U.S. Infrastructure being targeted according to NSA memo

Revelations 6:3-4 “when he opened the second seal, I heard the second living creature say, “Come!” 4 And out came another horse, bright red. Its rider was permitted to take peace from the earth, so that people should slay one another, and he was given a great sword.

Important Takeaways:

  • Microsoft warns that China hackers attacked U.S. infrastructure
  • Chinese state-sponsored hackers have compromised “critical” cyber infrastructure in a variety of industries, including government and communications organizations, Microsoft said Wednesday.
  • The hacking group is code-named “Volt Typhoon,” and has been in operation since 2021.
  • Impacted parties have already been notified.
  • The National Security Agency put out a bulletin Wednesday, detailing how the hack works and how cybersecurity teams should respond.
  • The attack is apparently ongoing. In the advisory, Microsoft urged impacted customers to “close or change credentials for all compromised accounts.”
  • U.S. intelligence agencies became aware of the incursion in February, around the same time that a Chinese spy balloon was downed, The New York Times reported.

Read the original article by clicking here.

Microsoft says group behind SolarWinds hack now targeting government agencies, NGOs

By Kanishka Singh and Raphael Satter

WASHINGTON (Reuters) -The group behind the SolarWinds cyber attack identified late last year is now targeting government agencies, think tanks, consultants, and non-governmental organizations, Microsoft Corp said on Thursday.

“This week we observed cyberattacks by the threat actor Nobelium targeting government agencies, think tanks, consultants, and non-governmental organizations,” Microsoft said in a blog.

Nobelium, originating from Russia, is the same actor behind the attacks on SolarWinds customers in 2020, according to Microsoft.

The comments come weeks after a May 7 ransomware attack on Colonial Pipeline shut the United States’ largest fuel pipeline network for several days, disrupting the country’s supply.

“This wave of attacks targeted approximately 3,000 email accounts at more than 150 different organizations,” Microsoft said on Thursday.

While organizations in the United States received the largest share of attacks, targeted victims came from at least 24 countries, Microsoft said.

At least a quarter of the targeted organizations were involved in international development, humanitarian issues and human rights work, Microsoft said in the blog.

Nobelium launched this week’s attacks by breaking into an email marketing account used by the United States Agency For International Development (USAID) and from there launching phishing attacks on many other organizations, Microsoft said.

In statements issued Friday, the Department of Homeland Security and USAID both said they were aware of the hacking and were investigating.

The hack of information technology company SolarWinds, which was identified in December, gave access to thousands of companies and government offices that used its products. Microsoft President Brad Smith described the attack as “the largest and most sophisticated attack the world has ever seen”.

This month, Russia’s spy chief denied responsibility for the SolarWinds cyber attack but said he was “flattered” by the accusations from the United States and Britain that Russian foreign intelligence was behind such a sophisticated hack.

The United States and Britain have blamed Russia’s Foreign Intelligence Service (SVR), successor to the foreign spying operations of the KGB, for the hack which compromised nine U.S. federal agencies and hundreds of private sector companies.

The attacks disclosed by Microsoft on Thursday appeared to be a continuation of multiple efforts to target government agencies involved in foreign policy as part of intelligence gathering efforts, Microsoft said.

The company said it was in the process of notifying all of its targeted customers and had “no reason to believe” these attacks involved any exploitation or vulnerability in Microsoft’s products or services.

(Reporting by Kanishka Singh and Sabahatjahan Contractor in Bengaluru; additional reporting by Raphael Satter in Washington; Editing by Robert Birsel and Clarence Fernandez)

North Korean, Russian hackers target COVID-19 researchers: Microsoft

By Raphael Satter

WASHINGTON (Reuters) – Hackers working for the Russian and North Korean governments have targeted more than half a dozen organizations involved in COVID-19 treatment and vaccine research around the globe, Microsoft said on Friday.

The software company said a Russian hacking group commonly nicknamed “Fancy Bear” – along with a pair of North Korean actors dubbed “Zinc” and “Cerium” by Microsoft – were implicated in recent attempts to break into the networks of seven pharmaceutical companies and vaccine researchers in Canada, France, India, South Korea, and the United States.

Microsoft said the majority of the targets were organizations that were in the process of testing COVID-19 vaccines. Most of the break-in attempts failed but an unspecified number succeeded, it added.

Few other details were provided by Microsoft. It declined to name the targeted organizations, say which ones had been hit by which actor, or provide a precise timeline or description of the attempted intrusions.

The Russian embassy in Washington – which has repeatedly disputed allegations of Russian involvement in digital espionage – said in an email that there was “nothing that we can add” to their previous denials.

