YCLOAK

Instagram and Snapchat are the worst social media platform for young people’s mental health, and YouTube is the most positive, a new study suggests.

The ranking comes in a report from the British Royal Society for Public Health, which ranked the sites’ impact on young people.

“Social media has been described as more addictive than cigarettes and alcohol, and is now so entrenched in the lives of young people that it is no longer possible to ignore it when talking about young people’s mental health issues,” said Shirley Cramer, the chief executive of the RSPH.

“It’s interesting to see Instagram and Snapchat ranking as the worst for mental health and well being, both platforms are very image-focused and it appears they may be driving feelings of inadequacy and anxiety in young people.”

For the study, researchers surveyed about 1,500 young people age 14 to 24 from Britain, asking them to score the impact social media sites had on 14 “health and well-being” issues. Those include anxiety, depression, quality of sleep, body image, loneliness and real-world friendships and connections.

According the RSPH, YouTube was the most positive, followed by Twitter, Facebook, Snapchat and Instagram.

“Social media has dramatically shifted how we socialize, communicate, and form relationships with each other,” said Laci Green, a professional health YouTuber with 1.5 million subscribers. “Its impact cannot be understated.”

She added that since Instagram and Facebook “present highly curated versions of the people we know and the world around us, it is easy for our perspective of reality to become distorted.”

To combat the negative influence of social media, the researchers recommend adding pop ups that warn users of heavy usage, which was supported by 71 percent of the people surveyed.

Another recommendation is for social media companies that can tell from a user’s post that they’re in distress could discretely point them toward help. That was supported by 80 percent of those surveyed. Finally, nearly 70 percent said social media sites should note when a photo has been manipulated.

“As the evidence grows that there may be potential harms from heavy use of social media, and as we upgrade the status of mental health within society, it is important that we have checks and balances in place to make social media less of a wild west when it comes to young people’s mental health and well being,” said Cramer. “We want to promote and encourage the many positive aspects of networking platforms and avoid a situation that leads to social media psychosis which may blight the lives of our young people.”
…

Amazon founder Jeff Bezos has promised to donate $1 million to support press freedom, the Reporters Committee for Freedom of the Press announced Tuesday.

“This generous gift will help us continue to grow, to offer our legal and educational support to many more news organizations, and to expand our services to independent journalists, nonprofit newsrooms and documentary filmmakers,” Reporters Committee Chairman David Boardman said. “We’ll also be better positioned to help local newsrooms, the places hit hardest by the disruption in the news industry and whose survival is every bit as crucial to American democracy as those entities headquartered in Washington and New York.”

The gift from Bezos, who also owns The Washington Post newspaper, is the largest the organization has ever received.

The Reporters Committee also announced that it will support First Look Media and help administer its Media Press Freedom Defense Fund of up to $6 million. First Look Media was established by eBay founder Pierre Omidyar.

Bezos and Omidyar have cited a need for efforts to support an independent press.

Last month, Omidyar’s philanthropy, the Omidyar Network, promised $100 million over the next three years to support journalism and fight fake news.
…

According to a recent analysis, in about 15 years, depending on the country, up to 38 percent of jobs performed by humans may be turned over to robots. Experts who gathered last week at a robotic expo in Paris say we have to prepare for the new reality if we want to avoid disruptive social changes. VOA’s George Putic reports.
…

There are an estimated 39 million blind people in the world. Another 200 million, people like Julissa Marquez, are visually impaired. A knife attack left her with a less than 10 percent chance of having useful vision. But some new technology has literally opened her eyes. VOA’s Kevin Enochs reports.
…

Several hundred middle school and high school students from Senegal and surrounding countries spent last week in Dakar building robots. Organizers of the annual robotics competition say the goal is to encourage African governments and private donors to invest more in science and math education throughout the continent. Ricci Shryock reports for VOA from Senegal’s capital.
…

A tattoo artist in California has created what many of us can’t imagine — a tattoo that also produces sound. Artist Nate Siggard inks audio soundwaves onto the skin that makes it possible to hear music or someone’s voice by using a smartphone app. VOA’s Deborah Block explains how he does it.
…

Several hundred middle school and high school students from Senegal and surrounding countries spent last week in Dakar building robots. Organizers of the annual robotics competition say the goal is to encourage African governments and private donors to invest more in science and math education throughout the continent.

The hum of tiny machines fills a fenced-off obstacle course, as small robots compete to gather mock natural resources such as diamonds and gold.

The robots were built by teams of young people gathered in Dakar for the annual Pan-African Robotics Competition.

‘Made in Africa’

The event’s founder, Sidy Ndao, says this year’s theme is “Made in Africa,” and focuses on how robotics developed in Africa could help local economies.

“We have noticed that most countries that have developed in the likes of the United States have based their development on manufacturing and industrialization, and African countries on the other hand are left behind in this race,” Ndao said. “So we thought it would be a good idea to inspire the kids to tell them about the importance of manufacturing, the importance of industry, and the importance of creation and product development.”

During the week, the students were split into three groups.

The first group worked on robots that could automate warehouses. The second created machines that could mine natural resources, and the third group was tasked to come up with a new African product and describe how to build it.

Building a robot a team effort

Seventeen-year-old Rokyaha Cisse from Senegal helped her team develop a robot that sends sound waves into the ground to detect the presence of metals and then start digging.

Cisse says it is very interesting and fun, and they are learning new things, as well as having their first opportunity to handle robots.

