Government

US Plans $825 Million Investment For New York Semiconductor R&D Facility (reuters.com) 26

The Biden administration is investing $825 million in a new semiconductor research and development facility in Albany, New York. Reuters reports: The New York facility will be expected to drive innovation in EUV technology, a complex process necessary to make semiconductors, the U.S. Department of Commerce and Natcast, operator of the National Semiconductor Technology Center (NTSC) said. The launch of the facility "represents a key milestone in ensuring the United States remains a global leader in innovation and semiconductor research and development," Commerce Secretary Gina Raimondo said. From the U.S. Department of Commerce press release: EUV Lithography is essential for manufacturing smaller, faster, and more efficient microchips. As the semiconductor industry pushes the limits of Moore's Law, EUV lithography has emerged as a critical technology to enable the high-volume production of transistors beyond 7nm, previously unattainable. As the NSTC develops capabilities and programs, access to EUV lithography R&D is essential to meet its three primary goals 1) extend U.S. technology leadership, 2) reduce the time and cost to prototype, and 3) build and sustain a semiconductor workforce ecosystem.
Security

Inside a Firewall Vendor's 5-Year War With the Chinese Hackers Hijacking Its Devices (wired.com) 33

British cybersecurity firm Sophos revealed this week that it waged a five-year battle against Chinese hackers who repeatedly targeted its firewall products to breach organizations worldwide, including nuclear facilities, military sites and critical infrastructure. The company told Wired that it traced the attacks to researchers in Chengdu, China, linked to Sichuan Silence Information Technology and the University of Electronic Science and Technology.

Sophos planted surveillance code on its own devices used by the hackers, allowing it to monitor their development of sophisticated intrusion tools, including previously unseen "bootkit" malware designed to hide in the firewalls' boot code. The hackers' campaigns evolved from mass exploitation in 2020 to precise attacks on government agencies and infrastructure across Asia, Europe and the United States. Wired story adds: Sophos' report also warns, however, that in the most recent phase of its long-running conflict with the Chinese hackers, they appear more than ever before to have shifted from finding new vulnerabilities in firewalls to exploiting outdated, years-old installations of its products that are no longer receiving updates. That means, company CEO Joe Levy writes in an accompanying document, that device owners need to get rid of unsupported "end-of-life" devices, and security vendors need to be clear with customers about the end-of-life dates of those machines to avoid letting them become unpatched points of entry onto their network. Sophos says it's seen more than a thousand end-of-life devices targeted in just the past 18 months.

"The only problem now isn't the zero-day vulnerability," says Levy, using the term "zero-day" to mean a newly discovered hackable flaw in software that has no patch. "The problem is the 365-day vulnerability, or the 1,500-day vulnerability, where you've got devices that are on the internet that have lapsed into a state of neglect."

Transportation

US Experts Say Headlights Aren't Bright Enough (theguardian.com) 187

An anonymous reader quotes a report from The Guardian: Complaints about the brightness of modern headlights have become commonplace. On X, thousands of users have tweeted about headlights being too bright. The subreddit r/fuckyourheadlights has over 35,000 members who post blurry photos of offending high beams and LED headlights. Outlets like the New York Times and NBC News have written about the risks of headlight glare. Advocacy groups have called for bans on LED headlights. And the UK government launched a review into the dangers of headlight glare earlier this year, after many driver complaints. And yet, according to many experts, the problem with headlights is not that they're too bright -- it's that they're not bright enough. "We actually need more light on the road than what we have," says Greg Bannon, director of automotive engineering at the American Automobile Association (AAA). Only a minority of US roadways have overhead street lighting, as one 2019 AAA report noted. As a result, in many areas, headlights are the sole method of illumination when driving at night. But which is the safety bigger risk: inadequate illumination, or headlights that impair the vision of other drivers? The report notes that the U.S. standards set by the National Highway Traffic Safety Administration (NHTSA) haven't changed in decades and are much weaker than Europe's. Adaptive headlights, which automatically adjust brightness to avoid blinding other drivers, have been approved by NHTSA since 2022 but are still relatively rare due to differing standards and costs.
AI

US Army Should Ditch Tanks For AI Drones, Says Eric Schmidt (theregister.com) 368

Former Google chief Eric Schmidt thinks the US Army should expunge "useless" tanks and replace them with AI-powered drones instead. From a report: Speaking at the Future Investment Initiative in Saudi Arabia this week, he said: "I read somewhere that the US had thousands and thousands of tanks stored somewhere," adding, "Give them away. Buy a drone instead."

