Proactive Computing | Optimizing IT for usability, performance and reliability since 1997

Category: #Trending (Page 1 of 9)

Auto Added by WPeMatico

Crypto lobbyists face defeat with House set to block tax rule changes

0930capitol.jpg

House Democrats on Tuesday were poised to block attempts to scale back digital currency tax rules tucked into President Joe Biden’s infrastructure plan, in a new setback for crypto industry advocates fighting the proposal.

The House Rules Committee, which drafts the terms of debate for bills headed to the floor, agreed to a process that would prohibit any amendments from being considered for the infrastructure bill. The full House was scheduled to vote to lock in the procedure Tuesday afternoon. The plan would also set up a floor vote on the infrastructure package by Sept. 27.

The House was set to close the door to infrastructure bill changes despite calls from Democrats and Republicans to pare back the cryptocurrency tax proposal that the Senate passed as part of the legislation earlier this month.

At issue in the fight are proposed requirements that would force cryptocurrency exchanges and other firms to report transaction information to the Internal Revenue Service, similar to rules in place for stock brokers. As drafted, industry lobbyists and sympathetic lawmakers say the plan threatens technological innovation and the viability of a growing sector of the U.S. economy.

Crypto industry groups are now considering other legislative vehicles to revise the policy, after being blindsided by its inclusion in the infrastructure bill. One possibility is Democrats’ $3.5 trillion budget package, said Michelle Bond, CEO of the Association for Digital Asset Markets.

“The industry’s biggest test will lie in efforts to forge positive relationships in Washington,” Bond said.

Source: https://www.politico.com/news/2021/08/24/crypto-lobbyists-house-tax-rule-infrastructure-506756
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Kellie Mejdrich

Library of Congress bomb suspect livestreamed on Facebook for hours before being blocked

210819-truck-capitol-ap-773.jpg

The man suspected of making a bomb threat near the Library of Congress livestreamed his anti-government remarks for hours before Facebook took down his account on Thursday afternoon.

The man broadcasted to the social network as he sat in his car surrounded by police in Washington, D.C. He said his car would “blow up” if security shot through his window.

Several hours after his threats began, Facebook spokesman Andy Stone said the company “removed the Facebook profile in question and are continuing to investigate.” At least one of the videos was taken down by nearly 1 p.m. after the suspect began livestreaming messages outside of the library at 9 a.m.

Clips from the suspect’s video circulated widely on social media throughout the morning, and after the stream itself was blocked. The man repeatedly said he was “trying to get Joe Biden on the phone” and said he was making the threat on behalf of the people in Afghanistan.

The man continued to livestream as Capitol Police and other law enforcement officials investigated his claim that he has an explosive device in his pickup truck, which he drove onto the sidewalk outside of the Library of Congress. His threats led to the evacuation of several congressional buildings.

Source: https://www.politico.com/news/2021/08/19/capitol-bomb-threat-facebook-livestream-506268
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Emily Birnbaum

Majority of Covid misinformation came from 12 people, report finds

5500.jpg?width=1200&height=630&quality=8

CCDH finds ‘disinformation dozen’ have combined following of 59 million people across multiple social media platforms

The vast majority of Covid-19 anti-vaccine misinformation and conspiracy theories originated from just 12 people, a report by the Center for Countering Digital Hate (CCDH) cited by the White House this week found.

Related: ‘They’re killing people’: Biden slams Facebook for Covid disinformation

Continue reading…

Source: https://www.theguardian.com/world/2021/jul/17/covid-misinformation-conspiracy-theories-ccdh-report
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Erum Salam

The newest MAGA app is tied to a Bannon-allied Chinese billionaire

200820-steve-bannon-gty-773.jpg

On Tuesday, Guo Wengui, an exiled Chinese billionaire who runs a Chinese-language media network with Trump adviser Steve Bannon, posted a video on his site GNEWS reminding viewers to back up their social media posts on GETTR.

“Today I have to post this video on our G-TV to inform everybody that everything is fine, because the GETTR platform is adjusting,” he said in Mandarin, according to an English translation posted on the site. “GETTR is not ours, so we should follow the instructions. Right? GETTR is cleaning up all the data and accounts. Afterwards, everybody has to re-register their accounts.”

The site was then wiped.

