Day: July 16, 2020

The U.S. Federal Bureau of Investigation is investigating Wednesday’s major Twitter hack, in which scammers tapped into high-profile accounts to scam users out of over $100,000 in Bitcoin, the agency confirmed Thursday.  “The FBI is investigating the incident involving several Twitter accounts belonging to high profile individuals that occurred on July 15, 2020. At this time, the accounts appear to have been compromised in order to perpetuate cryptocurrency fraud,” said the FBI’s San Francisco division in a statement. “We advise the public not to fall victim to this scam by sending cryptocurrency or money in relation to this incident.”New York Governor Andrew Cuomo said in a statement Thursday that the state’s Department of Financial Services would also conduct a “full investigation into this massive hack.” On Wednesday, hackers targeted accounts from celebrities and politicians, including Jeff Bezos, Joe Biden, Kim Kardashian and Barack Obama, with tweets that promised to send users back double the money they paid to an anonymous Bitcoin address. The hackers received over $100,000 in cryptocurrency off the brazen attack, according to Bitcoin’s public blockchain records.  Twitter called the breach a “coordinated social engineering attack” in which scammers “successfully targeted some of our employees with access to internal systems and tools.”Our investigation is still ongoing but here’s what we know so far:
— Twitter Support (@TwitterSupport) July 16, 2020One notable exception to the hack was U.S. President Donald Trump, whose verified personal and presidential accounts were unaffected Wednesday, which White House press secretary Kayleigh McEnany confirmed in a press briefing Thursday. She said Trump would stay on Twitter despite the attack.”The president will remain on @Twitter” per @PressSec, asked about yesterday’s Twitter hack targeting verified accounts
“His account was secure & not jeopardized” she says, adding White House has been in touch w/Twitter “to keep Twitter secure, the president’s twitter feed”
— Jeff Seldin (@jseldin) July 16, 2020In a thread, Twitter said it had taken “significant steps to limit access to internal systems and tools” as its own investigation continues.Internally, we’ve taken significant steps to limit access to internal systems and tools while our investigation is ongoing. More updates to come as our investigation continues.
— Twitter Support (@TwitterSupport) July 16, 2020Twitter locked down all verified accounts after the news broke, preventing them from tweeting and resetting passwords. The company also removed the fake tweets from compromised accounts and said it would “restore access to the original account owner only when we are certain we can do so securely.”  Twitter’s blue check mark system, which indicates verified accounts, is supposed to show that a user is authentic.   
…

The number of reported Ebola cases in western Democratic Republic of Congo (DRC) has surpassed the African nation’s 2018 outbreak numbers in the same region, World Health Organization officials said Thursday. “There are now 56 cases, and this is of great concern, particularly as it is now surpassing the previous (2018) outbreak in this area, which was closed off and controlled at a total of 54 cases,” said Dr. Matshidiso Moeti, WHO regional director for Africa, referring to DRC’s Equateur province, a large region bordering the Republic of Congo and the Central African Republic. The challenges of responding to Ebola cases amid the COVID-19 pandemic, he added, are exacerbated by inadequate funding and rough terrain. “The current Ebola outbreak is running into headwinds because cases are scattered across remote areas in dense rain forests,” he said. “This makes for a costly response, as ensuring that responders and supplies reach affected populations is extremely challenging.” Without ramped-up financial support for health education and community engagement, vaccinations, testing, contact tracing and treatment, the $1.75 million in WHO-mobilized funds will last only a few more weeks. WHO also noted some improvements in outbreak response logistics since 2018. Vaccinations began four days after the latest outbreak was announced June 1, in stark contrast to the 2018 outbreak, in which officials waited over two weeks to begin vaccinations. Of the 12,000 vaccinations carried out over the past six weeks, 90% were dispensed in local communities, and over 40,000 homes were visited by health workers — a comparatively intensified local response that health care professional had called for in the wake of prior outbreaks. Of the 56 reported cases in the current outbreak — the central African country’s 11th — 53 are confirmed, and three are probable. Twenty-eight of them were reported in the past three weeks.  The Ebola virus, formerly known as Ebola hemorrhagic fever, is a rare but severe and often fatal illness that spreads through direct contact with bodily fluids, triggering severe vomiting and diarrhea. A separate outbreak of Ebola in Ituri and North Kivu provinces of eastern Congo, which was declared over last month, saw 3,463 confirmed and probable cases, and 2,277 deaths over two years. One of the world’s most impoverished countries, DRC is also facing the world’s largest and fastest-moving measles epidemic, with 310,000 confirmed cases and an estimated 6,000 fatalities — mostly children — since the beginning of 2019. COVID-19 has infected more than 8,199 in the DRC and has claimed 193 lives, according to Johns Hopkins University. 
…