The former Google supremo's argument is that recent conflicts, such as the war in Ukraine, have demonstrated how "a $5,000 drone can destroy a $5 million tank." In fact, even cheaper drones, similar to those commercially available for consumers, have been shown in footage on social media dropping grenades through the open turret hatch of tanks. Schmidt, who was CEO of Google from 2001 to 2011, then executive chairman to 2015, and executive chairman of Alphabet to 2018, founded White Stork with the aim of supporting Ukraine's war effort. It hopes to achieve this by developing a low-cost drone that can use AI to acquire its target rather than being guided by an operator and can function in environments where GPS jamming is in operation.

Notably, Schmidt also served as chair of the US government's National Security Commission on Artificial Intelligence (NSCAI), which advised the President and Congress about national security and defense issues with regard to AI. "The cost of autonomy is falling so quickly that the drone war, which is the future of conflict, will get rid of eventually tanks, artillery, mortars," Schmidt predicted.

Canada

Chinese Attackers Accessed Canadian Government Networks For Five Years (theregister.com) 11

Canada's Communications Security Establishment (CSE) revealed a sustained cyber campaign by the People's Republic of China, targeting Canadian government and private sector networks over the past five years. The report also flagged India, alongside Russia and Iran, as emerging cyber threats. The Register reports: The biennial National Cyber Threat Assessment described the People's Republic of China's (PRC) cyber operations against Canada as "second to none." Their purpose is to "serve high-level political and commercial objectives, including espionage, intellectual property (IP) theft, malign influence, and transnational repression." Over the past four years, at least 20 networks within Canadian government agencies and departments were compromised by PRC cyber threat actors. The CSE assured citizens that all known federal government compromises have been resolved, but warned that "the actors responsible for these intrusions dedicated significant time and resources to learn about the target networks."

The report also alleges that government officials -- particularly those perceived as being critical of the Chinese Communist Party (CCP) -- were attacked. One of those attacks includes an email operation against members of Interparliamentary Alliance on China. The purpose of the cyber attacks is mainly to gain information that would lead to strategic, economic, and diplomatic advantages. The activity appears to have intensified following incidents of bilateral tension between Canada and the PRC, after which Beijing apparently wanted to gather timely intelligence on official reactions and unfolding developments, according to the report. Canada's private sector is also in the firing line, with the CSE suggesting "PRC cyber threat actors have very likely stolen commercially sensitive data from Canadian firms and institutions." Operations that collect information that could support the PRC's economic and military interests are priority targets.

AI

'I'm Not Just Spouting Shit': iPod Creator, Nest Founder Fadell Slams Sam Altman (techcrunch.com) 86

iPod creator and Nest founder Tony Fadell criticized OpenAI CEO Sam Altman and warned of AI dangers during TechCrunch Disrupt 2024 in San Francisco this week. "I've been doing AI for 15 years, people, I'm not just spouting shit. I'm not Sam Altman, okay?" Fadell said, drawing gasps from the audience.

Fadell, whose Nest thermostat used AI in 2011, called for more specialized and transparent AI systems instead of general-purpose large language models. He cited a University of Michigan study showing AI hallucinations in 90% of ChatGPT-generated patient reports, warning such errors could prove fatal. "Right now we're all adopting this thing and we don't know what problems it causes," Fadell said, urging government regulation of AI transparency. "Those could kill people. We are using this stuff and we don't even know how it works."
The Military

US Military Makes First Confirmed OpenAI Purchase For War-Fighting Forces (theintercept.com) 26

An anonymous reader quotes a report from The Intercept: Less than a year after OpenAI quietly signaled it wanted to do business with the Pentagon, a procurement document obtained by The Intercept shows U.S. Africa Command, or AFRICOM, believes access to OpenAI's technology is "essential" for its mission. The September 30 document lays out AFRICOM's rationale for buying cloud computing services directly from Microsoft as part of its $9 billion Joint Warfighting Cloud Capability contract, rather than seeking another provider on the open market. "The USAFRICOM operates in a dynamic and evolving environment where IT plays a critical role in achieving mission objectives," the document reads, including "its vital mission in support of our African Mission Partners [and] USAFRICOM joint exercises."