North Korea’s representative to the United Nations did not immediately respond to messages seeking comment. Pyongyang has previously denied carrying out hacking abroad.

The allegations of cyber espionage come as world powers are jockeying behind the scenes in the race to produce a vaccine for the virus.

They also highlight how Microsoft is pressing its case for a new set of global rules barring digital intrusions aimed at healthcare providers.

Microsoft executive Tom Burt said in a statement his company was timing its announcement with Microsoft President Brad Smith’s appearance at the virtual Paris Peace Forum, where he would call on world leaders “to affirm that international law protects health care facilities and to take action to enforce the law.”

(Reporting by Raphael Satter Additional reporting by Christopher Bing in Washington, Jack Stubbs in London, and Michelle Nichols in New York; Editing by Tom Brown and Grant McCool)

Trump: U.S. should get ‘substantial portion’ of TikTok operations sale price

By David Shepardson and Jeff Mason

WASHINGTON (Reuters) – U.S. President Donald Trump said Monday the U.S. government should get a “substantial portion” of the sales price of the U.S. operations of TikTok and warned he will ban the service in the United States on September 15 without a sale.

The turnaround came after Trump Friday he said he was planning to ban the Chinese-owned video app’s U.S. operations as soon as Saturday after dismissing a possible sale to Microsoft.

Reuters reported last week that some investors are valuing TikTok at about $50 billion, citing people familiar with the matter.

“I did say that if you buy it, whatever the price is that goes to whoever owns it, because I guess it’s China essentially … I said a very substantial portion of that price is going to have to come into the Treasury of the United States because we’re making it possible for this deal to happen,” Trump said.

It was not clear how the U.S. government would receive part of the purchase price.

He added it “will close down on September 15 unless Microsoft or somebody else is able to buy it and work out a deal, an appropriate deal so the Treasury … of the United States gets a lot of money.

Daniel Elman, analyst at Nucleus Research, said a sale “could foreshadow a growing wave of U.S. company acquisition of Chinese internet properties, particularly if the geopolitical tensions continue to mount.”

Elman said that could impact Tencent’s WeChat.

Secretary of State Mike Pompeo referenced WeChat on Sunday and said Trump “will take action in the coming days with respect to a broad array of national security risks that are presented by software connected to the Chinese Communist Party.”

U.S. officials have said TikTok poses a national risk because of the personal data it handles. TikTok CEO Kevin Mayer said in a blog post last week that the company was committed to following U.S. laws and was allowing experts to observe its moderation policies and examine the code that drives its algorithms.

Trump’s comments confirmed a Reuters report Sunday that he had agreed to give China’s ByteDance 45 days to negotiate a sale of popular short-video app TikTok to Microsoft.

Trump, a former New York real estate developer, compared TikTok to the landlord tenant relationship, suggesting TikTok is like a tenant. “Without a lease, the tenant has nothing – so they pay what’s called key money or they pay something.”

He said he did not mind “whether it’s Microsoft or somebody else – a big company, a secure company, very, very American company buy it.”

Microsoft said Sunday that CEO Satya Nadella had spoken to Trump and “is prepared to continue discussions to explore a purchase of TikTok in the United States.”

Microsoft said Sunday it is “committed to acquiring TikTok subject to a complete security review and providing proper economic benefits to the United States, including the United States Treasury.”

Many prominent Republicans, including House Republican Leader Kevin McCarthy, issued statements in support of a Microsoft acquisition of TikTok’s U.S. operations. Some congressional aides are worried about a backlash by younger voters against the party if Trump banned TikTok, which has 100 million American users.

Microsoft and TikTok parent ByteDance gave the U.S. government a notice of intent to explore a preliminary proposal for Microsoft to purchase the TikTok service in the United States, Canada, Australia, and New Zealand.

U.S. Senate Democratic leader Chuck Schumer also backed the sale, while a senior White House adviser raised concerns about a sale to Microsoft.

“A U.S. company should buy TikTok so everyone can keep using it and your data is safe,” Schumer said on Twitter, adding: “This is about privacy. With TikTok in China, it’s subject to Chinese Communist Party laws that may require handing over data to their government.”

White House trade adviser Peter Navarro suggested on Monday that Microsoft could divest its holdings in China if it were to buy TikTok.

“So the question is, is Microsoft going to be compromised?” Navarro said in an interview with CNN. “Maybe Microsoft could divest its Chinese holdings?”

Navarro said the Chinese government and military use Microsoft software “to do all the things they do.”