As part of a younger team, Aboubacar Savage from Gambia said their robot communicates with computers.

“It is a robot that whatever you draw into the computer, it translates it and draws it in real life,” Savage said. “It is kind of hard. And there is so much competition, but we are trying. I have learned how to assemble a robot. I have learned how to program into a computer.”

The event’s founder, Ndao, is originally from Senegal, but is now a professor at the University of Nebraska’s Lincoln College of Engineering in the United States.

“I have realized how much the kids love robotics and how much they love science,” Ndao said “You can tell because when it is time for lunch, we have to convince them to actually leave, and then [when] it is time to go home, nobody wants to leave.”

Outsourced jobs cost Africa billions

A winning team was named in each category, but Ndao hopes the real winners will be science and technology in Africa.

The organizers of the Next Einstein Forum, which held its annual global gathering last year in Senegal, said Africa is currently missing out on $4 billion a year by having to outsource jobs in science, technology, engineering, and mathematics to expatriates.

Ndao said African governments and private investors need to urgently invest more on education in those fields, in particular at the university level.
…

Several hundred middle school and high school students from Senegal and surrounding countries spent last week in Dakar building robots, and organizers hoped to encourage African governments and private donors to invest more in science and math education throughout the continent.
…

Russian cybercriminals used malware planted on Android mobile devices to steal from domestic bank customers and were planning to target European lenders before their arrest, investigators and sources with knowledge of the case told Reuters.

Their campaign raised a relatively small sum by cybercrime standards — more than 50 million roubles ($892,000) — but they had also obtained more sophisticated malicious software for a modest monthly fee to go after the clients of banks in France and possibly a range of other western nations.

Russia’s relationship to cybercrime is under intense scrutiny after U.S. intelligence officials alleged that Russian hackers had tried to help Republican Donald Trump win the U.S. presidency by hacking Democratic Party servers.

The Kremlin has repeatedly denied the allegation.

The gang members tricked the Russian banks’ customers into downloading malware via fake mobile banking applications, as well as via pornography and e-commerce programs, according to a report compiled by cybersecurity firm Group-IB, which investigated the attack with the Russian Interior Ministry.

The criminals — 16 suspects were arrested by Russian law enforcement authorities in November last year — infected more than a million smartphones in Russia, on average compromising 3,500 devices a day, Group-IB said.

The hackers targeted customers of state lender Sberbank, and also stole money from accounts at Alfa Bank and online payments company Qiwi, exploiting weaknesses in the companies’ SMS text message transfer services, said two people with direct knowledge of the case.

Although operating only in Russia before their arrest, they had developed plans to target large European banks including French lenders Credit Agricole, BNP Paribas and Societe General, Group-IB said.

A BNP Paribas spokeswoman said the bank could not confirm this information, but added that it “has a significant set of measures in place aimed at fighting cyberattacks on a daily basis.” Societe General and Credit Agricole declined comment.

The gang, which was called “Cron” after the malware it used, did not steal any funds from customers of the three French banks. However, it exploited the bank service in Russia that allows users to transfer small sums to other accounts by sending an SMS message.

Having infected the users’ phones, the gang sent SMS messages from those devices instructing the banks to transfer money to the hackers’ own accounts.

The findings illustrate the dangers of using SMS messages for mobile banking, a method favored in emerging countries with less advanced internet infrastructure, said Lukas Stefanko, a malware researcher at cybersecurity firm ESET in Slovakia.

“It’s becoming popular among developing nations or in the countryside where access to conventional banking is difficult for people,” he said. “For them it is quick, easy and they don’t need to visit a bank. … But security always has to outweigh consumer convenience.”

Cybercriminals

The Russian Interior Ministry said a number of people had been arrested, including what it described as the gang leader.

This was a 30-year-old man living in Ivanovo, an industrial city 300 km (185 miles) northeast of Moscow, from where he had commanded a team of 20 people across six different regions.

Four people remain in detention while the others are under house arrest, the ministry said in a statement.

“In the course of 20 searches across six regions, police seized computers, hundreds of bank cards and SIM cards registered under fake names,” it said.

Group-IB said the existence of the Cron malware was first detected in mid-2015, and by the time of the arrests the hackers had been using it for under a year.

The core members of the group were detained on November 22 last year in Ivanovo. Photographs of the operation released by Group-IB showed one suspect face down in the snow as police in ski masks handcuffed him.

The Cron hackers were arrested before they could mount attacks outside Russia, but plans to do that were at an advanced stage, said the investigators.

Group-IB said that in June 2016 they had rented a piece of malware designed to attack mobile banking systems, called Tiny.z for $2,000 a month. The creators of the Tiny.z malware had adapted it to attack banks in Britain, Germany, France, the United States and Turkey, among other countries.

The Cron gang developed software designed to attack lenders including the three French groups, it said, adding it had notified these and other European banks at risk.

A spokeswoman for Sberbank said she had no information about the group involved. However, she said: “Several groups of cybercriminals are working against Sberbank. The number of groups and the methods they use to attack us change constantly.”

“It isn’t clear which specific group is being referred to here because the fraudulent scheme involving Android OS [operating system] viruses is widespread in Russia and Sberbank has effectively combated it for an extensive period of time.”

Alfa Bank did not provide a comment. Qiwi did not respond to multiple requests for comment.

Google, the maker of Android, has taken steps in recent years to protect users from downloading malicious code and by blocking apps which are insecure, impersonate legitimate companies or engage in deceptive behaviors.