The document, labeled Controlled Unclassified Information, is marked as FEDCON, indicating it is not meant to be distributed beyond government or contractors. It shows AFRICOM's request was approved by the Defense Information Systems Agency. While the price of the purchase is redacted, the approval document notes its value is less than $15 million. Like the rest of the Department of Defense, AFRICOM -- which oversees the Pentagon's operations across Africa, including local military cooperation with U.S. allies there -- has an increasing appetite for cloud computing. The Defense Department already purchases cloud computing access from Microsoft via the Joint Warfighting Cloud Capability project. This new document reflects AFRICOM's desire to bypass contracting red tape and buy immediatelyMicrosoft Azure cloud services, including OpenAI software, without considering other vendors. AFRICOM states that the "ability to support advanced AI/ML workloads is crucial. This includes services for search, natural language processing, [machine learning], and unified analytics for data processing." And according to AFRICOM, Microsoft's Azure cloud platform, which includes a suite of tools provided by OpenAI, is the only cloud provider capable of meeting its needs.

Microsoft began selling OpenAI's GPT-4 large language model to defense customers in June 2023. Earlier this year, following the revelation that OpenAI had changed its mind on military work, the company announced a cybersecurity collaboration with DARPA in January and said its tools would be used for an unspecified veteran suicide prevention initiative. In April, Microsoft pitched the Pentagon on using DALL-E, OpenAI's image generation tool, for command and control software. But the AFRICOM document marks the first confirmed purchase of OpenAI's products by a U.S. combatant command whose mission is one of killing. OpenAI's stated corporate mission remains "to ensure that artificial general intelligence benefits all of humanity." The AFRICOM document marks the first confirmed purchase of OpenAI's products by a U.S. combatant command whose mission is one of killing.
"Without access to Microsoft's integrated suite of AI tools and services, USAFRICOM would face significant challenges in analyzing and extracting actionable insights from vast amounts of data," reads the AFRICOM document. "This could lead to delays in decision-making, compromised situational awareness, and decreased agility in responding to dynamic and evolving threats across the African continent." The document contains little information about how exactly the OpenAI tools will be used.
Canada

Canada Predicts Hacking From India as Diplomatic Feud Escalates (bloomberg.com) 97

Canada is bracing for Indian government-backed hacking as the two nations' diplomatic relationship nosedives to its lowest ebb in a generation. From a report: "We judge that official bilateral relations between Canada and India will very likely drive Indian state-sponsored cyber threat activity against Canada," the Canadian Centre for Cyber Security said in its annual threat report published Wednesday, adding that such hackers are probably already conducting cyber-espionage.

This month, Prime Minister Justin Trudeau's cabinet and Canadian police have ramped up a remarkable campaign of public condemnations against India, accusing Narendra Modi's officials of backing a wave of violence and extortion against Canadians on Canadian soil -- particularly those who agitate for carving out a separate Sikh state in India called Khalistan. India has rejected the accusations and believes some Khalistan activists to be terrorists harbored by Canada.

Businesses

Crypto Firm Consensys To Cut 20% of Workforce Amid Regulatory Headwinds (reuters.com) 13

Cryptocurrency firm Consensys said on Tuesday it would cut 20% of its total workforce, citing broader macroeconomic pressures and ongoing regulatory challenges facing the industry. From a report: The decision will impact 162 of a total of 828 employees at the company, Consensys CEO Joseph Lubin told Reuters in a mailed statement. Crypto companies have frequently accused the Securities and Exchange Commission of regulatory overreach and exceeding its jurisdiction, while the agency argues that the industry is disregarding securities laws designed to protect investors and other market participants.

"Multiple cases with the SEC, including ours, represent meaningful jobs and productive investment lost due to the SEC's abuse of power and Congress's inability to rectify the problem," Lubin said in a blog post, opens new tab. "Such attacks from the U.S. government will end up costing many companies that have been investigated, sued, or sent Wells Notices, many millions of dollars," he added.

