For at least the third time since the beginning of this year, the U.S. government is investigating a hack against federal agencies that began during the Trump administration but was only recently discovered, according to senior U.S. officials and private sector cyber defenders. It is the latest supply chain cyberattack, highlighting how sophisticated, often government-backed groups are targeting vulnerable software built by third parties as a steppingstone to sensitive government and corporate computer networks. The new government breaches involve a popular virtual private network (VPN) known as Pulse Connect Secure, which hackers were able to break into as customers used it. More than a dozen federal agencies run Pulse Connect Secure on their networks, according to public contract records. An emergency cybersecurity directive last week demanded that agencies scan their systems for related compromises and report back. The results, collected Friday and analyzed this week, show evidence of potential breaches in at least five federal civilian agencies, said Matt Hartman, a senior official with the U.S. Cybersecurity Infrastructure Security Agency. “This is a combination of traditional espionage with some element of economic theft,” said one cybersecurity consultant familiar with the matter. “We’ve already confirmed data exfiltration across numerous environments.” The Ivanti logo and cyber binary codes are seen in this illustration taken April 20, 2021.The maker of Pulse Connect Secure, Utah-based software company Ivanti, said it expected to provide a patch to fix the problem by this coming Monday, two weeks after it was first publicized. Only a “very limited number of customer systems” had been penetrated, it added. Over the last two months, CISA and the FBI have been working with Pulse Connect Secure’s maker and victims of the hack to kick out the intruders and uncover other evidence, said another senior U.S. official who declined to be named but is responding to the hacks. The FBI, Justice Department and National Security Agency declined to comment. The U.S. government’s investigation into the Pulse Connect Secure activity is still in its early stages, said the senior U.S. official, who added the scope, impact and attribution remain unclear. Security researchers at U.S. cybersecurity firm FireEye and another firm, which declined to be named, say they’ve watched multiple hacking groups, including an elite team they associate with China, exploiting the new flaw and several others like it since 2019. FILE – Security firm FireEye’s logo is seen outside the company’s offices in Milpitas, California.In a statement last week, Chinese Embassy spokesperson Liu Pengyu said China “firmly opposes and cracks down on all forms of cyberattacks,” describing FireEye’s allegations as “irresponsible and ill-intentioned.” The use of VPNs, which create encrypted tunnels for connecting remotely to corporate networks, has skyrocketed during the COVID-19 pandemic. Yet with the growth in VPN usage so too has the associated risk. “This is another example in a recent pattern of cyber actors targeting vulnerabilities in widely used VPN products as our nation largely remains in remote and hybrid work postures,” Hartman said. Three cybersecurity consultants involved in responding to the hacks told Reuters that the victim list is weighted toward the United States and so far includes defense contractors, civilian government agencies, solar energy companies, telecommunications firms and financial institutions. The consultants also said they were aware of fewer than 100 combined victims so far between them, suggesting a fairly narrow focus by the hackers. Analysts believe the malicious operation began around 2019 and exploited older flaws in Pulse Connect Secure and separate products made by cybersecurity firm Fortinet before invoking the new vulnerabilities. Hartman said the civilian agency hacks date to at least June 2020. Hacking the supplyA recent report by the Atlantic Council, a Washington think tank, studied 102 supply chain hacking incidents and found they surged the last three years. Thirty of the attacks came from government-backed groups, primarily in Russia and China, the report said. The Pulse Connect Secure response comes as the government is still grappling with the fallout of three other cyberattacks. FILE – The SolarWinds logo is seen outside its headquarters in Austin, Texas, Dec. 18, 2020.The first is known as the SolarWinds hack, in which suspected Russian government hackers commandeered the company’s network management program to burrow inside nine federal agencies. A weakness in Microsoft’s email server software, named Exchange, exploited by a different group of Chinese hackers, also required a massive response effort, although there was ultimately no impact to federal networks, according to U.S. officials. Then a weakness at a maker of programming tools called Codecov left thousands of customers exposed inside their coding environments, the company disclosed this month. Some government agencies were among the customers whose credentials were taken by the Codecov hackers for further access to code repositories or other data, according to a person briefed on the investigation. Codecov, the FBI and the Department of Homeland Security declined to comment on that case. The U.S. plans to address some of these systemic issues with an upcoming executive order that will require agencies to identify their most critical software and promote a “bill of materials” that demands a certain level of digital security across products sold to the government. “We think [this is] the most impactful way to really impose costs on these adversaries and make it that much harder,” said the senior U.S. official.
