TOP News

World: The most hated companies in the world

David Schwimmer was done with TV before being cast in Friends

  David Schwimmer was done with TV before being cast in Friends David Schwimmer has revealed if it wasn't for the cast and crew of 'Friends' having a "collaborative spirit", it's likely he wouldn't have signed up for the sitcom.The 54-year-old actor starred as Ross Geller in the worldwide hit sitcom - which ran from 1994 to 2004 and focused on six close friends living in New York - but admitted he was so fed up with his ideas being rejected during his stint as Greg Richardson on 1994's short-lived 'Monty' series starring Harry Winkler, that he didn't want to do sitcoms anymore.

If you found yourself in an hourslong line for expensive gas last month, then you’re probably familiar with the damage that ransomware attacks can do. The federal government certainly is.

a person wearing a suit and tie © Amanda Northrop/Vox

President Joe Biden’s much-anticipated first meeting with Russian President Vladimir Putin will take place on June 16 in Geneva, Switzerland. There, he’s expected to discuss the recent flurry of cyberattacks on some of the United States’ most crucial systems and infrastructure, many of which have been traced to Russia. Last year’s SolarWinds hack was directly attributed to the Russian government, and recent ransomware attacks on industries, including energy, food, and transportation, have been blamed on criminal organizations based in or near Russia — possibly with the country’s knowledge and approval. Many expect Biden to tell Putin that the United States is going to take a hard line against cyberattacks and the countries they originate from, regardless of Putin’s denials that Russia has anything to do with them.

Zidane unveils the player he hated

 Zidane unveils the player he hated the former mythical player of the Blues reveals the identity of the player he hated to face. © Provided by Football 365 Zinedine Zidane (Real Madrid) Zinedine Zidane takes advantage of a deserved vacation after a very hectic season on the Real Madrid side. The opportunity for the French technician, former legend of land as a player, to remember some memories through the words granted to young people from Marseille and Rodez as part of a sponsorship operation, organized by Orange.

The government has stepped up its response back home, too. The Biden administration sent a letter to corporations and business leaders with recommendations for how they can better protect themselves from attacks, and a plea that they do so. The DOJ formed a task force dedicated to ransomware, which has already managed to recover part of the ransom Colonial Pipeline paid to its attackers. And FBI director Christopher Wray even compared the ransomware attack epidemic to 9/11.

Wray’s comparison might be a bit extreme. There’s no evidence that a ransomware attack has been directly responsible for any deaths, let alone nearly 3,000 of them. But it should now be clear to everyone that ransomware is a serious issue that affects and disrupts even the most critical sectors. The attacks are ramping up in frequency and severity, and the US government is ready to throw everything it can at the problem in order to stop them — including, reportedly, giving ransomware attack investigations the same priority that they do terrorism.

Myleene Klass fronts documentary about miscarriage

  Myleene Klass fronts documentary about miscarriage Myleene Klass is set to front a new show, 'Myleene Klass: Miscarriages and Me', to break the taboo of miscarriages.The 43-year-old singer will meet other women who have lost babies in 'Myleene Klass: Miscarriages and Me', and she hopes it will break the taboo around the subject after the star suffered four miscarriages.

But for all that, ransomware isn’t new. There have been several high-profile attacks in the last few months that have given the issue more attention, but ransomware has been a major, and growing, issue for years. Wealthier and more sophisticated criminal organizations, new extortion tactics, and the pandemic have exacerbated the problem. But other factors — cryptocurrency, poor cybersecurity, and the fact that the ransoms often get paid and the attackers get away with it — have been around for a long time. And they may be here for a long time to come. A stern lecture at the leader of the Russian government almost certainly won’t be enough to stop them.

Ransomware, explained

Ransomware is malware that locks up access to its victim’s systems and then demands a ransom, usually in cryptocurrency, to unlock them. How the malware gets in the systems depends on the type used, but email phishing attacks are one of the most common ways. You may only need one employee out of thousands to open the wrong email and click on the wrong link if a company’s systems are properly secured, and spoofed emails can be pretty convincing. Hackers may also exploit vulnerabilities in a company’s systems or mount a brute force attack, which involves guessing at access credentials (like passwords) until they get one right.

