Report: China Sitting on Trove of American Citizen Data

While a Chinese spy balloon was drifting over the United States, China-affiliated hackers were busy infiltrating computer networks both domestically and worldwide, as per a new report from a prominent cybersecurity company.

CrowdStrike’s annual global threat report reveals that cyber espionage groups associated with China have targeted almost every continent and 39 different industries. North America accounted for roughly a quarter of these attacks, with the majority being aimed at China’s Asian neighbors. The report notes that China’s hacking tactics have grown more sophisticated in response to advancements in cybersecurity.

“They’re endemic at this point — they’re everywhere,” said Adam Meyers, CrowdStrike’s head of intelligence.

According to U.S. officials, China engages in network hacking to gather intelligence, similar to the U.S. However, unlike the U.S., China also targets private companies to steal their intellectual property, which the U.S. government denies doing.

China consistently denies that, while a top American intelligence official once called Chinese hacking of Western companies “the greatest transfer of wealth in history.”

“Hacking remains the chief Chinese espionage activity,” said James Lewis, a cybersecurity expert at the Center for Strategic and International Studies. “Hacking is where they make their money — the balloon doesn’t even register.”

According to U.S. officials, China engages in network hacking to gather intelligence, similar to the U.S. However, unlike the U.S., China also targets private companies to steal their intellectual property, which the U.S. government denies doing.

According to Lewis and other experts, in 2015, President Barack Obama reached an agreement with the Chinese government, which resulted in a brief reduction of Chinese hacking targeting American companies. However, this reduction was not permanent.

Meyers asserts that Chinese President Xi Jinping agreed to the deal because the People’s Liberation Army was restructuring its cyber units, and he knew that Chinese hacking activities would be reduced temporarily anyway. China has denied hacking to obtain trade secrets.

Meyers added that Chinese hacking has been on the rise since 2017.

Chinese hackers have upped their game significantly, he added. 

What once were mostly “smash and grab” operations have morphed into sophisticated campaigns to steal credentials and slip quietly into networks. 

The report by CrowdStrike revealed that over 66% of the breaches documented last year did not involve malware, indicating that the attackers gained entry into the systems using valid login credentials, such as passwords. Such credentials are typically acquired by tricking users into divulging their passwords through malicious emails or links.

During a November session of the House Homeland Security Committee, FBI Director Christopher Wray declared China’s hacking initiative as the “largest in the world.”

“They have stolen more Americans’ personal and business data than every other nation combined,” Wray added.

The CrowdStrike report also documented a significant uptick in destructive Russian cyberattacks aimed at Ukraine as the war there has unfolded. But it said there were no significant spillover effects into networks beyond Ukraine.

And the report says cybercriminals, including ransomware gangs, “continue to operate at a phenomenal rate.”

China Accused of “Laser Attack”

On Monday, the Philippine military called on China to control its forces and avoid any actions that could be considered “provocative.” This statement was made after Manila accused China’s coast guard of using a laser to disrupt a resupply mission to Philippine troops in the South China Sea.

The Philippine coast guard reported that a Chinese coast guard ship aimed a “military-grade laser” at their vessel, temporarily blinding its crew, while they were delivering food and supplies to troops stationed on an atoll in the disputed waterway on February 6.

Military spokesperson Medel Aguilar stated, “It is time for the Chinese government to restrain its forces and avoid any actions that could endanger the lives of people.”

Aguilar also quoted the Philippine defense chief as saying the action of the Chinese coast guard was “offensive” and “unsafe.”

The incident took place at the Second Thomas Shoal, 105 nautical miles (195 km) off the Philippine province of Palawan, which is the temporary home of a small contingent of military aboard a rusty ship.

The 330-foot World War II ship was intentionally grounded at the shoal, known locally as Ayungin, in 1999 to reinforce Manila’s sovereignty claims in the Spratly archipelago.

“The deliberate blocking of the Philippine government ships to deliver food and supplies to our military personnel…is a blatant disregard for, and a clear violation of, Philippine sovereign rights,” the PCG said in a statement.

Images supplied by the Philippines showed a green light emanating from a Chinese vessel with bow number 5205.

The Chinese embassy in Manila did not immediately respond to a request for comment. China has said it was ready to manage maritime issues “cordially” with the Philippines during President Ferdinand Marcos Jr’s visit to Beijing in January.