Two days later, Donald Trump’s former adviser Jason Miller announced that GETTR — a Chinese-language site for dissidents opposing the Chinese Communist Party — would soon launch as a pro-MAGA free-speech social media platform.

201109-jason-miller-gty-773.jpg

GETTR was announced as a brand new social media platform for Trump’s fans, a social media outpost where MAGA types could post freely and, through the mere act of signing up, stick it to Big Tech. It was billed as the logical extension of the former president’s monthslong battle with the major social media companies, two of which had booted him in the aftermath of the Capitol riots on Jan. 6. And though Trump himself had not committed to being on it, it seemed like the type of place where he inevitably would end up after having launched a failed professional blog of his own.

There was one major question: Just where did GETTR come from?

A POLITICO review reveals that prior to it being revealed on Thursday, GETTR had existed for nearly a year as a Chinese-language social media network linked to Guo and G-TV Media, and on which anti-CCP content had been promoted on a regular basis.

Miller told The Daily Beast, which first reported the connection, that Guo’s “family foundation” provided GETTR with early funding. In a separate interview with POLITICO, Miller said that Guo had “no formal role,” had not “contributed any money” and was “not part of the business day to day.” Miller added that “his family foundation is part of the international consortium of investors who gave seed money.”

Previous advertising for GETTR had been posted online before news broke of Miller’s venture. And it included logos for several entities in the G-TV Media Group, a media company owned by both Bannon and Guo. One poster includes the logos for their subsidiaries, G-TV and GNEWS, two sites that have been flagged as vectors of coronavirus and anti-CCP disinformation. An account for GETTR on G-TV, which has the same torch logo as Miller’s GETTR, has been uploading content for more than a year, though much of it is content from G-TV.

Even before its announcement, the GETTR app on Apple had more than 1,200 reviews dating back months, primarily from users praising its anti-CCP stance. “Finally there is a platform for freely disseminating the truth. Thanks to Mr. Wengui who broke the news that the revolution has created such a free-sounding platform,” one user wrote in a review on June 17th.

In the months leading up to GETTR’s reveal, plans for Trump returning to social media frequently hinged on the idea of owning his own Twitter or Facebook-like platform. Trump associates previously told POLITICO that the quickest way to bring him back, and keep him there, would necessitate his owning a majority of the company, if not the entire enterprise. But given the steep cost of building a viable Big Tech competitor from scratch — Twitter, Trump’s biggest competition, burned through hundreds of millions of dollars from launch to profitability over nine years — people involved in Trump’s building of a network had aimed to buy a pre-existing network outright and rebrand it for a MAGA audience.

At face value, GETTR could have been that service. But the choice of Guo’s entity brought with it particularly thorny issues.

G-TV Media has had a rocky history, and was the subject of a federal probe into its fundraising, with the FBI and SEC investigating the company’s $300 million private fundraising round. The links between Guo and Bannon go back years. Famously, Bannon was arrested aboard Guo’s yacht in 2020 over fraud charges related to a separate crowdfunding project to help build a wall on the U.S.-Mexico border. In 2019, it was reported that Guo was a member of Donald Trump’s Mar-a-Lago club.

ap20234293159361-c.jpg

Guo himself was an active promoter of GETTR, frequently posting daily video blogs onto the site over the past two months, titled “Miles Guo’s Getter” to share his views on China, the coronavirus pandemic and the Biden administration. Those GETTR videos were then cross-posted to GNews and translated into both English and French, according to the site.

In the days leading up to Miller announcing the launch of a MAGA-version of GETTR, several videos appeared on GNEWS and G-TV showing GETTR users how to save their data and eventually upload it to the new platform.

A Twitter user named Dicky Zhang, whose account identifies him as connected to G-TV and GNEWS, also reminded his followers that they needed to back up their GETTR accounts.

“Gettr will officially be launched on July 4th,” he tweeted in English on June 29th. “In order to build it into a multilingual & international platform, we will clear all the data on the platform on June 29th, Eastern US Time, including posts, photos & accounts. Sorry for the inconvenience. Save important information pls.”

Meridith McGraw contributed to this report.