NASA astronauts Chris Cassidy and Robert Behnken stepped outside the International Space Station (ISS) Thursday to continue efforts to complete a three-and-a-half-year project to upgrade the station’s batteries, the space agency said.Cassidy and Behnken have been working to replace aging nickel-hydrogen batteries with new lithium-ion batteries delivered to the station on a Japanese cargo ship in May. In all, NASA said 12 spacewalks will have been performed since January 2017 to change out batteries for eight power channels used to route electricity on the station.Thursday’s extravehicular activity is expected to last up to seven hours.NASA Astronauts Take Space Walk to Upgrade ISS BatteriesSpacewalk continues mission begun last week to upgrade ISS batteriesThe final spacewalk to complete the project is scheduled for next Tuesday and it will be somewhat historic. When the two astronauts once again step outside the ISS that day, it will mark the 300th spacewalk involving U.S. astronauts since Ed White stepped out of his Gemini 4 capsule on June 3, 1965.The space agency said the final two spacewalks will be the 230th and 231st spacewalks in the history of space station assembly, maintenance, and upgrades. They also will be the ninth and 10th for Cassidy and Behnken, who will join former NASA astronauts Michael Lopez-Alegria and Peggy Whitson with the most spacewalks by Americans.
…

A breach in Twitter’s security that allowed hackers to break into the accounts of leaders and technology moguls is one of the worst attacks in recent years and may shake trust in a platform politicians and CEOs use to communicate with the public, experts said Thursday.  The ruse discovered Wednesday included bogus tweets from Barack Obama, Joe Biden, Mike Bloomberg and a number of tech billionaires including Amazon CEO Jeff Bezos, Microsoft co-founder Bill Gates and Tesla CEO Elon Musk. Celebrities Kanye West and his wife, Kim Kardashian West, were also hacked.  Hackers used social engineering to target some of Twitter’s employees and then gained access to the high-profile accounts. The attackers sent out tweets from the accounts of the public figures, offering to send $2,000 for every $1,000 sent to an anonymous Bitcoin address.Cybersecurity experts say such a breach could have dire consequences since the attackers were tweeting from verified, globally influential accounts with millions of followers.”If you receive a tweet from a verified account, belonging to a well-known and therefore trusted person, you can no longer assume it’s really from them,” said Michael Gazeley, managing director of cybersecurity firm Network Box.Reacting to the breach, Twitter swiftly deleted the tweets and locked down the accounts to investigate. In the process it prevented verified users from sending out tweets for several hours.
The company said Thursday it has taken “significant steps to limit access to internal systems and tools.”Many celebrities, politicians and business leaders often use Twitter as a public platform to make statements. U.S. President Donald Trump, for example, regularly uses Twitter to post about national and geopolitical matters, and his account is closely followed by media, analysts and governments around the world.Twitter faces an uphill battle in regaining people’s confidence, Gazeley said. For a start, it needs to figure out exactly the accounts were hacked and show the vulnerabilities have been fixed, he said.”If key employees at Twitter were tricked, that’s actually a serious cybersecurity problem in itself,” he said. “How can one of the world’s most used social media platforms have such weak security, from a human perspective?”Rachel Tobac, CEO of Socialproof Security, said that the breach appeared to be largely financially motivated. But such an attack could cause more serious consequences.”Can you imagine if they had taken over a world leader’s account, and tweeted out a threat of violence to another country’s leader?” asked Tobac, a social engineering hacker who specializes in providing training for companies to protect themselves from such breaches.Social engineering attacks typically target human weaknesses to exploit networks and online platforms. Companies can guard themselves against such attacks by beefing up multi-factor authentication -– where users have to present multiple pieces of evidence as authentication before being allowed to log into a system, Tobac said.Such a process could include having a physical token that an employee must have with them, on top of a password, before they can log into a corporate or other private system. Other methods include installing technical tools to monitor for suspicious insider activities and reducing the number of people who have access to an administrative panel, Tobac said.  U.S. Sen. Josh Hawley called on Twitter to co-operate with authorities including the Department of Justice and the FBI to secure the site.”I am concerned that this event may represent not merely a coordinated set of separate hacking incidents but rather a successful attack on the security of Twitter itself,” he said.He added that millions of users relied on Twitter not just to send tweets but also communicate privately via direct messaging.”A successful attack on your system’s servers represents a threat to all of your users’ privacy and data security,” said Hawley.
  