Marcos’ office declined to comment, referring reporters to the PCG statement.

It is not the first time China has been accused of using lasers in the region.

In February last year, Australia accused Beijing of an ‘act of intimidation’ after a Chinese navy vessel directed a laser at an Australian military surveillance aircraft.

The reported bid to block the Philippine resupply mission comes as Marcos has expressed openness to forging a Visiting Forces Agreement (VFA) with Japan to boost maritime security.

Marcos visited Japan last week to forge closer security ties with Tokyo, which in December announced its biggest military-build up since World War Two, fueled by concerns about aggressive Chinese actions in the region.

The Philippine president also recently granted the United States access to additional military bases in the Philippines under a VFA, a move that China said undermined regional stability and raised tensions. The VFA provides rules for the rotation of thousands of U.S. troops in and out of the Philippines for exercises.

Musk Claims Twitter Employees Started Fauci Fan Club

Twitter CEO Elon Musk said employees for the platform had a Slack channel called “Fauci Fan Club” for those who supported Anthony Fauci, the director of the National Institute of Allergy and Infectious Disease and President Biden’s chief medical adviser. 

Musk made the comment in a Twitter post on Wednesday as part of a thread in which he accused Fauci of backing gain-of-function research, in which an organism is genetically modified to enhance some biological function. 

It can strengthen a pathogen’s ability to cause disease to allow scientists to understand its potential for starting a pandemic and inform public health preparedness efforts, according to the Department of Health and Human Services. 

Musk was responding to a post from software engineer Marc Andreessen in which Andreessen posted a screenshot stating that it is not accurate to say Fauci has ever lied about his work or public health efforts. 

Some Republican senators like Sen. Rand Paul (Ky.) have accused the National Institutes of Health (NIH) of funding gain-of-function research at the Wuhan Institute of Virology, but Fauci has denied this. 

Gain-of-function research is common and is often performed in cells and organisms like mice and worms, but it has become controversial when working with pathogens, The Washington Post reported. An increasing number of scientists have said that gain-of-function research with pathogens can be potentially dangerous if not done with the proper safety precautions. 

The Wuhan Institute of Virology has become central in one theory of how the COVID-19 pandemic started — that a pathogen accidentally leaked from a lab and started the pandemic. 

The World Health Organization has said that the origins of the pandemic are uncertain but the theory that a lab leak caused it needs to be studied. 

Some conservative critics of Fauci have pointed to a grant that the NIH awarded to a nongovernmental organization called EcoHealth Alliance to conduct genetic analyses of bat coronaviruses. Fauci has acknowledged that the study took place in the Wuhan lab, but he said it was not designed for gain-of-function research into human-made superviruses. 

“Despite these glaring issues, Twitter nonetheless had an internal Slack channel unironically called ‘Fauci Fan Club,’” Musk tweeted. 

Musk has previously called for prosecuting Fauci, tweeting earlier this month that his pronouns are “Prosecute/Fauci,” to which he received backlash online.

Zuckerberg Loses 90 Billion in One Year

Meta Platforms stock plunged nearly 24% Thursday after the Facebook parent missed earnings targets and flagged sales will keep falling as its digital ad business struggles.

The social-media giant posted another decline in revenue in its third-quarter earnings update published after the bell Wednesday. It also reported billions of dollars of losses for its metaverse-linked Reality Labs unit, an investment that has come under fire from analysts.

Shares in Meta were 24% lower at $99.04 at last check in premarket trading, wiping around $80 billion off the company’s market value.

The tech giant reported third-quarter earnings of $1.64 per share, well short of the $1.89 expected, according to Refinitiv. Its revenue for the quarter came in at $27.71 billion, compared with a $27.38 billion target, as sales dropped by 4%.

In a sign of challenges ahead, Meta issued a fourth-quarter revenue forecast of between $30 billion and $32.5 billion, compared with analysts’ expectations for $32.2 billion. 

Stocks in leading tech companies have dropped this week, thanks to a fallback in spending on digital advertising as the economy slows. Google parent Alphabet’s shares tumbled 9.6% Wednesday after its quarterly earnings report, as analysts warned that a decline in its YouTube and Google Network revenue pointed to more pain ahead.