Source: https://www.politico.com/news/2021/07/01/maga-app-bannon-chinese-billionaire-497767
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Tina Nguyen

Senate Democrats weigh $6T infrastructure bill, without GOP

ap21166766232103.jpg

Senate Democrats are weighing spending as much as $6 trillion on their own infrastructure package if the chamber’s bipartisan talks fail, according to two sources familiar with the matter.

Majority Leader Chuck Schumer has repeatedly insisted that infrastructure talks are currently on two tracks: The first track is bipartisan, while the second track will include priorities that have no chance of getting GOP support. He huddled on Wednesday afternoon with Democratic members of the Budget Committee to discuss strategy, with no firm decision reached.

Senate Budget Chair Bernie Sanders (I-Vt.) has been pushing for an aggressive approach to the infrastructure talks and is angling to insert a large expansion of Medicare into Democrats’ plan. Earlier this week, Sanders said he opposed the emerging bipartisan agreement.

“The bipartisan talks could impact us, but we’re going to keep going,” Sanders said Wednesday.

According to a tentative plan, half of the proposed Democrats-only alternative would be paid for. About $2.5 trillion would go through the Finance Committee, $185 billion through the Energy Committee and almost $500 billion through the Environment and Public Works Committee, one source said, while emphasizing that the discussions are fluid.

A spokesperson for the Budget committee declined to comment.

Moderate Democrats will meet with Schumer midday to discuss their bipartisan proposal, the budget and reconciliation, according to two sources familiar with the matter. They have signaled they are unlikely to go along with a package running into the multi-trillion-dollar range, but talks about a compromise are just beginning in earnest.

The details of the bigger plan come as a bipartisan group of senators, led by Sens. Kyrsten Sinema (D-Ariz.) and Rob Portman (R-Ohio), released details this week of an infrastructure plan that costs about $973 billion over five years or $1.2 trillion over eight. The plan would include $579 billion in new spending, and pay-fors include repurposing unused Covid relief funds, imposing a surcharge on electric vehicles, and expanding use of state and local funds for coronavirus relief.

Schumer may need to make sure he has unified support for a massive Democratic-only package before he can cut a deal on a separate, bipartisan bill.

The White House has balked at indexing the gas tax, the EV charges and raiding Covid funds. But a White House official said that Senate Democrats offered a more detailed, updated briefing to them on Wednesday.

“We continue to be encouraged by what our team was briefed on,” the official said.

So far, a bipartisan group of 21 senators have signed on and the plan’s details remain in flux. And Democrats’ separate considerations of an infrastructure bill as big as $6 trillion — more than President Joe Biden’s initial $4 trillion-plus plan — don’t necessarily suggest they’re preparing for those talks to run aground. The bigger framework includes provisions that could be added to a separate infrastructure bill passed along party lines even if the bipartisan talks pay off.

The White House met with a group of Democratic negotiators on Wednesday. But it’s not clear what the next steps are just yet. Moderate Democrats will meet with Schumer midday to discuss their bipartisan proposal, the budget and reconciliation, according to two sources familiar with the matter.

Sen. Joe Manchin (D-W.Va.) is pushing for a bipartisan agreement and is not entirely committed to a second reconciliation package with only Democratic priorities, which is a key demand by progressives whose votes will be needed for any bipartisan deal. Liberal lawmakers for weeks have been pushing for the White House to go it alone.

Schumer has insisted that the Senate will take up infrastructure in July. He also wants the Senate to consider a budget resolution that would unlock the ability to pass a party-line bill and evade a filibuster.

Source: https://www.politico.com/news/2021/06/17/senate-democrats-infrastructure-reconciliation-494977
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Marianne LeVine and Burgess Everett

Ransomware attacks ‘are here to stay,’ Commerce secretary says

210606-raimondo-ap-773.jpg

Commerce Secretary Gina Raimondo said Sunday that ransomware attacks “are here to stay,” and that businesses should plan accordingly.

“The first thing we have to recognize,” she said, “is this is the reality, and we should assume and businesses should assume, that these attacks are here to stay and, if anything, will intensify. And so just last week the White House sent out a letter broadly to the business community urging the business community to do more.”

Speaking on ABC’s “This Week With George Stephanopoulos,” the former governor of Rhode Island declined to blame Vladimir Putin’s Russia outright in answering a question on whether the Biden administration should look to punish Russia, which is believed to be the source of some or all of these attacks.