(Reporting by David Shepardson, Doina Chiacu, Susan Heavey, Alexandra Alper, Echo Wang, Greg Roumeliotis, Paresh Dave and Pete Schroeder; Editing by Nick Zieminski and Lisa Shumaker)

LinkedIn cuts 960 jobs as pandemic puts the brakes on corporate hiring

By Supantha Mukherjee

(Reuters) – Microsoft Corp’s professional networking site LinkedIn said on Tuesday it would cut about 960 jobs, or 6% of its global workforce, as the coronavirus pandemic is having a sustained impact on demand for its recruitment products.

California-based LinkedIn helps employers assess a candidate’s suitability for a role and employees use the platform to find a new job.

Jobs will be cut across sales and hiring divisions of the group globally. Announcing the plan in a message posted on LinkedIn’s website, Chief Executive Ryan Roslansky said the company would provide at least 10 weeks of severance pay as well as health insurance for a year for U.S. employees, and will hire for newly-created roles from laid-off staff.

“I want you to know these are the only layoffs we are planning,” Roslansky said in his message. Affected staff, who have not yet been told, would be able to keep company-issued cell phones, laptops, and recently purchased equipment to help them work from home while making career transitions, he said.

As lockdowns to contain the coronavirus have hit businesses around the world, LinkedIn’s business has been hit as companies lay off staff or sharply curtail hiring.

LinkedIn said employees affected by its job cuts will be informed this week and they will start receiving invitations in the next few hours to meetings to learn more about next steps.

“If you don’t receive a meeting invite, you are not directly impacted by this change,” Roslansky said.

(Reporting by Supantha Mukherjee; Editing by Susan Fenton)

U.S. tech giants eye Artificial Intelligence key to unlock China push

A Google sign is seen during the WAIC (World Artificial Intelligence Conference) in Shanghai, China, September 17, 2018. REUTERS/Aly Song

By Cate Cadell

SHANGHAI (Reuters) – U.S. technology giants, facing tighter content rules in China and the threat of a trade war, are targeting an easier way into the world’s second-largest economy – artificial intelligence.

Google, Microsoft Inc and Amazon Inc showcased their AI wares at a state-backed forum held in Shanghai this week against the backdrop of Beijing’s plans to build a $400 billion AI industry by 2025.

China’s government and companies may compete against U.S. rivals in the global AI race, but they are aware that gaining ground won’t be easy without a certain amount of collaboration.

“Hey Google, let’s make humanity great again,” Tang Xiao’ou, CEO of Chinese AI and facial recognition unicorn Sensetime, said in a speech on Monday.

Amazon and Microsoft announced plans on Monday to build new AI research labs in Shanghai. Google also showcased a growing suite of China-focused AI tools at its packed event on Tuesday.

Google in the past year has launched AI-backed products including a translate app and a drawing game, its first new consumer products in China since its search engine was largely blocked in 2010.

The World Artificial Intelligence Conference, which ends on Wednesday, is hosted by China’s top economic planning agency alongside its cyber and industry ministries. The conference aims to show the country’s growing might as a global AI player.

China’s ambition to be a world leader in AI has created an opening for U.S. firms, which attract the majority of top global AI talents and are keen to tap into China’s vast data.

The presence of global AI research projects is also a boon for China, which aims to become a global technology leader in the next decade.

Liu He, China’s powerful vice premier and the key negotiator in trade talks with the United States, said his country wanted a more collaborative approach to AI technology.

“As members of a global village, I hope countries can show inclusive understanding and respect for each other, deal with the double-sword technologies can bring, and embrace AI challenges together,” he told the forum.

Beijing took an aggressive stance when it laid out its AI roadmap last year, urging companies, the government and military to give China a “competitive edge” over its rivals.

STATE-BACKED AI

Chinese attendees at the forum were careful to cite the guiding role of the state in the country’s AI sector.

“The development of AI is led by government and executed by companies,” a Chinese presenter said in between speeches on Monday by China’s top tech leaders, including Alibaba Holding Ltd chairman Jack Ma, Tencent Holdings Ltd chief Pony Ma and Baidu Inc CEO Robin Li.

While China may have enthusiasm for foreign AI projects, there is little indication that building up local AI operations will open doors for foreign firms in other areas.

China’s leaders still prefer to view the Internet as a sovereign project. Google’s search engine remains blocked, while Amazon had to step back from its cloud business in China.

Censorship and local data rules have also hardened in China over the past two years, creating new hoops for foreign firms to jump through if they want to tap the booming internet sector.

Nevertheless, some speakers paid tribute to foreign AI products, including Xiami Corp chief executive Lei Jun, who hailed Google’s Alpha Go board game program as a major milestone, saying he was a fan of the game himself.

