what I think is one of the most beautiful aircraft ever flown.” 
…