Corporate board diversity census showed Black men lost ground

  Corporate board diversity census showed Black men lost ground Some 82.5 percent of directors among Fortune 500 boards are white, according to the latest Board Diversity Census.But in the two preceding years, progress on increasing racial diversity on boards stagnated, a new study revealed on Tuesday. Black men even lost ground.

“It could be a user with a weak password, it could be a user that clicks on a phishing email, or it could be a vulnerability in the system itself,” Jonathan Katz, a professor of computer science at the University of Maryland, told Recode. “One way or the other, they’re able to get this malware installed on computer systems.”

The most common victims have been institutions or companies that are especially vulnerable to an attack and motivated to get their systems back online as soon as possible. The health care sector, for instance, has been one of the most targeted because the consequences of not paying the ransom quickly can be dire, from not being able to provide health care to sensitive patient data being leaked — or even the patients themselves being blackmailed not to have their data released. Municipal or government systems, from school districts to large cities like Atlanta and Baltimore, have also been frequent targets of ransomware.

But just because health and government systems have historically been the most likely targets doesn’t mean organizations in other sectors should assume they’re safe. If it wasn’t obvious by now, attacks can and do hit anyone.

House lawmakers roll out bills to rein in Big Tech as conservatives warn of too much federal control

  House lawmakers roll out bills to rein in Big Tech as conservatives warn of too much federal control House lawmakers on Friday introduced a slew of antitrust bills that they say aim to rein in the power and reach of Big Tech companies, but some conservatives are warning that the legislation would give the federal government too much control over the tech sector, while others are concerned the proposals would adversely effect the broader economy and U.S. competitiveness. The bills, which have some bipartisan support, including from Republican Reps. Ken Buck, Madison Cawthorne, Burgess Owens, Victoria Sparks, Matt Gaetz and Chip Roy, take aim at top tech companies like Apple, Amazon, Google and Facebook. The bills, though, do not address Twitter.

a close up of a blue box: Fears of gasoline shortages stemming from the Colonial Pipeline shutdown led many Americans to panic-buy at the pump. © Bill Clark/CQ Roll Call, Inc/Getty Images Fears of gasoline shortages stemming from the Colonial Pipeline shutdown led many Americans to panic-buy at the pump.

Before the gas pumps went dry, you may have been paying for ransomware attacks without realizing it. When government systems are attacked, the cost is ultimately borne by the taxpayer, just as consumers often cover the cost of attacks on large companies (or smaller ones, assuming the attack doesn’t put them out of business first). And the cost of fully recovering from a ransomware attack often far exceeds the ransom itself — it could be months of time and millions of dollars. Insurance giant AIG predicts that ransomware damage will cost $20 billion worldwide in 2021, up from $325 million just six years ago. But it can cost even more not to pay the ransom at all, so the victims pay up.

The victims are paying more, too: The average ransom amount has increased along with the number of attacks. Due to the fact that the majority of victims never go public, it’s impossible to get an exact number, but one estimate says that the average ransom payment more than doubled between 2019 and 2020, from $115,000 to $315,000. When large companies like Colonial Pipeline, JBS Foods, and CNA Financial get hit, ransom payments are in the millions. It’s believed that ransomware gangs pulled in at least $350 million in 2020. Check Point Software told Recode that the number of attacks doubled between 2020 and 2021. One commonly cited global statistic says businesses will be attacked by ransomware every 11 seconds by the end of 2021, though other estimates are far more conservative. Check Point, for example, says about 1,000 organizations were attacked every week in April 2021 — or, once every 10 minutes.

Meryl Streep was 'so depressed' on Devil Wears Prada set

  Meryl Streep was 'so depressed' on Devil Wears Prada set Meryl Streep's last experience of method acting - on 2006 movie 'The Devil Wears Prada' - left her "so depressed" because the cast were always having fun without her.The 71-year-old actress immersed herself in the role of Runway editor Miranda Priestly in 2006 movie 'The Devil Wears Prada' both on and off camera, but hated being isolated away from the rest of the cast because she could always hear them having a good time together.

This all suggests that criminals are becoming bolder and, well, greedy.

“Not only has there been a huge uptick in the number of attacks, but the amount being demanded of victim companies has just skyrocketed,” Peter Marta, cybersecurity law expert at Hogan Lovells and former head of cybersecurity law at JPMorgan Chase, told Recode. “I don’t think anybody could have predicted a year and a half ago, where we would be today.”