Alibaba’s Ma said innovation needed space to develop and it was not the government’s role to protect business.

“The government needs to do what the government should do, and companies need to do what they should do,” he said.

(Reporting by Cate Cadell; Editing by Adam Jourdan and Darren Schuettler)

Russian hackers targeted U.S. Senate, think tanks: Microsoft

FILE PHOTO: A Microsoft logo is seen in Los Angeles, California U.S. November 7, 2017. REUTERS/Lucy Nicholson/File Phot

By Brendan O’Brien

(Reuters) – Microsoft Corp charged that hackers linked to Russia’s government sought to launch cyber attacks on the U.S. Senate and conservative American think tanks, warning that Moscow is broadening attacks ahead of November’s congressional elections.

The world’s biggest software company said late on Monday that it last week took control of six web domains that hackers had created to mimic sites belonging to the Senate and the think tanks. Users who visited the fake sites were asked to enter login credentials.

It is the latest in a string of actions Microsoft has taken to thwart what it charges are Russian government hacking attempts. The company said it has shut down 84 fake websites in 12 court-approved actions over the past two years.

“We’re concerned that these and other attempts pose security threats to a broadening array of groups connected with both American political parties in the run-up to the 2018 elections,” Microsoft President Brad Smith said in a blog post.

Microsoft said it had no evidence that the hackers had succeeded in compromising any user credentials before it took control of the malicious sites.

The Kremlin rejected the Microsoft allegations and said there was no evidence to support them.

“We don’t know what hackers they are talking about,” Kremlin spokesman Dmitry Peskov told reporters. “Who exactly are they talking about? We don’t understand what the proof and the basis is for them drawing these kind of conclusions. Such information (proof) is lacking.”

Moscow has repeatedly dismissed allegations that it has used hackers to influence U.S. elections and political opinion.

The targets, Microsoft said, included the International Republican Institute, whose high-profile Republican board members include Senator John McCain of Arizona, who has criticized U.S. President Donald Trump’s interactions with Russia and Moscow’s rights record.

The Hudson Institute, another target, has hosted discussions on topics including cyber security, according to Microsoft. It has also examined the rise of kleptocracy, especially in Russia, and has been critical of the Russian government.

Other malicious domains were used to mimic legitimate sites used by the U.S. Senate and Microsoft’s Office software suite, the company said.

CYBER TENSIONS

Microsoft’s report came amid increasing tensions between Moscow and Washington ahead of midterm elections in November.

A U.S. federal grand jury indicted 12 Russian intelligence officers in July on charges of hacking the computer networks of 2016 Democratic presidential candidate Hillary Clinton and the Democratic Party.

Special Counsel Robert Mueller is investigating Russia’s role in the 2016 election and whether Trump’s campaign worked with Russians to sway the vote. Russia denies interfering in the elections and Trump has denied any collusion.

The type of attack is known as “spear fishing,” in which the hackers trick victims into entering their username and password into a fake site in order to steal their credentials.

Facebook Inc said late last month it had removed 32 pages and fake accounts from its platforms in a bid to combat foreign meddling ahead of the U.S. votes.

The company stopped short of identifying the source of the misinformation. But members of Congress who had been briefed by Facebook on the matter said the methodology of the influence campaign suggested Russian involvement.

(Reporting by Brendan O’Brien; Additional reporting by Andrew Osborn and Tom Balmforth in Moscow; Editing by Jim Finkle and Steve Orlofsky)

Nasdaq surges at open after strong Amazon, Microsoft earnings

(Reuters) – The tech-heavy Nasdaq opened 1 percent higher on Friday after stellar results from Amazon, Microsoft and Intel, while a 3 percent drop in Exxon weighed on the Dow and S&P.

The Dow Jones Industrial Average rose 19.80 points, or 0.08 percent, at the open to 24,342.14. The S&P 500 opened higher by 8.53 points, or 0.32 percent, at 2,675.47. The Nasdaq Composite gained 76.84 points, or 1.08 percent, to 7,195.52 at the opening bell.

(Reporting by Sruthi Shankar in Bengaluru; Editing by Shounak Dasgupta)

Tech firms, including Microsoft, Facebook, vow not to aid government cyber attacks

Silhouettes of mobile users are seen next to a screen projection of Microsoft logo in this picture illustration taken March 28, 2018. REUTERS/Dado Ruvic/Illustration

By Dustin Volz

SAN FRANCISCO (Reuters) – Microsoft, Facebook and more than 30 other global technology companies on Tuesday announced a joint pledge not to assist any government in offensive cyber attacks.