…
Day: April 29, 2021
Regulators are moving to ban menthol-flavored cigarettes and cigars, the U.S. Food and Drug Administration announced Thursday.The move follows years of pressure from advocates who say that the tobacco products are targeted at African Americans and are responsible for higher death rates in this group from illnesses brought on by smoking.“Today’s action by the FDA to ban menthol-flavored cigarettes, while long overdue, is a major step toward preventing a new generation from becoming tobacco users and saving lives,” said Susan R. Bailey, president of the American Medical Association.Companies have aggressively marketed menthol cigarettes in African American communities, according to the U.S. Centers for Disease Control and Prevention. More than 85% of African Americans who smoke use menthol cigarettes, compared with 46% of Hispanics and 29% of whites, the FDA noted.“For far too long, certain populations, including African Americans, have been targeted, and disproportionately impacted by tobacco use,” FDA Center for Tobacco Products Director Mitch Zeller said in a statement.Menthol soothes the irritation that tobacco smoke causes. Since the cigarettes are easier to smoke, an FDA review found that new smokers were more likely to start smoking and become regular users.By encouraging more people to start and making it harder for them to stop, a study found that menthol cigarettes were responsible for an extra 10.1 million people becoming smokers between 1980 and 2018.Congress banned flavored cigarettes in 2009, but the law exempted menthol. Instead, it instructed the government to study the impacts of menthol on public health.FDA’s 2013 review determined that “menthol cigarettes pose a public health risk above that seen with non-menthol cigarettes.”Public health groups petitioned the FDA to ban menthol cigarettes. The FDA proposed a ban in 2018 but did not follow through.Groups sued in 2020. Thursday was a court-ordered deadline for the FDA to respond to the petition.Some groups have expressed concerns that making menthol cigarettes illegal would make criminals of people who still sought them, disproportionately affecting minority communities.Zeller said that would not happen.”The FDA cannot and will not enforce against individual consumer possession or use of menthol cigarettes or any tobacco products,” he said. “Our job will be to make sure that any unlawful tobacco products do not make their way onto the market.”The agency aims to have a final rule in place within a year, officials said. But the effort may run into legal obstacles.Tobacco companies disagree with the FDA’s assessment of the risks.”As was true when the FDA first examined menthol in 2013, and as the published literature continues to demonstrate, there is no scientific basis to regulate menthol and non-menthol cigarettes differently,” said R.J. Reynolds Tobacco Company spokesperson Neassa Hollon.