A Google spokesman said: “We’ve tracked this malware family for several years and will continue to take action on its variants to protect our users.”

Fake mobile apps

The Russian authorities, bombarded with allegations of state-sponsored hacking, are keen to show Russia too is a frequent victim of cybercrime and that they are working hard to combat it. The interior and emergencies ministries, as well as Sberbank, said they were targeted in a global cyberattack earlier this month.

Since the allegations about the U.S. election hacking, further evidence has emerged of what some Western officials say is a symbiotic relationship between cyber criminals and Russian authorities, with hackers allowed to attack foreign targets with impunity in return for cooperating with the security services while Moscow clamps down on those operating at home.

The success of the Cron gang was facilitated by the popularity of SMS-banking services in Russia, said Dmitry Volkov, head of investigations at Group-IB.

The gang got their malware on to victims’ devices by setting up applications designed to mimic banks’ genuine apps. When users searched online, the results would suggest the fake app, which they would then download. The hackers also inserted malware into fake mobile apps for well-known pornography sites.

After infecting a customer’s phone, the hackers were able to send a text message to the bank initiating a transfer of up to $120 to one of 6,000 bank accounts set up to receive the fraudulent payments.

The malware would then intercept a confirmation code sent by the bank and block the victim from receiving a message notifying them about the transaction.

“Cron’s success was due to two main factors,” Volkov said.

“First, the large-scale use of partner programs to distribute the malware in different ways. Second, the automation of many [mobile] functions which allowed them to carry out the thefts without direct involvement.”
…

Leaked Facebook documents reveal the company walks a fine line between free speech and violent or hateful content.

The Guardian newspaper says it obtained the “more than 100 internal training manuals, spreadsheets and flowcharts” outlining how the social media giant decides what content can stay and what gets taken down.

According to the documents, Facebook does allows certain posts that contain violent language. For example, it’s OK to post “let’s beat up fat kids,” but prohibited to post “someone shoot Trump.”

“People commonly express disdain or disagreement by threatening or calling for violence in generally facetious and unserious ways,” reads one of the documents.

Images showing non-sexual physical abuse or bullying of children as long as there is not a “sadistic or celebratory element.” Live streams of people harming themselves is also allowed, the documents say because Facebook doesn’t want to “censor or punish people in distress.”

A Facebook representative said the company’s top priority is keeping users safe.

“We work hard to make Facebook as safe as possible while enabling free speech,” said Monica Bickert, Facebook’s head of global policy management. “This requires a lot of thought into detailed and often difficult questions, and getting it right is something we take very seriously.”

Facebook has been under increased pressure to prevent violent content from appearing, as a stream of violent videos have been allowed to stay on the site for hours before being deleted.

One particularly gruesome video showed the brutal murder of Cleveland grandfather Robert Godwin in a crime posted on Facebook Live.

The company recently hired 3,000 more humans to help curb objectionable material, and The Guardian documents reveal the moderators are overwhelmed with requests to review material.

“These reviewers will also help us get better at removing things we don’t allow on Facebook, like hate speech and child exploitation, “ Facebook founder Mark Zuckerberg wrote in a post about the hiring. “And we’ll keep working with local community groups and law enforcement who are in the best position to help someone if they need it – either because they’re about to harm themselves, or because they’re in danger from someone else.”

The company also employs algorithms to mark objectionable content.

Facebook also faces criticism when it does take down material deemed offensive.

Last fall, the company removed an iconic photo showing a naked Vietnamese girl running from a napalm attack during the Vietnam War. Facebook later allowed the image to be posted.
…

China’s biggest online retailer, JD.com Inc., announced plans Monday to develop drone aircraft capable of carrying a ton or more for long-distance deliveries.

 

The company said it will test the drones on a network it is developing to cover the northern Chinese province of Shaanxi. It said they will carry consumer goods to remote areas and farm produce to cities.

 

JD.com, headquartered in Beijing, says it made its first deliveries to customers using smaller drones in November. Other e-commerce brands including Amazon.com Inc. also are experimenting with drones for delivery.

“We envision a network that will be able to efficiently transport goods between cities, and even between provinces, in the future,” the chief executive of JD’s logistics business group, Wang Zhenhui, said in a statement.

JD.com operates its own nationwide network of thousands of delivery stations manned by 65,000 employees. The company says it has 235 million regular customers.

 

Drones are part of the industry’s response to the challenge of expanding to rural areas where distances and delivery costs rise.

 

Drone delivery in China and other countries faces hurdles including airspace restrictions and the need to avoid collisions with birds and other obstacles. In the United States, regulators allow commercial drone flights only on an experimental basis.

 

A 1-ton payload is heavier than what most drones available now can carry, though some can carry hundreds of kilograms and major drone makers are working on devices able to carry more.

 

China is home to the world’s biggest manufacturer of civilian drones, DJI, in the southern city of Shenzhen.

 

JD.com said its planned drone delivery network in Shaanxi would cover a 300-kilometer (200-mile) radius and have drone air bases throughout the province.

 

The company said it will set up a research-and-development campus with the Xi’an National Civil Aerospace Industrial Base to develop and manufacture drones.

 

JD.com earlier reported first-quarter revenue rose 41.2 percent over a year ago to 76.2 billion yuan ($11.1 billion). It reported profit of 843.1 million yuan ($122.4 million) compared with a loss of 864.9 million yuan a year earlier.
…

Robot teammates and “snake” arms that can find a crack .005 millimeter long were just two of the U.S. military’s latest technological innovations on display at the Pentagon this week.