And while the US government has issued statements over the years saying that ransomware attacks were a real threat that companies needed to take seriously and protect themselves from, the Colonial Pipeline attack took its response to a new level.

The evolution of ransomware

Ransomware has actually been around since the 1980s (the first known instance was distributed on floppy disks, with ransom payments made in cashier’s checks or money orders mailed to a post office box in Panama), but it wasn’t until 2013, with the emergence of the CryptoLocker virus, that cybersecurity researchers started to see it as a real and growing threat. CryptoLocker was distributed via spoofed emails with attachments. Once the victim downloaded the attachment, their files were locked up, and they were told to pay a small ransom to unlock them, ideally in bitcoin.

“CryptoLocker was the first successful ‘mass distribution’ ransomware,” Lotem Finkelstein, head of threat intelligence at cybersecurity firm Check Point, explained. “Up until CryptoLocker, it was very rare to see ransomware. … Bitcoin, in a way, assisted in the ransomware blossom. And the rest is history.”

Arnold Schwarzenegger's kids 'hated' his move from film to politics

  Arnold Schwarzenegger's kids 'hated' his move from film to politics Arnold and Katherine Schwarzenegger talk about fatherhood and how the family hated his move from movies to politics, ahead of Father's Day.During the nearly 34-minute chat, father and daughter talked about their family life when he was an A-list movie star, and his transition to politics when he became governor of California, beginning in 2003.

Bitcoin, as a global decentralized digital currency, made it much easier for criminals to collect ransom payments and harder for authorities to trace, let alone recover — although, as we’ve recently seen, recovering the ransom is not impossible. Ransoms were paid, the attackers got away with them, and over time and with more money, they’ve evolved into sophisticated criminal enterprises, offering ransomware-as-a-service to partners and creating what some experts liken to franchises. All of which makes ransomware more accessible to attackers who might otherwise not have had the know-how or payment mechanisms.

“The commoditization of ransomware overall ... has made this so much easier for anybody to get into the game,” said Steve Turner, a cybersecurity analyst at Forrester.

And some, it seems, have become brazen enough to attack massive companies and demand huge ransoms while potentially disrupting the lives of millions all over the world.

“There’s no mystery why some of these folks are being targeted,” said Mark Ostrowski, head of engineering at Check Point. “Big bang for the buck. Big interruption, big return.”

In cases where hackers are identified and charged for their attacks, they’re usually well out of the reach of US authorities — in North Korea or Iran, for instance.

Why we’re seeing so many attacks now

With the recent spate of high-profile attacks on companies from different yet important sectors — energy, food, transportation, finance, technology, and communications — it’s understandable that the average person might think the US is under some kind of coordinated attack as part of a brewing cyberwar. That these attacks are coming on the heels of the SolarWinds cyberattack, which is believed to have been orchestrated and carried out by the Russian government, likely contributes to that impression. But SolarWinds was not a ransomware attack, and while it’s true that many ransomware operations are based in or around Russia, possibly with some kind of informal agreement with the Russian government that they can go about their business as long as they don’t attack Russia or its allies, many experts attribute the recent attacks to other factors, and the primary motivation to money.

Pride merch won’t save trans youth

  Pride merch won’t save trans youth If corporations want to support LGBTQ people, they should fight against the wave of anti-trans bills, advocates say.Walmart earned a perfect 100 percent rating on the Human Rights Campaign’s 2021 Corporate Equality Index, which scores companies based on their support of LGBTQ employees through HR policies, practices, and benefits, as well as their public advocacy. Earlier this year, when Arkansas — Walmart’s home state and the location of its global headquarters — banned both gender-affirming medical care for young people and the participation of trans girls and women in school sports, the CEO of the retail giant issued a statement calling the legislation “troubling.

Starting a year and a half ago, two things happened: Attackers started not just holding systems for ransom, but also stealing their victims’ data and holding that for ransom too. Basically, hackers pivoted to data. You can back up and restore your systems without having to pay a ransom, but there’s not much you can do to stop your data from being released — other than paying for it not to be.

“Yesterday’s ransomware attacks were just encryption events,” Marta said. “Today you have double extortion, where it’s not just that your files and servers are encrypted, but also the threat actor has stolen a bunch of your sensitive data. And they’re saying if you don’t pay, we are going to dump that data on the dark web.”