…

Officials from the European Space Agency, ESA, and its U.S. counterpart, NASA Thursday released the first ever pictures from the agencies’ joint Solar Orbiter mission, including the closest pictures ever taken of the sun.The orbiter was about 77 million kilometers from the sun – about halfway between Earth and the star – when it took the stunning high-resolution pictures last month.During a remote news briefing as the pictures were released, ESA’s Solar Orbiter project scientist, Daniel Müller, said the mission was off to an excellent start. He said, “We didn’t expect such great results so early.”The Belgium Royal Observatory’s David Berghmans, the principal investigator for the  “Extreme Ultraviolet Imagers” (EUI) on board the spacecraft, described the very first high-resolution image they saw from the orbiter, which snapped a picture of the sun’s corona, or outer disc. He said they did not expect to see much – the region of the sun is known as the “quiet corona” for that reason.  But he said the pictures revealed activity they did not expect. “We couldn’t believe this when we first saw this and we started giving it crazy names like ‘campfires’ and ‘dark fibrils’ and ‘ghosts’ and whatever we saw.” He said there was so much they had to start “a new vocabulary” to give names to all the new phenomena they saw.The solar orbiter was launched Feb. 9 from the Kennedy Space Center on Florida’s Cape Canaveral. The mission is designed to provide first-ever close-up views of the sun’s polar regions and observe its magnetic activity.The research could answer decades-old burning questions about the inner workings of our nearest star.
 
…

U.S., British and Canadian officials accused the Kremlin Thursday of being behind a massive and ongoing cyber hack aimed at stealing from Western pharmaceutical companies and academic institutions doing research into coronavirus vaccines and treatment therapies.
 
In a joint statement, the governments of all three countries said the hacking operation started in February and has been unrelenting since.
 
Britain’s National Cybersecurity Center, part of the country’s eavesdropping agency, GCHQ, issued the statement, which was coordinated with counterparts in the U.S. and Canada. Officials identified the Russian hacking group APT29, also nicknamed Cozy Bear, as being behind the hacks.
 
“APT29 has a long history of targeting governmental, diplomatic, think tank, health care and energy organizations for intelligence gain, so we encourage everyone to take this threat seriously and apply the mitigations issued in the advisory,” Anne Neuberger, cybersecurity director at the U.S.’s National Security Agency, said in a statement.
 
Paul Chichester, the National Cybersecurity Center’s director of operations, said, “We condemn these despicable attacks against those doing vital work to combat the coronavirus pandemic.”  
 
Chichester said the Cozy Bear group “almost certainly operates as part of Russian intelligence services.”  
 
All three Western allies are working to try to protect coronavirus-related research and are issuing new cybersecurity advice to pharmaceutical firms, universities and other research institutes.
 
“We would urge organizations to familiarize themselves with the advice we have published to help defend their networks,” Chichester added.
 
The three Western allies first warned in May that state-backed cyber spies were trying to steal coronavirus data, but they did not at that time identify who was behind the assault. Officials briefed reporters off the record that China, Russia and Iran were involved.
 
Cozy Bear, along with a cyber hacking group called Fancy Bear, have been accused by U.S. officials and private cybersecurity companies of hacking the U.S. Democratic Party in 2016 in the run-up to the presidential election.
 
The accusation about the Kremlin-sponsored cyberattacks came just minutes after Britain’s Foreign Secretary Dominic Raab told lawmakers in the House of Commons that Russia had sought to meddle in last year’s British general election.  
 