The Defense Laboratory Enterprise showcased more than 80 exhibits on its biennial Lab Day on Thursday. The enterprise is a network of 63 defense laboratories, warfare centers and engineering centers that operate across the United States, and the event provided the Defense Department community with an up-close look at projects in various stages of development and readiness.

Here are some of VOA’s favorites:

Soldier Visual Integrated Technology

Imagine a soldier comes across a suspicious object that she has never seen before. As she stops to explore, she immediately sees an enemy fighter and has to spring into action without time to fully raise her weapon’s sight up to her eye. And she’s unable to see another enemy lurking around the corner.

With Soldier Visual Integrated Technology, the soldier can better see her surroundings and needs less time to react to dangers accurately.

Ronald Geer, a staff sergeant assigned to the Army’s Communications-Electronics Research, Development and Engineering Center, says SVIT wirelessly links three pieces of technology on the soldier: a reticle eyepiece, a thermal device on the gun and a communications system attached to the chest.

“What this is going to do is increase my speed and lethality on the battlefield, especially in a close combat situation,” Geer said. “I don’t have to worry so much about raising my weapon to an exact point where I’m able to view through this [his thermal device], because as I raise the weapon, what this is looking at, I’m able to immediately see pulled into the reticle device.”

The connectivity also allows soldiers to use their guns to see what’s around a corner without having to move their bodies into harm’s way.

SVIT updates in real time as well, providing a way to virtually “mark” obstacles or enemy weaponry so that other soldiers can see what the SVIT user views.

Remote Access Nondestructive Evaluation

Jokingly called a “snake on a plane” by some at the Air Force Research Laboratory, R.A.N.D.E. (pronounced Randy) is a robotic arm that can wriggle through an opening as small as 7 centimeters to inspect the interior of aircraft wings or other structures without dismantling them.

Senior Materials Engineer Charles Buynak told VOA that any sensing device can be attached to R.A.N.D.E. to look for minute structural defects.

“We’re looking for things on the order of 1/50,000th of an inch [.00508mm] — before a crack becomes a major thing … and becomes a serious problem to the aircraft,” Buynak said.

The system is driven by a controller from an Xbox 360 home video game console. Buynak said that makes R.A.N.D.E. easy for young operators to use. Another reason is that the Air Force wanted to take advantage of technologies already available.

“Why go spend money developing something that’s easily available that we can adapt to our application here?” he said.

Robots as teammates

The U.S. Army is developing ways to use robots not as tools but as teammates. The Army Research Laboratory displayed several robots this week that can be used as hosts for developing software algorithms for artificial intelligence and machine learning purposes.

Stuart Young, chief of the Asset Control and Behavior Branch, told VOA the goal is to protect soldiers by using technology to “manipulate unknown objects in an unknown world.”

His team is trying to develop AI algorithms that can generalize and understand what’s going on in a robot’s environment. “And then once we have that information,” Young said, “we can manipulate it to accomplish the mission that the robot needs to accomplish.”

Such robot missions could range from breaching an enemy’s defensive position to removing improvised explosive devices, or just moving large objects out of the way while soldiers are in a safer location.
…

One day instead of visiting a doctor in person for health information or searching online, you could be asking for advice from a medical expert’s avatar. A new app is being developed that can be used on a smartphone to ask a virtual doctor about various medical conditions and their treatments. VOA’s Deborah Block has more on this innovative technology.
…

A couple of things about the WannaCry cyberattack are certain. It was the biggest in history and it’s a scary preview of things to come. But one thing is a lot less clear: whether North Korea had anything to do with it.

 

Despite bits and pieces of evidence that suggest a possible North Korea link, experts warn there is nothing conclusive yet, and a lot of reasons to be dubious.

 

Within days of the attack, respected cybersecurity firms Symantec and Kaspersky Labs hinted at a North Korea link. Google researcher Neel Mehta identified coding similarities between WannaCry and malware from 2015 that was tied to the North. And the media have since spun out stories on Pyongyang’s league of hackers, its past involvement in cyberattacks and its perennial search for new revenue streams, legal or shady.

Meet Lazarus

 

But identifying hackers behind sophisticated attacks is a notoriously difficult task. Proving they are acting under the explicit orders of a nation state is even trickier.

 

When experts say North Korea is behind an attack, what they often mean is that Pyongyang is suspected of working with or through a group known as Lazarus. The exact nature of Lazarus is cloudy, but it is thought by some to be a mixture of North Korean hackers operating in cahoots with Chinese “cyber-mercenaries” willing to at times do Pyongyang’s bidding. 

 

Lazarus is a serious player in the cybercrime world.

 

It is referred to as an “advanced persistent threat” and has been fingered in some very sophisticated operations, including an attempt to breach the security of dozens of banks this year, an attack on the Bangladesh central bank that netted $81 million last year, the 2014 Sony wiper hack and DarkSeoul, which targeted the South Korean government and businesses.

 

“The Lazarus Group’s activity spans multiple years, going back as far as 2009,” Kaspersky Labs said in a report last year. “Their focus, victimology, and guerrilla-style tactics indicate a dynamic, agile and highly malicious entity, open to data destruction in addition to conventional cyberespionage operations.”

WannaCry doesn’t fit

 

But some experts see the latest attack as an anomaly.