Bitcoin

Russia Publishes New Crypto Law Expanding State Control Over Digital Assets 21

Russia has enacted a new law expanding control over cryptocurrency mining, granting multiple federal agencies access to digital currency identifier addresses, among other things. The country is also advancing its regulatory framework and experimenting with crypto in international trade. From a report: Taking effect on Nov. 1, the legislation includes several amendments designed to strengthen oversight and impose limitations on crypto mining activities based on regional needs. The law enables the Russian government to implement mining restrictions by location and define specific procedures and circumstances for banning mining operations. A notable provision in the law gives the government the power to stop digital currency mining pools from functioning in certain areas. Additionally, the government now has the authority to regulate infrastructure providers supporting mining operations.

This legislation also grants multiple federal agencies, beyond the Federal Financial Monitoring Service (Rosfinmonitoring), access to digital currency identifier addresses. This expansion includes federal executive agencies and law enforcement, bolstering their capability to track transactions that may be linked to money laundering or terrorist financing activities. Moreover, the amendments transfer responsibility for the national mining register from the Ministry of Digital Development to the Federal Tax Service, which will now oversee mining registrations for businesses and remove those with repeated infractions. While individual miners can continue without registering if they adhere to specific electricity consumption limits, companies and individual entrepreneurs must comply with new registration requirements.
Businesses

Apple Banned From Selling iPhone 16 in Indonesia (9to5mac.com) 18

Indonesia has banned sales of Apple's iPhone 16, citing the tech giant's failure to meet local investment requirements, the country's Ministry of Industry said. The ministry said Apple's local unit has not fulfilled the mandatory 40% local content threshold for smartphones, making imported iPhone 16 units illegal for sale in Southeast Asia's largest economy.

About 9,000 iPhone 16 devices have entered Indonesia through passenger luggage since last month's launch. "These phones entered legally, but will be illegal if traded," the ministry said. Apple has invested 1.48 trillion rupiah ($108 million) of its 1.71 trillion rupiah commitment in Indonesia. The company operates four developer academies but no manufacturing facilities in the country, despite government pressure to expand its presence.
Software

Can the EU Hold Software Makers Liable For Negligence? (lawfaremedia.org) 132

When it comes to introducing liability for software products, "the EU and U.S. are taking very different approaches," according to Lawfare's cybersecurity newsletter. "While the U.S. kicks the can down the road, the EU is rolling a hand grenade down it to see what happens." Under the status quo, the software industry is extensively protected from liability for defects or issues, and this results in systemic underinvestment in product security. Authorities believe that by making software companies liable for damages when they peddle crapware, those companies will be motivated to improve product security... [T]he EU has chosen to set very stringent standards for product liability, apply them to people rather than companies, and let lawyers sort it all out.

Earlier this month, the EU Council issued a directive updating the EU's product liability law to treat software in the same way as any other product. Under this law, consumers can claim compensation for damages caused by defective products without having to prove the vendor was negligent or irresponsible. In addition to personal injury or property damages, for software products, damages may be awarded for the loss or destruction of data. Rather than define a minimum software development standard, the directive sets what we regard as the highest possible bar. Software makers can avoid liability if they prove a defect was not discoverable given the "objective state of scientific and technical knowledge" at the time the product was put on the market.

Although the directive is severe on software makers, its scope is narrow. It applies only to people (not companies), and damages for professional use are explicitly excluded. There is still scope for collective claims such as class actions, however. The directive isn't law itself but sets the legislative direction for EU member states, and they have two years to implement its provisions. The directive commits the European Commission to publicly collating court judgements based on the directive, so it will be easy to see how cases are proceeding.

Major software vendors used by the world's most important enterprises and governments are publishing comically vulnerable code without fear of any blowback whatsoever. So yes, the status quo needs change. Whether it needs a hand grenade lobbed at it is an open question. We'll have our answer soon.

United Kingdom

UK Nuclear Site's Clean-Up Costs Rise To £136 Billion (theguardian.com) 124

The cost of cleaning up the U.K.'s largest nuclear site, "is expected to spiral to £136 billion" (about $176 billion), according to the Guardian, creating tension with the country's public-spending watchdog.