“We are evaluating all the options and we won’t stand for a nation supporting or turning a blind eye to a criminal enterprise,” she said. “And as the president has said, we’re considering all of our options.”

She added: “This week when the president meets with Putin and other world leaders, this will be at the top of the agenda.”

In a ransomware attack, hackers seize control of a business or organization’s computer system by exploiting weaknesses in the security system, then lock up the entire system until a “ransom” is paid. Raimondo said one way to stymie international hackers is to approve Biden’s proposed infrastructure plan.

“Certain components of the American Jobs Plan provide for investments to shore up the nation’s cyber infrastructure,” she told Stephanopoulos.

Raimondo argued that the good news in all this was that businesses can make relatively simple changes to protect themselves against such attacks.

“Some very simple steps like two-factor authentication, having proper backups and backup technology, can be enormously helpful against a wide variety of these attacks. So it is clear that the private sector needs to be more vigilant, by the way, including small- and medium-sized companies,” she said.

Source: https://www.politico.com/news/2021/06/06/ransomware-attacks-commerce-secretary-492005
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: David Cohen

Cyberattack on food supply followed years of warnings

210317-colorado-meat-grocery-store-ap-77

Security analysts from the University of Minnesota warned the U.S. Agriculture Department in late May about a growing danger — a cyber crime known as ransomware that could wreak more havoc on Americans’ food sources than Covid-19 did.

A week and a half later, the prediction became reality as a ransomware attack forced the shutdown of meat plants that process more than a fifth of the nation’s beef supply in the latest demonstration of hackers’ ability to interrupt a critical piece of the U.S. economy.

The hack of the global meatpacking giant JBS last weekend is also the starkest example yet of the food system’s vulnerability to digital threats, especially as internet technology and automation gain an increasing role across farmlands and slaughterhouses. But federal oversight of the industry’s cybersecurity practices remains light, despite years of warnings that an attack could bring consequences ranging from higher grocery prices to contaminated food.

Virtually no mandatory cybersecurity rules govern the millions of food and agriculture businesses that account for about a fifth of the U.S. economy — just voluntary guidelines exist. The two federal agencies overseeing the sector include the USDA, which has faced criticism from Congress for how it secures its own data. And unlike other industries that have formed information-sharing collectives to coordinate their responses to potential cyber threats, the food industry disbanded its group in 2008.

Now, food producers need to face the fact that disruptive cyberattacks are part of what Agriculture Secretary Tom Vilsack calls their “new reality.”

210223-tom-vilsack-getty-773.jpg

National security threats to the agricultural supply chain haven’t received enough attention across the entire federal government, argued Rep. Rick Crawford (R-Ark.), who serves on both the House Intelligence and Agriculture committees.

“Too often agriculture is dismissed as: ‘It’s important but it’s not that big a deal,’” Crawford said in an interview. “If you eat, you’re involved in agriculture. We all need to recognize that it’s a vital industry and this [incident] illustrates that.”

The North American Meat Institute, which represents meatpackers, declined to comment on the state of the industry’s cybersecurity measures or potential changes following the hack.

The downside of ‘enormous technology’

The cry of alarm from the University of Minnesota’s Food Protection and Defense Institute arrived in the most unassuming of packages: as one of more than 180 official comments filed to the USDA related to a presidential order about securing the nation’s supply chains.

“Fast-spreading ransomware attacks could simultaneously block operations at many more plants than were affected by the pandemic,” the institute warned in its May 18 filing, noting that Covid-19 last year forced a shutdown of slaughterhouses that prompted fears of meat shortages and price spikes.

It was just the latest in a series of warnings from national security and law enforcement agencies, private cybersecurity companies and academic researchers.

In November, the cybersecurity firm CrowdStrike said in a report that its threat-hunting service had witnessed a tenfold increase in interactive — or “hands-on-keyboard” — intrusions affecting the agriculture industry over the previous 10 months. Adam Meyers, the company’s senior vice president of intelligence, said that of the 160 hacking groups or gangs the company tracks, 13 have been identified in targeting agriculture.

A 2018 report from the Department of Homeland Security examined a range of cyber threats facing the industry as it adopts digitized “precision agriculture,” while the FBI said in April 2016 that agriculture is “increasingly vulnerable to cyberattacks as farmers become more reliant on digitized data.”