 

WannaCry infected more than 200,000 systems in more than 150 countries with demands for payments of $300 in Bitcoin per victim in exchange for the decryption of the files it had taken hostage. Victims received warnings on their computer screens that if they did not pay the ransom within three days, the demand would double. If no ransom was paid, the victim’s data would be deleted. 

 

As ransomware attacks go, that’s a pretty typical setup.

 

But that’s not — or at least hasn’t been — the way North Korean hackers are believed to work. 

 

“This is not part of the previously observed behavior of DPRK cyberwar units and hacking groups,” Michael Madden, a visiting scholar at the Johns Hopkins School of Advanced International Studies and founder of North Korea Leadership Watch, said in an email to The Associated Press. “It would represent an entirely new type of cyberattack by the DPRK.” 

 

Madden said the North, officially known as the Democratic People’s Republic of Korea, if it had a role at all, could have instead been involved by giving or providing parts of the packet used in the attack to another state-sponsored hacking group with whom it is in contact. 

 

“This type of ransomware/jailbreak attack is not at all part of the M.O. of the DPRK’s cyberwar units,” he said. “It requires a certain level of social interaction and file storage, outside of those with other hacking groups, that DPRK hackers and cyberwar units would not engage. Basically they’d have to wait on Bitcoin transactions, store the hacked files and maintain contact with the targets of the attack.”

Attack not strategic

 

Other cybersecurity experts question the Pyongyang angle on different grounds. 

 

James Scott, a senior fellow at the Institute for Critical Infrastructure Technology, a cybersecurity think tank, argues that the evidence remains “circumstantial at best,” and believes WannaCry spread because of luck and negligence, not sophistication.

 

“While it is possible that the Lazarus group is behind the WannaCry malware, the likelihood of that attribution proving correct is dubious,” he wrote in a recent blog post laying out his case. “It remains more probable that the authors of WannaCry borrowed code from Lazarus or a similar source.”

 

Scott said he believes North Korea would likely have attacked more strategic targets — two of the hardest-hit countries, China and Russia, are the North’s closest strategic allies — or tried to capture more significant profits. 

 

Very few victims of the WannaCry attack appear to have paid up. As of Friday, only $91,000 had been deposited in the three Bitcoin accounts associated with the ransom demands, according to London-based Elliptic Enterprises, which tracks illicit Bitcoin activity.
…

Robots can see well enough to drive a car. Computers can hear our voices and respond to commands. VOA’s Arturo Martinez and Steve Baragona report that engineers are breaking through the next sensation frontier for robots: touch. Steve Baragona narrates.
…

Virgin Galactic’s Beth Moses, who received the Adler Planetarium’s “Women in Space Science Award” this year, views the opportunity for widely available space flight as a unifying endeavor for humanity. As Kane Farabaugh reports from Chicago, Moses is telling students about space flight as a way to motivate them to pursue careers like hers.
…

Two-thirds of those caught up in the past week’s global ransomware attack were running Microsoft’s Windows 7 operating system without the latest security updates, a survey for Reuters by security ratings firm BitSight found.

Researchers are struggling to try to find early traces of WannaCry, which remains an active threat in hardest-hit China and Russia, believing that identifying “patient zero” could help catch its criminal authors.

They are having more luck dissecting flaws that limited its spread.

Security experts warn that while computers at more than 300,000 internet addresses were hit by the ransomware strain, further attacks that fix weaknesses in WannaCry will follow that hit larger numbers of users, with more devastating consequences.

“Some organizations just aren’t aware of the risks; some don’t want to risk interrupting important business processes; sometimes they are short-staffed,” said Ziv Mador, vice president of security research at Israel’s SpiderLabs Trustwave.

“There are plenty of reasons people wait to patch and none of them are good,” said Mador, a former long-time security researcher for Microsoft.

WannaCry’s worm-like capacity to infect other computers on the same network with no human intervention appear tailored to Windows 7, said Paul Pratley, head of investigations & incident response at UK consulting firm MWR InfoSecurity.

Data from BitSight covering 160,000 internet-connected computers hit by WannaCry, shows that Windows 7 accounts for 67 percent of infections, although it represents less than half of the global distribution of Windows PC users.

Computers running older versions, such as Windows XP used in Britain’s NHS health system, while individually vulnerable to attack, appear incapable of spreading infections and played a far smaller role in the global attack than initially reported.

In laboratory testing, researchers at MWR and Kyptos say they have found Windows XP crashes before the virus can spread.

Windows 10, the latest version of Microsoft’s flagship operating system franchise, accounts for another 15 percent, while older versions of Windows including 8.1, 8, XP and Vista, account for the remainder, BitSight estimated.

Computer basics

Any organization which heeded strongly worded warnings from Microsoft to urgently install a security patch it labeled “critical” when it was released on March 14 on all computers on their networks are immune, experts agree.

Those hit by WannaCry also failed to heed warnings last year from Microsoft to disable a file sharing feature in Windows known as SMB, which a covert hacker group calling itself Shadow Brokers had claimed was used by NSA intelligence operatives to sneak into Windows PCs.

“Clearly people who run supported versions of Windows and patched quickly were not affected”, Trustwave’s Mador said.

Microsoft has faced criticism since 2014 for withdrawing support for older versions of Windows software such as 16-year-old Windows XP and requiring users to pay hefty annual fees instead. The British government canceled a nationwide NHS support contract with Microsoft after a year, leaving upgrades to local trusts.

Seeking to head off further criticism in the wake of the WannaCry outbreak, the U.S. software giant last weekend released a free patch for Windows XP and other older Windows versions that it previously only offered to paying customers.