…
Pope Francis has issued an anti-corruption decree requiring Vatican managers, including cardinals, to sign a declaration attesting they are not being investigated or have not been found guilty of terrorism, money-laundering or tax evasion. The new regulations are part of the pope’s long battle against corruption inside Vatican’s walls.Since his election in 2013, Pope Francis has been battling corruption inside the Vatican and his decree issued Thursday mandates full economic disclosure and controls for all managers working for the city state, including cardinals. They will be required to sign a declaration when they are appointed attesting that they have never been convicted of a crime. They will also be required to declare that they are not under investigation for offenses including money laundering, corruption, fraud, exploitation of minors or tax evasion.Vatican managers will also have to declare they are investing funds that are consistent with the Catholic Church’s social doctrine. In addition, the decree states that they will not be allowed to use tax havens or accept any work-related gifts that are worth more than $48. They also cannot hold real estate obtained with illegal funds.FILE – Police officers patrol an empty St. Peter’s Square at the Vatican, April 10, 2020.Last May, Pope Francis issued another decree tightening the rules on Vatican departments to secure contracts. But the pope’s latest anti-corruption crackdown is the toughest since he took office eight years ago to ensure Vatican City employees are not involved in illegal financial activity.For the past two years, prosecutors have been investigating allegations of corruption in a Vatican investment into a London property deal. The Vatican has been involved in numerous financial scandals and the pope has made clear he would battle corruption from the outset of his pontificate.Pope Francis has spoken out about the issue of corruption on many occasions. One of those times was during a trip to Kenya, two years after being elected.Cases of corruption, he said, are found not only in politics, but in all institutions and inside the Vatican as well. Corruption, he added, is something that hits us inside. It’s like sugar, it’s sweet, we like it. It’s easy. But then, the pope concluded, it ends badly.The pope’s new decree made clear that Vatican employees must adhere to “internationally accepted regulations and best practices” that require transparency to fight “conflicts of interest, patronage practices and corruption in general.” Moneyval, the Council of Europe’s Committee that evaluates anti-money laundering measures and the financing of terrorism, is expected to publicly release its report soon, which also includes details on the Holy See’s adherence to combat those practices.
…
The Pew Research Center released Thursday an analysis of 2019 U.S. Census Bureau data showing the population of Asian Americans reached 24 million people.
The Washington-based research group previously projected that population will reach 46 million people by 2060, and that by that time Asian Americans will be the largest immigrant group in the United States.
It said Thursday nearly all the Asian American population comes from 19 Asian origin groups, and that Chinese Americans account for 23% of the Asian population.
In terms of geographical distribution, Pew said 45% percent of Asian Americans live in western states, while 24% live in southern states.
Pew reported that in 2017, about 14% of the 10.5 million unauthorized immigrants in the United States were people from Asia.
It said overall 57% of Asian Americans were born in another country.
Between 2000 and 2019, according to Pew, the number of people with Bhutanese, Nepalese and Burmese origin grew at the fastest rates, while the number of Laotians and Japanese grew at the slowest rates.
…
India set new records again Thursday in COVID-19 deaths and infections as its new vaccination registration program stumbled while millions of voters nonetheless turned out for an election in the state of West Bengal.Under the weight of a disastrous second surge of the disease, India’s efforts to begin registering its 1.4 billion people for inoculations stumbled Wednesday when the government launched a website for all Indians 18 and older to sign up for a vaccination drive that is set to begin Saturday.Many people flooded social media with complaints, however, that either the website had crashed or they were unable to make an appointment.The problems with the website come as the health ministry reported a record 379,257 new COVID-19 cases Thursday, including 3,645 fatalities, marking yet another one-day record for fatalities. The new figures have pushed India’s coronavirus casualty numbers well over 18.3 million total confirmed cases and 204,832 deaths, according to Johns Hopkins Coronavirus Resource Center.Manika Goel, sits next to her husband who is suffering from the COVID-19 inside the emergency ward at Holy Family hospital in New Delhi, India, April 29, 2021.The second wave of the coronavirus has pushed India’s health care system to the brink of collapse, with hospitals at full capacity and an acute shortage of oxygen aggravating an already desperate situation. Many parks and parking lots have been converted into makeshift crematories that are working day and night to burn dead bodies.Public health experts have blamed the spread on more contagious variants of the virus, plus the easing of restrictions on large crowds when the outbreak appeared to be under control earlier this year.West Bengal votingDespite the worsening crisis and soaring temperatures, many of the more than 8 million eligible voters in West Bengal state formed long