The Cybersecurity Tech Accord, which vows to protect all customers from attacks regardless of geopolitical or criminal motive, follows a year that witnessed an unprecedented level of destructive cyber attacks, including the global WannaCry worm and the devastating NotPetya attack.

“The devastating attacks from the past year demonstrate that cyber security is not just about what any single company can do but also about what we can all do together,” Microsoft President Brad Smith said in a statement. “This tech sector accord will help us take a principled path toward more effective steps to work together and defend customers around the world.”

Smith, who helped lead efforts to organize the accord, was expected to discuss the alliance in a speech on Tuesday at the RSA cyber security conference in San Francisco.

The accord also promised to establish new formal and informal partnerships within the industry and with security researchers to share threats and coordinate vulnerability disclosures.

The pledge builds on an idea for a so-called Digital Geneva Convention Smith rolled out at least year’s RSA conference, a proposal to create an international body to protect civilians from state-sponsored hacking.

Countries, Smith said then, should develop global rules for cyber attacks similar to those established for armed conflict at the 1949 Geneva Convention that followed World War Two.

In addition to Microsoft and Facebook, 32 other companies signed the pledge, including Cisco, Juniper Networks, Oracle, Nokia, SAP, Dell and cyber security firms Symantec, FireEye and Trend Micro.

The list of companies does not include any from Russia, China, Iran or North Korea, widely viewed as the most active in launching destructive cyber attacks against their foes.

Major U.S. technology companies Amazon, Apple, Alphabet and Twitter also did not sign the pledge.

(Reporting by Dustin Volz; Editing by Dan Grebler)

Social media companies accelerate removals of online hate speech

A man reads tweets on his phone in front of a displayed Twitter logo in Bordeaux, southwestern France, March 10, 2016. REUTERS/Regis

By Julia Fioretti

BRUSSELS (Reuters) – Social media companies Facebook, Twitter and Google’s YouTube have accelerated removals of online hate speech in the face of a potential European Union crackdown.

The EU has gone as far as to threaten social media companies with new legislation unless they increase efforts to fight the proliferation of extremist content and hate speech on their platforms.

Microsoft, Twitter, Facebook and YouTube signed a code of conduct with the EU in May 2016 to review most complaints within a 24-hour timeframe. Instagram and Google+ will also sign up to the code, the European Commission said.

The companies managed to review complaints within a day in 81 percent of cases during monitoring of a six-week period towards the end of last year, EU figures released on Friday show, compared with 51 percent in May 2017 when the Commission last examined compliance with the code of conduct.

On average, the companies removed 70 percent of the content flagged to them, up from 59.2 percent in May last year.

EU Justice Commissioner Vera Jourova has said that she does not want to see a 100 percent removal rate because that could impinge on free speech.

She has also said she is not in favor of legislating as Germany has done. A law providing for fines of up to 50 million euros ($61.4 million) for social media companies that do not remove hate speech quickly enough went into force in Germany this year.

Jourova said the results unveiled on Friday made it less likely that she would push for legislation on the removal of illegal hate speech.

‘NO FREE PASS’

“The fact that our collaborative approach on illegal hate speech brings good results does not mean I want to give a free pass to the tech giants,” she told a news conference.

Facebook reviewed complaints in less than 24 hours in 89.3 percent of cases, YouTube in 62.7 percent of cases and Twitter in 80.2 percent of cases.

“These latest results and the success of the code of conduct are further evidence that the Commission’s current self-regulatory approach is effective and the correct path forward.” said Stephen Turner, Twitter’s head of public policy.

Of the hate speech flagged to the companies, almost half of it was found on Facebook, the figures show, while 24 percent was on YouTube and 26 percent on Twitter.

The most common ground for hatred identified by the Commission was ethnic origin, followed by anti-Muslim hatred and xenophobia, including expressions of hatred against migrants and refugees.

Pressure from several European governments has prompted social media companies to step up efforts to tackle extremist online content, including through the use of artificial intelligence.

YouTube said it was training machine learning models to flag hateful content at scale.

“Over the last two years we’ve consistently improved our review and action times for this type of content on YouTube, showing that our policies and processes are effective, and getting better over time,” said Nicklas Lundblad, Google’s vice president of public policy in EMEA.

“We’ve learned valuable lessons from the process, but there is still more we can do.”

The Commission is likely to issue a recommendation at the end of February on how companies should take down extremist content related to militant groups, an EU official said.

(Reporting by Julia Fioretti; Additional reporting by Foo Yun Chee; Editing by Grant McCool and David Goodman)