Microsoft declined to comment for this story.

On Sunday, the U.S. software giant called on intelligence services to strike a better balance between their desire to keep software flaws secret – in order to conduct espionage and cyber warfare – and sharing those flaws with technology companies to better secure the internet.

Half of all internet addresses corrupted globally by WannaCry are located in China and Russia, with 30 and 20 percent respectively. Infection levels spiked again in both countries this week and remained high through Thursday, according to data supplied to Reuters by threat intelligence firm Kryptos Logic.

By contrast, the United States accounts for 7 percent of WannaCry infections while Britain, France and Germany each represent just 2 percent of worldwide attacks, Kryptos said.

Dumb and sophisticated

The ransomware mixes copycat software loaded with amateur coding mistakes and recently leaked spy tools widely believed to have been stolen from the U.S. National Security Agency, creating a vastly potent class of crimeware.

“What really makes the magnitude of this attack so much greater than any other is that the intent has changed from information stealing to business disruption”, said Samil Neino, 32, chief executive of Los Angeles-based Kryptos Logic.

Last Friday, the company’s British-based 22-year-old data breach research chief, Marcus Hutchins, created a “kill-switch”, which security experts have widely hailed as the decisive step in halting the ransomware’s rapid spread around the globe.

WannaCry appears to target mainly enterprises rather than consumers: Once it infects one machine, it silently proliferates across internal networks which can connect hundreds or thousands of machines in large firms, unlike individual consumers at home.

An unknown number of computers sit behind the 300,000 infected internet connections identified by Kryptos.

Because of the way WannaCry spreads sneakily inside organization networks, a far larger total of ransomed computers sitting behind company firewalls may be hit, possibly numbering upward of a million machines. The company is crunching data to arrive at a firmer estimate it aims to release later Thursday.

Liran Eshel, chief executive of cloud storage provider CTERA Networks, said: “The attack shows how sophisticated ransomware has become, forcing even unaffected organizations to rethink strategies.”

Security Experts Find Clues to Ransomware Worm’s Lingering Risks

Researchers from a variety of security firms say they have so far failed to find a way to decrypt files locked up by WannaCry and say chances are low anyone will succeed.

However, a bug in WannaCry code means the attackers cannot use unique bitcoin addresses to track payments, security researchers at Symantec found this week. The result: “Users unlikely to get files restored”, the company’s Security Response team tweeted.

The rapid recovery by many organizations with unpatched computers caught out by the attack may largely be attributed to back-up and retrieval procedures they had in place, enabling technicians to re-image infected machines, experts said.

While encrypting individual computers it infects, WannaCry code does not attack network data-backup systems, as more sophisticated ransomware packages typically do, security experts who have studied WannaCry code agree.

These factors help explain the mystery of why such a tiny number of victims appear to have paid ransoms into the three bitcoin accounts to which WannaCry directs victims.

Less than 300 payments worth around $83,000 had been paid into WannaCry blackmail accounts by Thursday (1800 GMT), six days after the attack began and one day before the ransomware threatens to start locking up victim computers forever.

The Verizon 2017 Data Breach Investigations Report, the most comprehensive annual survey of security breakdowns, found that it takes three months before at least half of organizations install major new software security patches.

WannaCry landed nine weeks after Microsoft’s patch arrived.

“The same things are causing the same problems. That’s what the data shows,” MWR research head Pratley said.

“We haven’t seen many organizations fall over and that’s because they did some of the security basics,” he said.

 
…

The European Union’s competition watchdog has fined Facebook 110 million euros ($122 million) for providing misleading information over its buyout of mobile messaging service WhatsApp.

The European Commission said Thursday that when Facebook informed the Commission of the 2014 buyout, it said it would be unable to “establish reliable automated matching” between Facebook and WhatsApp user accounts.

But the Commission says that in 2016, WhatsApp offered updates including the possibility of linking user phone numbers with Facebook user IDs.

Competition Commissioner Margrethe Vestager said the fine is proportionate and serves as a deterrent.

She said “the Commission must be able to take decisions about mergers’ effects on competition in full knowledge of accurate facts.”
…

When Hurricane Sandy swept over Long Island, New York, in October 2012, power was knocked out and traffic lights were inoperable. While driving in her car, Stony Brook University student Vishwaja Muppa, 21, was struck by a police car and later died. The death of Muppa, from India, was one of 53 that were blamed on the storm.

On Stony Brook’s campus, damage was limited and students who sheltered remained safe. But university officials took the hurricane’s visit as a wake-up call and planned a state-of-the-art Emergency Operations Center (EOC).

Stony Brook hired two security technology firms, VCORE Solutions and IntraLogic Solutions, to install equipment and software  that would bring separate monitoring and communications systems under one roof.

“All the things we have in different silos, managed by different systems, are imported into one virtual environment,” Larry Zacarese, director of emergency management at Stony Brook, told VOA.

From the command center during Hurricane Sandy, Zacarese had little contact with other parts of the campus or local emergency responders off campus, he said. The new system shows images from cameras throughout campus and projects them on several monitors mounted across a 6½-meter-long wall.

Eyes everywhere

The system is regarded as a model and has been studied by other universities. Among the devices linked electronically are entry codes on hundreds of doors across campus, Global Positioning System units, fire alarms, video cameras and large, flat-screen television sets. The information from cameras and sensors is projected onto a large computer screen that shows the entire campus from above, including each building.

“We have a three-dimensional world overlaid on top of satellite imagery of our campus,” Zacarese said.