The industry also offers plentiful targets: As the Department of Homeland Security’s cyber agency notes, the ag and food sector includes “an estimated 2.1 million farms, 935,000 restaurants, and more than 200,000 registered food manufacturing, processing, and storage facilities,” almost all under private ownership.

For decades, however, most farmers and foodmakers have prized productivity over all else, including security — trying to eke out profits in an industry with chronically narrow margins and meet the growing global demand for food. In the quest for efficiency, meat plants are ratcheting up their processing line speeds and investing in robotics to more quickly carve up carcasses. Farmers are adopting high-tech innovations like drones, GPS mapping, soil sensors and autonomous tractors, with vast data behind it all.

All that connectivity and automation comes at a cost.

“This is part of the downside of having an enormous technology, enormous capacity to turn a lot of data and become more efficient,” Vilsack said. “There are risks associated with that.”

‘No industry is off limits’

The disruption to JBS, which controls nearly a quarter of America’s cattle processing, has raised concerns mainly about the impact on meat markets. USDA data shows wholesale beef prices have steadily ticked higher each day since the hack, with choice cuts climbing above $341 per hundred pounds as of Thursday morning.

Higher prices are just one of many potential consequences. Cyberattacks could also lead to the sale of tainted food to the public, financial ruin for producers, or even the injury and death of plant workers, according to the Food Protection and Defense Institute, a DHS-recognized group.

In its public comments to USDA, the institute highlighted gaping holes in the industry’s preparedness, including a general “lack of awareness throughout the sector” and scant guidance from government regulators. It also noted that large parts of the industry rely on decades-old, custom-written software that is essentially impossible to update, along with outdated operating systems like Windows 98.

“The agriculture industry probably lags behind some of the other industries that have been hit harder by cyber crime” like the financial sector, which has long been a prime target for criminals, said Michael Daniel, president and chief executive of the Cyber Threat Alliance, a nonprofit organization.

However, the JBS hack, just like the ransomware attack on Colonial Pipeline in May and the ensuing gasoline-buying panic, shows that “no industry is off limits,” he added. Ransomware operators “are going to go wherever they think they can extract money.”

Daniel, a cyber coordinator during the Obama administration, said he would recommend that industry executives take basic steps like assessing their companies’ digital preparedness and reviewing federal security guidelines.

“What I would be telling them is: You really need to be thinking about how you manage your cybersecurity risk, just like you manage commodity price risk, just like you manage natural disaster risk, just like you manage legal risk,” Daniel said.

The White House similarly advised all companies on Thursday to harden their defenses, including by installing the latest software updates and requiring extra authentication for anyone logging onto their systems.

Meyers, from CrowdStrike, said seriousness with which cybersecurity is regarded varies “depending on who you’re talking to in the ag industry.” He said multinational conglomerates that have intellectual property worth protecting make it a priority, but “as you get down the food chain, so to speak, they probably think about it less seriously.”

The JBS hack “is the big wake-up call for all these small, medium and large businesses. You can’t stick your head in the sand, and hope it’s not going to happen to you because it is,” Meyers said. “You need to be prepared, and you need to get yourself ready to fight. Because if you don’t, you’re going to be paying a ransom and somebody’s going to be eating your lunch.”

A call for Congress to act

Congress may need to step in to help fix the situation, said Crawford, the House member from Arkansas, who reintroduced legislation earlier this year that would establish an intelligence office within USDA. The office would serve as a conduit for the department to keep farmers informed of threats to their livelihood, including espionage and cyber operations by malign actors.

A key reason the industry isn’t prepared against dangers like ransomware is that the U.S. intelligence community hasn’t considered the national security threats to agriculture as much as it should, Crawford argued.

He added that communication must go both ways: Companies need to have their cyber experts share what they see with their government counterparts. No such requirements exist for the food and ag industry.

“What I would advise the private sector to do is be proactive on these things as possible,” according to Crawford, who is organizing a “business intelligence and supply chain integrity” forum this summer that will feature cybersecurity experts, government officials and representatives from the clandestine community to educate local businesses about digital threats.