lines at some of the more 11,800 polling stations Thursday to vote in the eighth and final phase of state elections.Indian women voters wearing face masks as a precaution against the coronavirus wait outside a polling station to cast their votes during the last phase of West Bengal state elections in Kolkata, April 29, 2021.Prime Minister Narendra Modi and his Bharatiya Janata Party were criticized over the last few weeks for holding massive election rallies in West Bengal. Health experts have suggested the rallies may have contributed to a record surge in the state, which recorded more than 17,000 new cases over the last day, its highest since the pandemic began.Other political parties also held rallies in the state.India’s vaccination drive has dragged at a slow pace since it was launched in January, with only 1.7% of the population fully vaccinated. The country has a shortage of COVID-19 vaccines as it struggles with a lack of raw materials needed to manufacture doses.The international community has responded by shipping critical supplies to India, including ventilators, oxygen concentrators, drug treatments and the raw materials necessary to develop vaccines.This photograph released by Indian External Affairs Ministry shows a shipment of oxygen concentrators, ventilators and other medical supplies arrived from Russia to India, April 29, 2021.The White House says an initial shipment of medical supplies worth $100 million will begin arriving in India on Thursday, including 1,000 oxygen cylinders, 15 million N95 face masks and 1 million rapid diagnostic tests, along with the raw materials that will allow India to manufacture 20 million doses of the AstraZeneca two-dose vaccine.The U.S. State Department issued a travel advisory Wednesday urging Americans not to travel to India, becoming the latest country to impose a warning or outright prohibition on visiting the country.Meanwhile, the head of Australia’s drug regulatory agency said Thursday there is no evidence the AstraZeneca vaccine was responsible for the deaths of two people shortly after their inoculations.Two men in North South Wales state, including one in his 70s, died within days after receiving the vaccine.John Skerritt, the head of the government’s Therapeutic Goods Administration, told reporters the men’s deaths are being investigated, but said “the current evidence does not suggest a likely association” between the deaths and the vaccination.The AstraZeneca vaccine has had a troubled rollout across the world, with many nations suspending its use after reports first surfaced of a severe side effect that combines blood clots with low platelet counts following inoculation, including a handful of deaths.
…
The U.N. General Assembly encouraged all countries Wednesday to take action to prevent drownings, which have caused over 2.5 million deaths in the past decade, over 90% of them in low-income and middle-income countries.The resolution, co-sponsored by Bangladesh and Ireland and adopted by consensus by the 193-member world body, is the first to focus on drowning. It establishes July 25 as “World Drowning Prevention Day.”The assembly stresses that drowning “is preventable” using “low-cost interventions” and calls on countries to consider introducing water safety, swimming and first aid lessons as part of school curricula. It encourages nations to appoint “a national focal point for drowning prevention,” develop countrywide prevention programs, and enact and enforce water safety laws.Unlike Security Council resolutions, General Assembly resolutions are not legally binding but they do reflect global opinion.According to the United Nations, the world’s highest drowning rates are in Africa while the highest number of drowning deaths are in Asia.”Drowning is a social equity issue that disproportionately affects children and adolescents in rural areas, with many countries reporting drowning as the leading cause of childhood mortality and drowning being among the 10 leading causes of death globally for 5- to 14-year-olds,” the resolution says.It notes “with concern” that the official global estimate of 235,000 annual deaths from drowning excludes drownings attributed to flood-related climate events and water transport incidents. This has resulted “in the underrepresentation of drowning deaths by up to 50 percent in some countries,” it says.The assembly says that “water-related disasters increasingly affect millions of people globally,” in part due to the escalating impact of climate change, “and that flooding affects more people than any other natural hazard, with drowning being the main cause of death during floods.”Bangladeshi Ambassador Rabab Fatima told the assembly after the resolution’s adoption: “The imperative to act on drowning is not simply moral or political. The economic cost is equally untenable.”
He said drowning is a leading cause of child mortality in Bangladesh and in the South Asia region, and the resolution’s call for preventive action is urgent.Ireland’s U.N. ambassador, Geraldine Byrne Nason, called the resolution and designation of July 25 as a day for the world to focus on preventing drowning a moment “to highlight the immediate need for strategic and significant international action to save lives and prevent hundreds of thousands of preventable deaths.”Former New York Mayor Michael Bloomberg, the World Health Organization’s global ambassador for noncommunicable diseases and injuries, said: “Encouraging governments to adopt effective measures to prevent drowning will save thousands of lives and call attention to this urgent public health issue.””We have the tools to prevent these deaths – and need to act on them now,” he said in a statement.