The results showed Meta’s virtual reality-focused Reality Labs business burned through $3.7 billion in the third quarter. That takes its total losses this year to $9 billion, and to almost $20 billion since the start of 2021.

Meta CEO Mark Zuckerberg’s unprofitable pivot to the metaverse is hammering his company’s profitability and weighing on its stock price, analysts said.

“The roll out and take up of the group’s virtual reality products leaves a lot to be desired, despite the seemingly never-ending upwards spiral of the research and development budget,” Hargreaves Lansdown’s lead equity analyst Sophie Lund-Yates said.

Meta’s shares were down just over 61% for the year so far as of Wednesday’s close, before the earnings report. That drop significantly outpaces the benchmark S&P 500 stock index’ 20% decline for the same period.

Russia’s New Weapon: Suicide Drones

Waves of explosive-laden suicide drones struck Ukraine’s capital and other cities as families were preparing to start their week early Monday, the blasts echoing across Kyiv, setting buildings ablaze and sending people scurrying to shelters. The assaults reportedly killed at least eight people and came after a week of massive, coordinated Russian air strikes across the country.

Russia has repeatedly denied targeting civilians in Ukraine, but as CBS News senior foreign correspondent Holly Williams reported, one of the neighborhoods hit in Kyiv on Monday is packed with apartment buildings, schools and restaurants.  

Apartment blocks and a non-residential building were set alight in the capital’s central Shevchenko district, Kyiv Mayor Vitali Klitschko said. 

Ukraine’s first lady Olena Zelenska tweeted photos of the damage in the capital and said three people were killed when a drone hit the apartment building, including a pregnant woman. 

“Civilians, children, pregnant women — the ones RF [Russian Federation] is actually fighting with,” said Zelenska, vowing that “Ukrainians will never forget who murdered our relatives.”  

Emergency services later said a total of four people were killed in the strike on the building in the capital, and four others in drone strikes on the Sumy region.

News photographers caught images of some of the drones as they flew into Kyiv, with triangle-shaped wings and a pointed warhead clearly visible against the blue sky. Drones came in several waves and buzzed overhead with angry hums from their engines. 

Videos posted to social media, including one seemingly taken by the body-camera worn by a member of Ukraine’s national police force, showed security forces taking aim at the small aircraft from the ground with rifles.

Russian strikes over the past week have hit apartment buildings and other civilian infrastructure, but also targeted infrastructure, including power facilities. Ukrainian Prime Minister Denys Shmygal said the strikes on Monday hit critical energy infrastructure in three regions, knocking out electricity to hundreds of towns and villages.

“Russian terrorists once again attacked the energy infrastructure of Ukraine in three regions,” Shmygal said, noting five strikes in Kyiv, in addition to attacks in the Dnipropetrovsk and Sumy regions. “Hundreds of settlements were cut off as a result of the attack,” he said.

Explosions were heard from the same central Kyiv district where a missile strike a week ago tore a hole in a children’s playground.

Andrii Yermak, the head of the Ukrainian president’s office, wrote in a post on the Telegram social media site that Russian forces struck Kyiv with Iranian Shahed drones.

Russia has repeatedly been using the so-called suicide drones in recent weeks to target urban centers and infrastructure, including power stations.  

“The Russians think it will help them, but it shows their desperation,” he said, according to AFP.

“All night and all morning, the enemy terrorizes the civilian population,” Ukraine’s President Volodymyr Zelenskyy said Monday. “Kamikaze drones and missiles are attacking all of Ukraine. The enemy can attack our cities but it won’t be able to break us.”

Strikes in central Kyiv became a rarity in the last several months after Russian forces failed to capture the capital in the beginning of the war. Last week’s early morning strikes were the first explosions heard in Kyiv’s city center in several months and put Kyiv as well as the rest of the country back on edge as the war nears the nine month mark.

Monday’s blasts seemed to continue what many fear could become more common occurrences in urban centers.

Russian President Vladimir Putin said last week’s strikes were in retaliation for the bombing of a bridge connecting the Crimean peninsula with the Russian mainland. Putin blames Ukraine for masterminding the blast, which suspended traffic over the bridge and curtailed Moscow’s ability to use the bridge to supply Russian troops in the occupied regions of southern Ukraine. 