USDA has not proposed any significant policy changes following the JBS attack, instead asking food and agriculture companies to take voluntary steps to safeguard their IT and infrastructure from cyber threats. Vilsack on Thursday pointed to guidelines from DHS’ Cybersecurity and Infrastructure Security Agency that companies can adopt for their own protection.

There’s no shortage of policy recommendations from experts in the field. Most proposals involve educating industry leaders and employees, setting minimum standards for cyber safety or improving coordination between companies and agencies.

Another step recommended by the Food Protection and Defense Institute: USDA and DHS should work with the industry to create a cyber threats clearinghouse — known as an “information sharing and analysis center” — to collaborate on studying and addressing digital risks.

Other critical industries, including the electricity and financial sectors, already have their own ISACs, but the food industry does not. Instead, some food and ag companies have joined a broader information-sharing group that covers the information technology industry, said Scott Algeier, executive director of the IT-ISAC.

“They wanted to engage with other companies but did not have an ISAC. So they applied to us,” said Algeier, whose organization also provides a threat-sharing forum for the elections industry.

The nonprofit Internet Security Alliance has called for federal grants and other incentives for food companies to step up their cyber defenses.

“Increasing cybersecurity will cost money, and finding the additional funding will not be simple for the sector since it is governed by tight margins and faces a highly competitive world market,” the group wrote on its website.

Helena Bottemiller Evich contributed to this report.

Source: https://www.politico.com/news/2021/06/05/how-ransomware-hackers-came-for-americans-beef-491936
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Ryan McCrimmon and Martin Matishak

Supreme Court narrows scope of sweeping cybercrime law

210604-scotus-gty-773.jpg

The Supreme Court has sharply curtailed the scope of the nation’s main cybercrime law, limiting a tool that civil liberties advocates say federal prosecutors have abused by seeking prison time for minor computer misdeeds.

The 6-3 decision handed down Thursday means federal prosecutors can no longer use the 1986 Computer Fraud and Abuse Act to charge people who misused databases they are otherwise entitled to access. The ruling comes six months after justices expressed concern that the government’s sweeping interpretation of the law could place people in jeopardy for activities as mundane as checking social media on their work computers, with Justice Neil Gorsuch saying prosecutors’ view risked “making a federal criminal of us all.”

In an unusual lineup, the court’s three Trump appointees — who are also the newest justices — joined the court’s three liberals to reject the Justice Department’s interpretation of the statute.

The majority ruling, written by Justice Amy Coney Barrett, is largely devoted to a meticulous parsing of the statue’s language. However, she also noted the dangers of the approach prosecutors have advocated.

“The Government’s interpretation of the statute would attach criminal penalties to a breathtaking amount of commonplace computer activity,” Barrett wrote. “If the ‘exceeds authorized access’ clause criminalizes every violation of a computer-use policy, then millions of otherwise law-abiding citizens are criminals.”

While insisting that the court arrived at its ruling based solely on reading the statute, and not considering its potential effects, Barrett concurred with critics who said the broader interpretation would “criminalize everything from embellishing an online-dating profile to using a pseudonym on Facebook.”

In dissent, Justice Clarence Thomas said the majority’s reading was contrived and off-base. He also said there are many areas of law where permission given to do something for one purpose does not imply permission for an unrelated purpose.

“A valet, for example, may take possession of a person’s car to park it, but he cannot take it for a joyride,” Thomas wrote in an opinion joined by Chief Justice John Roberts and Justice Samuel Alito.

Thomas also noted that violations of the law are typically a misdemeanor, and he said the breadth of the statute is no reason to misread it. “Much of the Federal Code criminalizes common activity,” he wrote. “It is understandable to be uncomfortable with so much conduct being criminalized, but that discomfort does not give us authority to alter statutes.”

Past controversies involving the law included a two-year prison sentence for a journalist who helped hackers deface the Los Angeles Times’ website and, most notoriously, a prosecution that led to the suicide of a prominent internet freedom activist who faced the possibility of decades behind bars for downloading millions of scientific journal articles.

The case decided on Thursday, Van Buren v. United States, involved a former police officer convicted of violating the CFAA for searching a license plate database in exchange for a bribe as part of an FBI sting operation. The officer appealed the conviction, arguing that the law did not cover the unauthorized use of a computer system that the user was allowed to access as part of his job.