Projects to fix the state-owned buildings with hazardous and radioactive material "are running years late and over budget," the Guardian notes, with the National Audit Office suggesting spending at the Sellafield site has risen to more than £2.7 billion a year ($3.49 billion). Europe's most hazardous industrial site has previously been described by a former UK secretary of state as a "bottomless pit of hell, money and despair". The Guardian's Nuclear Leaks investigation in late 2023 revealed a string of cybersecurity problems at the site, as well as issues with its safety and workplace culture. The National Audit Office found that Sellafield was making slower-than-hoped progress on making the site safe and that three of its most hazardous storage sites pose an "intolerable risk".

The site is a sprawling collection of buildings, many never designed to hold nuclear waste long-term, now in various states of disrepair. It stores and treats decades of nuclear waste from atomic power generation and weapons programmes, has taken waste from countries including Italy and Sweden, and is the world's largest store of plutonium.

Sellafield is forecast to cost £136bn to decommission, which is £21.4bn or 18.8% higher than was forecast in 2019. Its buildings are expected to be finally torn down by 2125 and its nuclear waste buried deep underground at an undecided English location. The underground project's completion date has been delayed from 2040 to the 2050s at the earliest, meaning Sellafield will need to build more stores and manage waste for longer. Each decade of delay costs Sellafield between £500m and £760m, the National Audit Office said.

Meanwhile, the government hopes to ramp up nuclear power generation, which will create more waste.

"Plans to clean up three of its worst ponds — which contain hazardous nuclear sludge that must be painstakingly removed — are running six to 13 years later than forecast when the National Audit Office last drew up a report, in 2018... "

"One pond, the Magnox swarf storage silo, is leaking 2,100 litres of contaminated water each day, the NAO found. The pond was due to be emptied by 2046 but this has slipped to 2059."

Thanks to long-time Slashdot reader AmiMoJo for sharing the news.
Power

Singapore Approves 2,600-Mile Undersea Cable to Import Solar Energy from Australia (newatlas.com) 92

"The world's largest renewable energy and transmission project has received key approval from government officials," reports New Atlas.

Solar power from Australia will be carried 2,672 miles (4,300 kilometers) to Singapore over undersea cables in what's being called "the Australia-Asia Power Link project." Reuters reports that SunCable "aims to produce 6 gigawatts of electricity at a vast solar farm in Northern Australia and ship about a third of that to Singapore via undersea cable."

More from New Atlas: [The project] will start by constructing a mammoth solar farm in Australia's Northern Territory to transmit around-the-clock clean power to [the Australian city] Darwin, and also export "reliable, cost-competitive renewable energy" to Singapore... with a clean energy generation capacity of up to 10 gigawatts, plus utility scale onsite storage. [The recently-obtained environmental approval] also green lights an 800-km (~500-mile) overhead transmission line between the solar precinct and Murrumujuk near Darwin...

If all of the dominoes line up perfectly, supply of the first clean electricity is estimated to start in the early 2030s. An overview graphic on the project page shows that the eventual end game for the Powell Creek development appears to be the generation of up to 20 GW of peak solar power and have some 36-42 GWh of battery storage on site.

Thanks to long-time Slashdot reader AmiMoJo for sharing the news.
Cellphones

Inside the U.S. Government-Bought Tool That Can Track Phones At Abortion Clinics (404media.co) 235

Slashdot reader samleecole writes: Privacy advocates gained access to a powerful tool bought by U.S. law enforcement agencies that can track smartphone locations around the world. Abortion clinics, places of worship, and individual people can all be monitored without a warrant.

An investigation into tracking tool Locate X shows in the starkest terms yet how it and others — based on smartphone location data sold to various U.S. government law enforcement agencies, including state entities — could be used to monitor abortion clinic patients. This comes as more states contemplate stricter or outright bans on abortion...

Electronic Frontier Foundation

Egyptian Blogger/Developer Still Held in Prison 28 Days After His Release Date (eff.org) 51

In 2004 Alaa Abd El Fattah answered questions from Slashdot's readers about organizing the first-ever Linux installfest in Egypt.

In 2014 he was arrested for organizing poltical protests without requesting authorization, according to Wikipedia, and then released on bail — but then sentenced to five years in prison upon retrial. He was released in late March of 2019, but then re-arrested again in September by the National Security Agency, convicted of "spreading fake news" and jailed for five years...