The strike on Kyiv comes as fighting has intensified in the eastern regions of Donetsk and Luhansk in recent days, as well as the continued Ukrainian counteroffensive in the south near Kherson and Zaporizhzhia.

Zelenskyy said in his evening address Sunday that there was heavy fighting around the cities of Bakhmut and Soledar in the Donetsk region. The Donetsk and Luhansk regions make up the bulk of the industrial east known as the Donbas, and were two of four regions annexed by Russia in September in defiance of international law.

On Sunday, the Russian-backed regime in the Donetsk region said Ukraine had shelled its central administrative building in a direct hit. No casualties were reported.

$1.2 Billion Metaverse Has 38 Active Users

For Mark Zuckerberg, this news could mean the end of his empire.

Metaverse project Decentraland, a sandbox environment that allows users to buy and sell virtual real estate, isn’t exactly teeming with people. Despite billions of dollars in valuations, companies betting on a metaverse future simply haven’t made much headway.

In fact, according to data aggregator DappRadar, the Ethereum-based world Decentraland only had 38 “active users” over a period of 24 hours — a confoundingly low number, especially considering the company has a market cap of a whopping $1.2 billion.

Decentraland pushed back, though, saying that “active users” are defined as unique blockchain wallet addresses that interact with its system. As CoinDesk explains, that means users who simply log in to chat or interact with others aren’t being counted.

“DappRadar doesn’t track our users, only people interacting with our contracts,” Decentraland’s creative director Sam Hamilton told CoinDesk, adding that the platform averages around 8,000 users on an average day.

Active Users

Of course, even 8,000 users on a given day is dismal for something that’s supposed to be the future of online communities. And if blockchain is the underlying economic mechanism of the endeavor, it’s outright embarrassing if only a few dozen transactions are happening per day.

In short, it’s a perfect example of the kind of massive disparity between market value and actual users that has been plaguing the Web3 world for years, and could also be indicative of a serious slowdown in appetite for virtual real estate and other blockchain-related assets, including cryptocurrencies and NFTs.

Vaporverse

Decentraland’s Twitter account also attempted to do some damage control, writing that the platform saw “1,074 users interacting with smart contracts” in all of September.

All told, though, none of these numbers really amount to much, given the amount of money being poured into metaverse platforms like Decentraland.

And that doesn’t bode well for the future of the metaverse.

“Anyone telling you that there’s a metaverse today that has worked is lying through their teeth,” Sasha Fleyshman, portfolio manager at digital asset investment firm Arca, told CoinDesk.

White House Releases AI Bill of Rights

West World Robots rejoice!

The White House published a list of guidelines for the artificial intelligence industry meant to protect users from abuses from algorithms maintained by companies and agencies.

The guidelines, identified as the “Blueprint for an AI Bill of Rights,” were released by the White House Office of Science and Technology Policy on Tuesday and offer a list of five principles for ensuring users are protected from abuse empowered by the technology as it grows in prominence.

The bill of rights encourages designers to make sure that users are “protected from unsafe or ineffective” automated systems, to prohibit discriminatory use of algorithms, to build protections into products that will prevent “abusive data practices,” to ensure that systems are transparent, and to allow users to “opt-out” in favor of a human alternative when appropriate.

“Technologies will come and go, but foundational liberties, rights, opportunities, and access need to be held open, and it’s the government’s job to help ensure that’s the case,” Alondra Nelson, OSTP deputy director for science and society, told WIRED . “This is the White House saying that workers, students, consumers, communities, everyone in this country should expect and demand better from our technologies.”

The bill is currently opt-in, meaning that companies can ignore the guidelines unless federal agencies and Congress decide to enforce or expand them. Multiple federal agencies have stated that they intend to provide additional guidance on the technology, according to the Washington Post .

This includes the Department of Education issuing recommendations for AI use in schools by 2023, the Department of Health and Human Services releasing a related vision by the end of 2022, and the Department of Housing and Urban Development issuing guidelines for the use of algorithms in screening tenants.

The bill’s opt-in nature makes it difficult for the White House to rein in the abuse of AI by Big Tech in the near term. When asked why the blueprint does not mention bans as an option for controlling AI harms, a senior administration official noted that the document’s focus was shielding people from the tech that harms their rights, not prohibiting any specific technology.