Software allows operators in the command center to expand each image and go into a building, checking its characteristics and the status of its sensors and alarms on each floor.

The system also allows the Emergency Operations Center to communicate in 15 ways with students across campus, utilizing social media, text messages, public address speakers and the 175 flat-screen television panels across campus. Operators can use the screens to warn students and faculty of a problem. They can use screens at all locations, or only at one site.

“If there is a fire in a chemistry lab,” Zacarese said, “we could communicate specifically to people in the chemistry building, as well as those in the immediate vicinity outside.”

Violence on campus

Zacarese said Stony Brook’s security system is vital in responding to violence and protecting those on campus. Last year, threatening messages of a “terroristic nature” appeared at a campus bus stop, he said. Using the information from cameras and other devices, police were able to identify the perpetrator and arrest him.

“In less than three hours,” Zacarese said, “we had someone in custody.”

There are more than 25,000 students enrolled at Stony Brook during a normal semester, but adding faculty and staff, campus population swells to about 50,000.

“The population size of this campus is essentially as big or bigger than some small cities,” Zacarese said.

The high-tech Emergency Operations Center can also be useful in police and fire investigations, he said, because investigators can use recorded data to find evidence and trace suspects.
…

Apple will reportedly announce an update to its lineup of laptops at its annual developer conference, known as WWDC, in June.

The report from Bloomberg suggests Apple is responding to increased competition from rival Microsoft.

According to the report, Apple will announce three new laptops: The MacBook Pro will get a quicker processor, as will the 12-inch MacBook and the 13-inch MacBook Air. The processors, according to Bloomberg, will be Intel’s newest, seventh generation chips.

Apple’s laptops account for 11 percent of the company’s annual $216 billion in sales. iPhones make up nearly two thirds of the company’s sales.

Rival Microsoft recently unveiled its own Surface Laptop as a possible competitor to MacBook Air. That device reportedly boots up quickly and has a touchscreen.

According to Bloomberg, the new MacBook Pro would share the same basic external look of the current models.

It has been seven years since Apple redesigned the MacBook Air and more than a year since the company released a new MacBook Pro. The 12-inch MacBook saw its last update last spring.

Apple will also reportedly announce an upgrade to its macOS operating system.

The WWDC will start June 5.
…

The hacker group behind the leak of cyber spying tools from the U.S. National Security Agency, which were used in last week’s “ransomware” cyberattack, says it has more code that it plans to start selling through a subscription service launching next month.

The group known as Shadow Brokers posted a statement online Tuesday saying the new data dumps could include exploits for Microsoft’s Windows 10 operating system, and for web browsers and cell phones, as well as “compromised network data from Russian, Chinese, Iranian or North Korean nukes and missile programs.”

Shadow Brokers tried unsuccessfully last year to auction off cyber tools it said were stolen from the NSA.

The WannaCry ransomware virus exploited a vulnerability in Microsoft’s older Windows XP operation system.  The company had largely stopped offering support such as security updates for Windows XP, but did release a patch to protect users against the attack that demanded people pay to avoid losing their data.

There is no definitive evidence yet of who used the NSA tools to build WannaCry.

Cyber security experts say the technical evidence linking North Korea to the cyberattack is somewhat tenuous, but Pyongyang has the advanced cyber capabilities, and the motive to compensate for lost revenue due to economic sanctions, to be considered a likely suspect.

Since Friday, the WannaCry virus has infected more than 300,000 computers in 150 countries, at least temporarily paralyzing factories, banks, government agencies, hospitals and transportation systems.

On Monday analysts with the cyber security firms Symantec and Kaspersky Lab said some code in an earlier version of the WannaCry software had also appeared in programs used by the Lazarus Group, which has been identified by some industry experts as a North Korea-run hacking operation.

“Right now we’ve uncovered a couple of what we would call weak indicators or weak links between WannaCry and this group that’s been previously known as Lazarus. Lazarus was behind the attacks on Sony and the Bangladesh banks for example. But these indicators are not enough to definitively say it’s Lazarus at all,” said Symantec Researcher Eric Chien.

Bureau 121

Symantec has linked the Lazarus group to a number of cyberattacks on banks in Asia dating back years, including the digital theft of $81 million from Bangladesh’s central bank last year. 

The U.S. government blamed North Korea for the hack on Sony Pictures Entertainment that leaked damaging personal information after Pyongyang threatened “merciless countermeasures” if the studio released a dark comedy movie that portrayed the assassination of Kim Jong Un.  And South Korea had accused the North of attempting to breach the cyber security of its banks, broadcasters and power plants on numerous occasions.

Pyongyang is believed to have thousands of highly trained computer experts working for a cyberwarfare unit called Bureau 121, which is part of the General Bureau of Reconnaissance, an elite spy agency run by the military.  There have been reports the Lazarus group is affiliated with Bureau 121. Some alleged North Korean-related cyberattacks have also been traced back to a hotel in Shenyang, China near the Korean border.

“Mostly they hack directly, but they hack other countries first and transfer (the data), so various other countries are found when we trace back, but a specific IP address located in Pyongyang can be found in the end,” said Choi Sang-myung, a senior director of the cyber security firm Hauri Inc. in Seoul.

Ransom

It is not clear if the purpose of the WannaCry malware is to extort payments or to cause widespread damage.

The WannaCry hackers have demanded ransoms from users, starting at $300 to end the cyberattack, or they threatened to destroy all data on infected computers. So far the perpetrators have raised less than $70,000 according to Tom Bossert, a homeland security adviser for U.S. President Donald Trump.