Wikipedia describes Abd El-Fattah as an "Egyptian-British blogger, software developer and a political activist" who has been "active in developing Arabic-language versions of software and platforms." But this week an EFF blog post noticed that his released date had recently passed — and yet he was still in prison: It's been 28 days since September 29, the day that should have seen British-Egyptian blogger, coder, and activist Alaa Abd El Fattah walk free. Egyptian authorities refused to release him at the end of his sentence, in contradiction of the country's own Criminal Procedure Code, which requires that time served in pretrial detention count toward a prison sentence. [Human Rights Watch says Egyptian authorities are refusing to count more than two years of pretrial detention toward his time served. Amnesty International has also called for his release.] In the days since, Alaa's family has been able to secure meetings with high-level British officials, including Foreign Secretary David Lammy, but as of yet, the Egyptian government still has not released Alaa...

Alaa deserves to finally return to his family, now in the UK, and to be reunited with his son, Khaled, who is now a teenager. We urge EFF supporters in the UK to write to their MP to place pressure on the UK's Labour government to use their power to push for Alaa's release.

Last month the EFF wrote:: Over 20 years ago Alaa began using his technical skills to connect coders and technologists in the Middle East to build online communities where people could share opinions and speak freely and privately. The role he played in using technology to amplify the messages of his fellow Egyptians — as well as his own participation in the uprising in Tahrir Square — made him a prominent global voice during the Arab Spring, and a target for the country's successive repressive regimes, which have used antiterrorism laws to silence critics by throwing them in jail and depriving them of due process and other basic human rights.

Alaa is a symbol for the principle of free speech in a region of the world where speaking out for justice and human rights is dangerous and using the power of technology to build community is criminalized...

DRM

US Copyright Office Grants DMCA Exemption For Ice Cream Machines (extremetech.com) 82

The Librarian of Congress has granted a DMCA exemption allowing independent repair of soft-serve machines, addressing the persistent issue of restricted repairs on McDonald's frequently malfunctioning machines. ExtremeTech reports: Section 1201 of the DMCA makes it illegal to bypass a digital lock protecting copyrighted work. That can be the DRM on a video file you download from iTunes, the carrier locks that prevent you from using a phone on other networks, or even the software running a McDonald's soft serve machine that refuses to accept third-party repairs. By locking down a product with DRM, companies can dictate when and how items are repaired under threat of legal consequences. This is an ongoing issue for people who want to fix all those busted ice cream machines.

Earlier this year, iFixit and Public Knowledge submitted their request for an exemption that would have covered a wide swath of industrial equipment. The request included everything from building management software to the aforementioned ice cream machines. Unfortunately, the Copyright Office was unconvinced on some of these points. However, the Librarian of Congress must be just as sick as the rest of us to hear the ice cream machine is broken. The office granted an exception for "retail-level food preparation equipment."

That means restaurant owners and independent repair professionals will be able to bypass the software locks that keep kitchen machinery offline until the "right" repair services get involved. This should lower prices and speed up repairs in such situations. Public Knowledge and iFixit express disappointment that the wider expansion was not granted, but they're still celebrating with some delicious puns (and probably ice cream).
"There's nothing vanilla about this victory; an exemption for retail-level commercial food preparation equipment will spark a flurry of third-party repair activity and enable businesses to better serve their customers," said Meredith Rose, Senior Policy Counsel at Public Knowledge.
Crime

Hacker Returns $19.3 Million To Drained US Government Crypto Wallet (decrypt.co) 16

A government-controlled wallet that had been drained of $20 million on Thursday received most of its funds back Friday, adding another layer of mystery to transactions flagged by blockchain analysts as likely being connected to a high-profile theft. From a report: The pseudonymous blockchain sleuth ZachXBT had said in a tweet Thursday that the transfers resembled the playbook of a bad actor. Engaging with several decentralized finance protocols, the wallet had also tapped so-called instant exchanges after funds were moved across a series of transfers that "looked nefarious." About $19.3 million worth of funds had been returned to the wallet early Friday, per on-chain data collected by Arkham Intelligence, including Ethereum and the stablecoin USDC. Still, ZachXBT said in his Telegram community that funds transferred to exchanges had not yet been returned.
Privacy