The United States is not the only country attempting to curb the misuse of AI. The European Union is considering legislation that would rein in AI.

Fed: All New Cars Will Check Alcohol Level

The National Transportation Safety Board is recommending that all new vehicles in the U.S. be required to have blood alcohol monitoring systems that can stop an intoxicated person from driving.

The recommendation, if enacted by the National Highway Traffic Safety Administration, could reduce the number of alcohol-related crashes, one of the biggest causes of highway deaths in the U.S.

The new push to make roads safer was included in a report released Tuesday about a horrific crash last year in which a drunk driver collided head-on with another vehicle near Fresno, California, killing both adult drivers and seven children.

“Technology could’ve prevented this heartbreaking crash — just as it can prevent the tens of thousands of fatalities from impaired-driving and speeding-related crashes we see in the U.S. annually,” NTSB Chair Jennifer Homendy said in a statement. “We need to implement the technologies we have right here, right now to save lives.”

NHTSA said this week that roadway deaths in the U.S. are at crisis levels. Nearly 43,000 people were killed last year, the greatest number in 16 years, as Americans returned to roads after pandemic stay-at-home orders. An estimated 20,175 people have died in motor vehicle traffic crashes in the first half of 2022, according to the agency. Since 2000, more than 230,000 people have died in crashes involving alcohol-impaired drivers, NHTSA said. 

Early estimates show fatalities rising again through the first half of this year, but they declined from April through June, which authorities are hoping is a trend.

The NTSB, which has no regulatory authority and can only ask other agencies to act, said the recommendation is designed to put pressure on NHTSA to move. It could be effective as early as three years from now.

“We see the numbers. We need to make sure that we’re doing all we can to save lives,” Homendy said.

The NTSB, she said, has been pushing NHTSA to explore alcohol monitoring technology since 2012. “The faster the technology is implemented the more lives that will be saved,” she said.

The recommendation also calls for systems to monitor a driver’s behavior, making sure they’re alert. She said many cars now have cameras pointed at the driver, which have the potential to limit impaired driving.

Can tech save lives?

Homendy acknowledged that perfecting the alcohol tests will take time. “We also know that it’s going to take time for NHTSA to evaluate what technologies are available and how to develop a standard.”

A message was left Tuesday seeking comment from NHTSA. The agency and a group of 16 automakers have been jointly funding research on alcohol monitoring since 2008, forming a group called Driver Alcohol Detection System for Safety.

The group has hired a Swedish company to research technology that would automatically test a driver’s breath for alcohol and stop a vehicle from moving if the driver is impaired, said Jake McCook, spokesman for the group. The driver wouldn’t have to blow into a tube, and a sensor would check the driver’s breath, McCook said.

Another company is working on light technology that could test for blood alcohol in a person’s finger, he said. Breath technology could be ready by the end of 2024, while the touch technology would come about a year later.

It could take one or two more model years after automakers get the technology for it to be in new vehicles, McCook said.

Once the technology is ready, it will take years for it to be in most of the roughly 280 million vehicles on U.S. roads.

Under last year’s bipartisan infrastructure law, Congress required NHTSA to make automakers install alcohol monitoring systems within three years. The agency can seek an extension. In the past it has been slow to enact such requirements.

The legislation doesn’t specify the technology, only that it must “passively monitor” a driver to determine if they are impaired.

11,654 alcohol-related deaths

In 2020, the most recent figures available, 11,654 people died in alcohol-related crashes, according to NHTSA data. That’s about 30% of all U.S. traffic deaths, and a 14% increase over 2019 figures, the last full year before the coronavirus pandemic, the NTSB said.

In the fatal crash included in the report, a 28-year-old driver of an SUV was headed home from a 2021 New Year’s Day party where he had been drinking. The SUV went off the right side of State Route 33, crossed the center line and hit a Ford F-150 pickup truck head-on near Avenal, California.

The pickup was carrying 34-year-old Gabriela Pulido and seven children ages 6 to 15 home after a trip to Pismo Beach. The truck quickly caught fire and bystanders couldn’t save the passengers, the NTSB said.

The SUV driver’s blood alcohol level was 0.21%, nearly three times California’s legal limit. He also had marijuana in his system, but the agency said the alcohol was more than enough to severely impair his driving. The SUV was traveling 88-to-98 miles per hour (142 to 158 kilometers per hour), the report said.