The countries most affected by WannaCry to date are Russia, Taiwan, Ukraine and India, according to Czech security firm Avast.

Suffering under increased economic sanctions for its nuclear and ballistic missile programs, it would not be surprising for North Korea to attempt to make up for lost revenue through illicit cyber theft and extortion.  But the WannaCry ransomware is more advanced than anything North Korean hackers have used in the past.

“Previous ransomwares required people to click an attachment in an email or access a specific website to get infected, but this time (computers) can be infected without getting an email or access to a website, just by connecting an Internet cable,” said Choi.

FireEye Inc., another large cyber security firm, said it was also investigating but cautious about drawing a link to North Korea.

In addition to past alleged cyberattacks, North Korea had also been accused of counterfeiting $100 bills which were known as “superdollars” or “supernotes” because the fakes were nearly flawless.

Youmi Kim contributed to this report.
…

Motorized skateboards are a simple and affordable form of personal transportation while advanced battery technology considerably extended their range. Now a startup company in Germany offers a skateboard that is almost entirely printed in plastic and has wireless speed control. VOA’s George Putic reports.
…

A computer virus that exploits the same vulnerability as the global “ransomware” attack has latched on to more than 200,000 computers and begun manufacturing digital currency, experts said Tuesday.

The development adds to the dangers exposed by the WannaCry ransomware and provides another piece of evidence that a North Korea-linked hacking group may be behind the attacks.

WannaCry, developed in part with hacking techniques that were either stolen or leaked from the U.S. National Security Agency, has infected more than 300,000 computers since Friday, locking up their data and demanding a ransom payment to release it.

Researchers at security firm Proofpoint said the related attack, which installs a currency “miner” that generates digital cash, began infecting machines in late April or early May but had not been previously discovered because it allows computers to operate while creating the digital cash in the background.

Proofpoint executive Ryan Kalember said the authors may have earned more than $1 million, far more than has been generated by the WannaCry attack.

Like WannaCry, the program attacks via a flaw in Microsoft Corp’s Windows software. That hole has been patched in newer versions of Windows, though not all companies and individuals have installed the patches.

Suspected links to North Korea

Digital currencies based on a technology known as blockchain operate by enabling the creation of new currency in exchange for solving complex math problems. Digital “miners” run specially configured computers to solve the problems and generate currency, whose value fluctuates according to market demand.

Bitcoin is by far the largest such currency, but the new mining program is not aimed at Bitcoin. Rather it targeted a newer digital currency, called Monero, that experts say has been pursued recently by North Korean-linked hackers.

North Korea has attracted attention in the WannaCry case for a number of reasons, including the fact that early versions of the WannaCry code used some programming lines that had previously been spotted in attacks by Lazarus Group, a hacking group associated with North Korea.

Security researchers and U.S. intelligence officials have cautioned that such evidence is not conclusive, and the investigation is in its early stages.

In early April, security firm Kaspersky Lab said that a wing of Lazarus devoted to financial gain had installed software to mine Moreno on a server in Europe.

A new campaign to mine the same currency, using the same Windows weakness as WannaCry, could be coincidence, or it could suggest that North Korea was responsible for both the ransomware and the currency mining.

Kalember said he believes the similarities in the European case, WannaCry and the miner were “more than coincidence.”

“It’s a really strong overlap,” he said. “It’s not like you see Moreno miners all over the world.”

The North Korean mission to the United Nations could not be reached for comment, while the FBI declined to comment.
…

Thailand backed off a threat to block Facebook on Tuesday, instead providing the social media site with court orders to remove content that the government deems illegal.

Thailand made the threat last week as it wanted Facebook to block more than 130 posts it considers a threat to national security or in violation of the country’s lese majeste law, which makes insults to the monarchy punishable by up to 15 years in prison. Thailand’s military government has made prosecuting royal insults a priority since seizing power in a coup three years ago.

Takorn Tantasith, secretary-general of Thailand’s broadcast regulator, said Facebook had requested the court orders before it would take action but he expected the social media giant would comply with the government’s demands.

“Facebook have shown good cooperation with us,” Takorn told reporters.

Emails and calls seeking confirmation from Facebook were not immediately returned.

The regulator last week demanded that Facebook remove more than 130 illegal posts by Tuesday or face legal action that could shut down the site. In a change of tactic, Takorn said that Thailand had forwarded 34 court orders to Facebook so far.

“The websites that need to be taken down are not only for those that are a threat to stability but they also include other illegal websites such as porn and websites that support human-trafficking which take time to legally determine,” Takorn said.

Thai authorities try to take pre-emptive actions against material they consider illegal, having local internet service providers block access or reaching agreements with some online services such as YouTube to bar access to certain material in Thailand.

Much of that is content deemed in violation of the country’s lese majeste law, the harshest in the world. The military government has charged more than 100 people with such offenses since the coup and handed down record sentences. Many of those cases have been based on internet postings or even private messages exchanged on Facebook.

Last month, Thai authorities declared it illegal to exchange information on the internet with three prominent government critics who often write about the country’s monarchy.

Facebook, which is blocked in a number of authoritarian countries such as North Korea, has said it relies on local governments to notify the site of information it deems illegal.

“If, after careful legal review, we find that the content is illegal under local law we restrict it as appropriate and report the restriction in our Government Request Report,” Facebook has said in past statements outlining its policy.
…