Raab said it was “almost certain” that Russia attempted to influence the outcome of the election, after documents detailing Anglo-American free trade talks were “illicitly acquired.”FILE – Britain’s Foreign Secretary Dominic Raab leaves the Foreign and Commonwealth Office in central London, July 1, 2020.The trade documents were placed online and were noticed by Britain’s main opposition Labor Party and used in the election campaign to suggest the Conservatives would sign a post-Brexit trade deal with the U.S. that would be more favorable for U.S. businesses.
 
“On the basis of extensive analysis, the government has concluded that it is almost certain that Russian actors sought to interfere in the 2019 general election through the online amplification of illicitly acquired and leaked government documents,” Raab said.
 
He added, “Sensitive government documents relating to the U.K.-U.S. free trade agreement were illicitly acquired before the 2019 general election and disseminated online via the social media platform Reddit. When these gained no traction, further attempts were made to promote the illicitly acquired material online in the run-up to the general election.”
 
Raab said the British government “reserves the right to respond with appropriate measures in the future” — a sign that London is considering imposing additional sanctions on Russia, adding to those already introduced for Russia’s annexation in 2014 of Ukraine’s Crimea region and for a nerve agent attack in England targeting a Russian defector.
 
Russia’s Foreign Ministry spokesperson Maria Zakharova said Raab’s allegations about election meddling were vague.  
 
“The statement is so foggy and contradictory that it’s practically impossible to understand,” she told reporters in Moscow.FILE – Russian Foreign Ministry spokeswoman Maria Zakharova speaks to the media in Moscow, March 29, 2018.Russian officials deny any involvement by the Russian state in coronavirus cyber hacking, saying Moscow’s own vaccine plans are far advanced and claiming Russia could be the first country to roll out mass immunization.
 
Raab’s accusations Thursday come ahead of the scheduled publication next week of a House of Commons report on alleged Russian interference in the general workings of British democracy. That report was completed in May 2018 but was delayed by the government, despite pressure from opposition parties that it be released ahead of last year’s general election, in which Prime Minister Boris Johnson’s Conservative Party won in a landslide victory.
 
U.S. authorities recently accused Chinese spies of trying to steal vaccine information. FBI Director Chris Wray last week said, “At this very moment, China is working to compromise American health care organizations, pharmaceutical companies, and academic institutions conducting essential COVID-19 research.”
 
British officials say that the ongoing and highly targeted hacking operation by Cozy Bear has focused on facilities known to be working on coronavirus vaccines and treatments to overcome COVID-19, the disease caused by the coronavirus. British-based researchers at the University of Oxford and Imperial College London are believed to be among those targeted.
 
Britain’s spy chiefs say the Russian hackers have been using several techniques to try to gain access to information, including spear-phishing and custom malware.
 
An official Downing Street spokesman said, “The attacks which are taking place against scientists and others doing vital work to combat coronavirus are despicable. Working with our allies, we will call out those who seek to do us harm in cyberspace and hold them to account.”
 
Russian officials announced Thursday that Phase 2 trials of a Russian-made coronavirus vaccine will end on Aug. 3, to be followed immediately by a third phase.
 
“The third phase will not only take place in Russia, but also in a number of other countries,” Kirill Dmitriev, head of the Russian Direct Investment Fund, told reporters during an online press conference.  
 
“We expect to receive regulatory approval to start using the Russian vaccine in August-September,” he added.  
The vaccine was developed by Moscow’s Gamalei Institute of Epidemiology, working with the country’s Ministry of Defense.VOA National Security Correspondent Jeff Seldin contributed to this report.
 