Juan Pulido, 37, whose wife and four children were killed in the crash, said he’s happy the NTSB is pushing for alcohol monitoring because it could stop another person from losing loved ones. “It’s something that their families have to live with,” he said. “It doesn’t go away tomorrow.”

Pulido’s lawyer, Paul Kiesel, said driver-monitoring systems also could stop crashes caused by medical problems or drowsiness, saving anguish and billions in hospital treatment costs.

Military Invents Real World Iron Man Suit

The US Army is about to receive a lightweight, unpowered exoskeleton suit called the Soldier Assistive Bionic Exosuit for Resupply (SABER), which can increase the strength and endurance of soldiers, DEVCOM Army Public Affairs Office said in a press release.

SABER weighs just three pounds and is a harness that soldiers strap around their shoulders and legs. All a soldier has to do to activate the suit is press a button on the left shoulder. When activated, the exoskeleton suit reduces stress on soldiers’ backs by more than 100 pounds while lifting all sorts of heavy items, such as ammo boxes, artillery rounds, and .50 caliber machine guns. Testing showed that most soldiers had a 60% increase in endurance while wearing the suit.

Researchers at Vanderbilt designed SABER and worked with soldiers in the 101st Airborne Division to test exoskeleton suits in heavy-lifting field scenarios. The exosuit addresses the need to reduce injury and fatigue, which are critical to combat readiness.

“We spent the first few months focused on interviewing, observing, and spending time with Soldiers.

“We didn’t try to create Iron Man — a complex, full-body, rigid, unrealistic suit. Instead, we started by deeply understanding Soldier needs to develop a lightweight, low-profile, non-powered wearable tool that helps provide much-needed assistance without slowing Soldiers down or interfering with other operational tasks,” said Dr. Karl Zelik, associate professor of mechanical engineering, Vanderbilt University.

In the last five years, we’ve kept readers abreast with the Army’s development of exoskeleton suits, including Army Tests New ‘AI-Controlled-Exoskeleton’ Super-Soldier and Army Starts Testing “Ironman-Like” Exoskeleton For Future Hybrid Wars

SABER received high marks after 90% of soldiers who wore the suits after operational field testing in May said they would perform their duties much better.

Production of the suits will start in late 2022 by HeroWear, a Nashville-based industrial exosuit manufacturer. The goal is for hundreds of soldiers to be utilizing the suits in 2023.

We have noted the Defense Advanced Research Projects Agency (DARPA) wants ‘Ironman-like’ suits on the modern battlefield.

Ireland Suing Zuckerberg for Nearly $500 Million?

Irish regulators are slapping Instagram with a big fine after an investigation found the social media platform mishandled teenagers’ personal information in violation of strict European Union data privacy rules.

Ireland’s Data Protection Commission said by email Monday that it made a final decision last week to fine the company 405 million euros ($402 million), though the full details won’t be released until next week.

The penalty is the second-biggest issued under the EU’s stringent privacy rules, after Luxembourg’s regulators fined Amazon 746 million euros last year.

Instagram parent Meta, which also owns Facebook, said that while it had “engaged fully” with regulators throughout the investigation, “we disagree with how this fine was calculated and intend to appeal it.”

The Irish watchdog’s investigation centered on how Instagram displayed the personal details of users ages 13 to 17, including email addresses and phone numbers. The minimum age for Instagram users is 13.

The investigation began after a data scientist found that users, including those under 18, were switching to business accounts and had their contact information displayed on their profiles. Users were apparently doing it to see statistics on how many likes their posts were getting after Instagram started removing the feature from personal accounts in some countries to help with mental health.

Instagram said the inquiry focused on “old settings” that were updated more than a year ago, and it has since released new privacy features for teens, including automatically setting their accounts to private when they join.

“We’re continuing to carefully review the rest of the decision,” the company said.

Under the EU’s data privacy rules, the Irish watchdog is the lead regulator for many U.S. tech companies with European headquarters in Dublin.

The watchdog has a raft of other inquiries into Meta-owned companies. Last year, it fined WhatsApp 225 million euros for breaching rules on transparency about sharing people’s data with other Meta companies.

Up ↑