The Supreme Court agreed, holding that Nathan Van Buren’s conviction was invalid.

A broad coalition of technology experts, civil-society activists and transparency advocates had poured amicus briefs into the high court as it considered its first-ever case involving the law.

The National Whistleblower Center warned that applying the CFAA to any unauthorized use of computer data would invite “retaliation against whistleblowers who provide evidence of criminal fraud and other criminal activity” to authorities. The libertarian Americans for Prosperity Foundation said the government’s interpretation of the law would cover “violations of the fine print in website terms of service, company computer-use policies, and other breaches of contract” and “wrongly criminalize a wide swath of innocent, innocuous conduct.”

Free-press advocates warned that a ruling for the government “would significantly chill First Amendment activity,” while technologists said it would allow prosecutors to go after good-faith security researchers attempting to raise awareness of digital vulnerabilities.

But supporters of the broad use of the CFAA said it was necessary to combat insider threats facing businesses and government agencies’ sensitive computer systems. Narrowing the law “would allow any person who has legitimate access to the data carte blanche to access and use (or indeed in many cases destroy) that data for any manifestly blameworthy reason they choose,” the Federal Law Enforcement Officers Association told the court.

Source: https://www.politico.com/news/2021/06/03/supreme-court-cybercrime-law-491764
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Eric Geller and Josh Gerstein

US meatpacking plants get back on stream after crippling cyber-attack

3500.jpg?width=1200&height=630&quality=8

Experts warn ‘no one is out of bounds’ after ransomware attack halts production at JBS, which supplies more than fifth of US beef

Meat-processing factories in the US run by the world’s largest company in that field are coming back on stream on Wednesday after a ransomware attack – as experts warned all corporate and local government leaders to be on the alert.

A cyber-attack on the meat processor JBS had forced it to halt all US operations while it scrambled to restore functionality. The attack, like other recent hacks, is believed to have originated in Russia.

Continue reading…

Source: https://www.theguardian.com/food/2021/jun/02/cyber-attack-targets-worlds-largest-meat-processing-company
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Alex Hern and Alexandra Villarreal

Microsoft: SolarWinds hackers target 150 orgs with phishing

210528-international-development-ap-773.

BOSTON — The state-backed Russian cyber spies behind the SolarWinds hacking campaign launched a targeted spear-phishing assault on U.S. and foreign government agencies and think tanks this week using an email marketing account of the U.S. Agency for International Development, Microsoft said.

The effort targeted about 3,000 email accounts at more than 150 different organizations, at least a quarter of them involved in international development, humanitarian and human rights work, Microsoft Vice President Tom Burt said in a blog post late Thursday.

It did not say what portion of the attempts may have led to successful intrusions.

The cybersecurity firm Volexity, which also tracked the campaign but has less visibility into email systems than Microsoft, said in a post that relatively low detection rates of the phishing emails suggest the attacker was “likely having some success in breaching targets.”

Burt said the campaign appeared to be a continuation of multiple efforts by the Russian hackers to “target government agencies involved in foreign policy as part of intelligence gathering efforts.” He said the targets spanned at least 24 countries.

The hackers gained access to USAID’s account at Constant Contact, an email marketing service, Microsoft said. The authentic-looking phishing emails dated May 25 purport to contain new information on 2020 election fraud claims and include a link to malware that allows the hackers to “achieve persistent access to compromised machines.”

Microsoft said in a separate blog post that the campaign is ongoing and evolved out of several waves of spear-phishing campaigns it first detected in January that escalated to the mass-mailings of this week.

While the SolarWinds campaign, which infiltrated dozens of private sector companies and think tanks as well as at least nine U.S. government agencies, was supremely stealthy and went on for most of 2020 before being detected in December by the cybersecurity firm FireEye, this campaign is what cybersecurity researchers call noisy. Easy to detect.

Microsoft noted the two mass distribution methods used: the SolarWinds hack exploited the supply chain of a trusted technology provider’s software updates; this campaign piggybacked on a mass email provider.

With both methods, the company said, the hackers undermine trust in the technology ecosystem.

Source: https://www.politico.com/news/2021/05/28/microsoft-solarwinds-hackers-phishing-491317
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Associated Press

« Older posts