…
An FBI operation that gave law enforcement remote access to hundreds of computers to counter a massive hack of Microsoft Exchange email server software is a tool that is likely to be deployed “judiciously” in the future as the Justice Department, aware of privacy concerns, develops a framework for its use, a top national security official said Wednesday.The department this month announced that it had obtained a warrant from a federal judge in Texas to remove web shells, or malicious code that gives hackers a foothold into networks, from hundreds of vulnerable computers affected by a hack that Microsoft has blamed on a group operating from China.The FBI operation was designed to disrupt the effects of a hack that affected many thousands of servers running the Microsoft Exchange email program. Many victims took steps on their own to safeguard their systems, but for those that who did not, the Justice Department stepped in to do it for them with a judge’s approval.It was the virtual equivalent of police going around the neighborhood locking doors that criminals had opened remotely.”We have a decision to make, which is are we going to go ahead and do that action ourselves or are we just going to leave that malware there, sort of unremediated,” said Assistant Attorney General John Demers, speaking at a virtual discussion hosted by the Project for Media & National Security at George Washington University.He said the operation was one of the very first of its kind and was the subject of extensive discussion by the FBI and the Justice Department. The department is figuring out how it plans to use that capability in the future.”We don’t yet have sort of worked out what our criteria are going to be going forward,” Demers said. “Now that we’ve had this experience, that’s the kind of discussion we’re having internally now.”This is not a tool of first resort that we’re going to be using a couple times a week as different intrusions come up,” he added. “This does require working with the private sector on the right solution. It does require testing to be sure that you’re not going to otherwise disrupt someone’s computer system.”Such operations will be done judiciously in the future, he said.Demers acknowledged concerns from some privacy advocates that the government, without permission of the computer system operators, had gained remote access and removed the web shells.But he pointed out that the department did obtain a judge’s permission and said the government felt compelled to act because, after a period of several weeks, there were still unremediated web shells that continued to serve as access point for “hackers of all stripes.””And so the choice that the government had was just continue to leave those open or take the court-authorized action that we did, and ultimately we decided to move ahead,” Demers said. “But to the extent possible before then, we had been notifying every victim that we could identify of the intrusion.”
…
The International Council of Nurses warned Thursday that the world was facing a nursing crisis and could expect a significant shortage — perhaps a reduction by half — in the global nursing workforce of 27 million in the next few years.The council said its latest survey of 64 national nursing associations found disputes over pay, working conditions, violence and intimidation were causing nurses to leave their profession.There’s also the COVID-19 effect. The report found lack of protection and long, stressful shifts were having a profound impact on the mental health of nurses across the globe.ICN Chief Executive Officer Howard Catton said politicians and leaders have recognized the value of nurses in terms of their care and compassion. However, he said, they have not recognized their value to society and compensated them accordingly.“And that, I think is very much also at the heart of the discontent, the unhappiness, some of the actions that we are seeing from nurses around the world — this chasm between the rhetoric, the positive rhetoric for nurses but the paucity of practical action and practical responses to support nurses,” he said.Strikes in several countriesStrikes over nurses’ pay and working conditions have broken out in Zimbabwe, Lebanon, Northern Ireland, the United States and elsewhere. The report said disputes, growing discontent and concerns such as protection at work were undermining people’s interest in pursuing a career in nursing.Another problem confronting the profession, said Catton, is the disruption of nurses’ education by the pandemic. He said that was resulting in a six-to-12-month delay in certifying new nurses.”So, those delays in the pipeline coming through, the rising discontent, unhappiness — both, we think, again have the potential to impact negatively on both recruitment to the nursing profession and the retention of those nurses that we already have,” he said.These issues and concerns exist throughout the world but are more pronounced in low- and middle-income countries. That is leading to a growing brain drain. The report noted a significant exodus of nurses in developing countries going to richer nations, where pay and conditions are better.At the same time, the ICN report said, some of the richer countries are actively seeking to recruit nurses in the poorer countries to reduce the shortages they are experiencing.
…