…

Can a pregnant woman spread the coronavirus to her fetus?
It’s possible, but it seems to be relatively rare and scientists think they know why that is.
Many viruses can cross the placenta and infect a fetus in the womb, and evidence has been growing that the coronavirus sometimes can too.  
Researchers in Italy studied 31 women with COVID-19 who delivered babies in March and April and found signs of the virus in several samples of umbilical cord blood, the placenta and, in one case, breast milk. But this sort of testing can just detect bits of genetic material — it doesn’t mean there is virus capable of causing infection in those places.
In one case, there was strong evidence suggesting the newborn had the virus at birth because signs of it were found in umbilical cord blood and in the placenta. In another, a newborn had certain coronavirus antibodies that are unable to cross the placenta, so they could not have come from the mother.  
A  report from France gave even stronger evidence of in-the-womb infection, and that newborn was very ill at birth.
Meanwhile, research  led by the National Institutes of Health gives a possible reason for why fetuses aren’t infected more often: cells in the placenta rarely make the two tools that the coronavirus typically uses to gain entry. In contrast, they found plenty of what Zika and another type of virus use.  
Most research so far has been on women who were in late stages of pregnancy when they got the virus; more research is needed on what happens if infection occurs earlier in pregnancy.
The advice to pregnant women remains the same: wear a mask in public, wash hands often and stay at least 6 feet away from others to avoid infection.
…

The European Union’s top court ruled Thursday that an agreement that allows thousands of companies — from tech giants to small financial firms — to transfer data to the United States is invalid because the American government can snoop on people’s data.
The ruling to invalidate Privacy Shield will complicate business for some 5,000 companies, and it could require regulators to vet any new data transfers to make sure Europeans’ personal information remains protected according to the EU’s stringent standards.
It will no longer simply be assumed that tech companies like Facebook will adequately protect the privacy of its European users’ data when it sends it to the U.S. Rather, the EU and U.S. will likely have to find a new agreement that guarantees that Europeans’ data is afforded the same privacy protection in the U.S. as it is in the EU.
Privacy activists hailed the court ruling as a major victory, while business groups worried about the potential to disrupt commerce, depending on how the ruling is implemented. Companies like Facebook routinely move such data among their servers around the world and the practice underpins billions of dollars in business.  
“It is clear that the U.S. will have to seriously change their surveillance laws, if U.S. companies want to continue to play a major role on the EU market,” said Max Schrems, an Austrian activist whose complaints about the handling of his Facebook data triggered the ruling after years of legal procedures.
He first filed a complaint in 2013, after former U.S. National Security Agency contractor Edward Snowden revealed that the American government was snooping on people’s online data and communications. The revelations included detail on how Facebook gave U.S. security agencies access to the personal data of Europeans.
Though the legal case was triggered by concerns over Facebook in particular, it could have far-reaching implications not only for tech companies but also businesses in sectors like finance and the auto industry.  
Things like email, flight and hotel reservations would not be affected in the short term, experts say. Cloud services by providers like Microsoft will also continue, pending any intervention from a regulator.
Companies use legal mechanisms called standard contractual clauses that force businesses to abide by strict EU privacy standards when transferring messages, photos and other information. The clauses — which are stock terms and conditions — are used to ensure the EU rules are maintained when data leaves the bloc.
The Court of Justice of the EU ruled Thursday that those clauses are still valid in principle. However, it declared invalid the Privacy Shield agreement between the U.S. and EU on data transfers over concerns that the U.S. can demand access to consumer data for national security reasons.
It said that in cases where there are concerns about data privacy, EU regulators should vet, and if needed block, the transfer of data. That raises the prospect that EU regulators will block Facebook, for example, from transferring any more European data to the U.S.
The court noted in its ruling that there are “limitations on the protection of personal data arising from the domestic law of the United States on the access and use by U.S. public authorities of such data transferred from the European Union to that third country.”
Government surveillance of personal data is something the U.S. in its turn accuses China of doing through tech companies  like Huawei. It highlights the growing importance of data as the basis of modern business and politics globally.  
Data drives much of the world’s biggest companies, like Facebook, Google, Alibaba and Amazon, and is also prized for national security to prevent extremist attacks, for example. Mining large sets of people’s data has also become crucial to winning elections, such as the use of Facebook data for Donald Trump’s presidential victory in 2016.
Alexandre Roure, a senior manager at Computer & Communications Industry Association, said the decision “creates legal uncertainty for the thousands of large and small companies on both sides of the Atlantic that rely on Privacy Shield for their daily commercial data transfers.  
“We trust that EU and U.S. decision-makers will swiftly develop a sustainable solution, in line with EU law, to ensure the continuation of data flows which underpins the trans-Atlantic economy.” 
…