UnitedHealth Says Change Healthcare Hack Affects Over 100 Million (techcrunch.com) 35

UnitedHealth Group said a ransomware attack in February resulted in more than 100 million individuals having their private health information stolen. The U.S. Department of Health and Human Services first reported the figure on Thursday. TechCrunch reports: The ransomware attack and data breach at Change Healthcare stands as the largest known digital theft of U.S. medical records, and one of the biggest data breaches in living history. The ramifications for the millions of Americans whose private medical information was irretrievably stolen are likely to be life lasting. UHG began notifying affected individuals in late July, which continued through October. The stolen data varies by individual, but Change previously confirmed that it includes personal information, such as names and addresses, dates of birth, phone numbers and email addresses, and government identity documents, including Social Security numbers, driver's license numbers, and passport numbers. The stolen health data includes diagnoses, medications, test results, imaging and care and treatment plans, and health insurance information -- as well as financial and banking information found in claims and payment data taken by the criminals.

The cyberattack became public on February 21 when Change Healthcare pulled much of its network offline to contain the intruders, causing immediate outages across the U.S. healthcare sector that relied on Change for handling patient insurance and billing. UHG attributed the cyberattack to ALPHV/BlackCat, a Russian-speaking ransomware and extortion gang, which later took credit for the cyberattack. The ransomware gang's leaders later vanished after absconding with a $22 million ransom paid by the health insurance giant, stiffing the group's contractors who carried out the hacking of Change Healthcare out of their new financial windfall. The contractors took the data they stole from Change Healthcare and formed a new group, which extorted a second ransom from UHG, while publishing a portion of the stolen files online in the process to prove their threat.

There is no evidence that the cybercriminals subsequently deleted the data. Other extortion gangs, including LockBit, have been shown to hoard stolen data, even after the victim pays and the criminals claim to have deleted the data. In paying the ransom, Change obtained a copy of the stolen dataset, allowing the company to identify and notify the affected individuals whose information was found in the data. Efforts by the U.S. government to catch the hackers behind ALPHV/BlackCat, one of the most prolific ransomware gangs today, have so far failed. The gang bounced back following a takedown operation in 2023 to seize the gang's dark web leak site. Months after the Change Healthcare breach, the U.S. State Department upped its reward for information on the whereabouts of the ALPHV/BlackCat cybercriminals to $10 million.

News

Georgian Authorities Raid Homes of Disinformation Researchers Ahead of Elections (therecord.media) 68

Ahead of Georgia's parliamentary elections, Georgian authorities raided the homes of disinformation researchers Eto Buziashvili and Sopo Gelava, seizing personal devices. The Record: Eto Buziashvili and Sopo Gelava, both employees of the Atlantic Council think tank, had their homes searched and their own and their family members' personal devices seized by investigators working for the country's Ministry of Finance, according to friends of the pair who spoke to Recorded Future News. Both women are said to be safe, although there are concerns about the security of their devices and online accounts. The searches come a day after Buziashvili published an article detailing how the Kremlin was influencing Georgian politics by supporting the incumbent government and interfering in the upcoming elections.

Local media reported that the offices of outsourcing company Concentrix and other Georgian citizens were also subject to searches. The Ministry of Finance claimed on Facebook it launched searches of "specific facilities" related to "call centers" alleged to be engaged in illegal activity. The investigations come ahead of an election that is being seen as a bellwether of the country's future direction, either pursuing closer ties to Russia under the current prime minister Irakli Kobakhidze or moving towards the West through opposition figures.
Graham Brookie, the Atlantic Council's vice president for technology programs and strategy, said the organization "is deeply concerned about this development and its impact on our staff's work shortly before Georgian elections. [Gelava and Buziashvili] are engaged in independent, non-partisan work aimed at defending and strengthening democracy from those who would undermine it in online spaces, including research related to foreign influence efforts, the targeting of marginalized communities, and other online harms."

"We trust that Georgian authorities will provide more clarity on their actions, ensure the safety and security of our staff, return their property, and allow them to continue their contributions to Georgian democracy."

Slashdot Top Deals