Bitcoin, as a global decentralized digital currency, made it much easier for criminals to collect ransom payments and harder for authorities to trace

The other thing that happened, of course, was the pandemic. This opened up tons of new attack vectors for hackers — not just unsecured remote systems, but an exponential rise in phishing emails that took advantage of the circumstances and collective fear. The situation made people more likely to click on a link that would then infect their computers — and, from there, the rest of the system.

“Normally, personnel are physically at the location and do not need remote access,” Prashant Anantharaman, a researcher at Dartmouth’s Institute for Security, Technology and Society, told Recode. “With the push for remote work, we had to make many of these facilities internet-connected and remotely operable, increasing the attack surface.”

It’s hard to know the full extent of ransomware attacks because the vast majority of them aren’t reported. But even before the Colonial Pipeline attack — which introduced many Americans to the concept of ransomware, or at least how it could personally affect them — happened, the FBI had formed its ransomware task force and the Institute for Security and Technology had created a ransomware task force of its own, with an April launch event that featured a keynote speech from Secretary of Homeland Security Alejandro Mayorkas. The Cybersecurity and Infrastructure Security Agency (CISA) has steadily rolled out ransomware guides and fact sheets for everyone from individuals to businesses that run critical infrastructure.

What happens next

Americans’ shock over the recent spate of attacks may not be so much that ransomware exists or that cyberattacks are a threat, but that even massive companies and large governments can’t or won’t take steps to prevent them from happening in the first place. And that’s a very difficult problem that will probably need several different solutions.

“Americans should be concerned about this,” said Michael Hamilton, former chief information security officer (CISO) for the city of Seattle and current CISO of CI Security, which specializes in local government cybersecurity. “But I believe there is help on the way, and I think it’s going to come in a number of parts.”

In some cases, the government can — and does — require that certain sectors meet cybersecurity standards. Pipeline cybersecurity, for instance, is overseen by the Transportation Security Administration (TSA), but it did very little to ensure compliance from the companies under its purview. This will supposedly change soon. Colonial was breached through an account that didn’t have multi-factor authentication, which is a basic cybersecurity step. (CEO Joseph Blount told a Senate committee that the password was “complicated.” Any cybersecurity expert — or even a humble data privacy reporter — will tell you passwords, even the most complicated, are not enough. Safe to say that Blount knows this now, too.)

a truck that has a sign on the side of a road: JBS Foods was hit by a ransomware attack in June that briefly closed several plants. © Andy Cross/MediaNews Group/The Denver Post/Getty Images JBS Foods was hit by a ransomware attack in June that briefly closed several plants.

“Regulations are part of it, but it’s not going to solve the problem,” Ostrowski, of Check Point, said. “How you’re going to solve the problem is actually taking cybersecurity seriously. And I think a lot of verticals don’t take cybersecurity as seriously as they should. They look at cybersecurity as an expense versus as a critical piece of their business. And that’s how you’re going to solve it.”

The recent law enforcement crackdown on ransomware — and the results — may go a long way to alleviate the threat. After all, if hackers think they might actually get caught or have their operations shut down or their ransom payments seized, they’ll think twice about who they attack. The FBI was able to break into a crypto wallet and seize much of the ransom Colonial paid, and the group responsible for the attack, DarkSide, claimed its servers had been taken down and that it was disbanding (you can decide if you want to take that claim at face value or not — it’s pretty common for hacker groups to “disband” and then resurface with a different name). This shows that even those sophisticated ransomware-as-a-service organizations aren’t completely immune from some consequences.

And, Hamilton points out, there’s a big difference between being a cybercriminal and being labeled a terrorist by the US government.

“We change the rhetoric, we let them know we’re coming after you in a much different way now,” he said.

On the other hand, the aggressive response could make things worse if hackers are confident enough that they still won’t get caught.

“If they’re being targeted now, they’re going to get much more bold on the targets that they’re going after,” Forrester’s Turner said. “It becomes about getting revenge.”

New laws could also make it harder to pay and collect ransoms. If organizations are forbidden from paying ransom and cryptocurrencies become better regulated, that could go a long way to cutting off the money stream that is believed to fuel many of these attacks. Of course, both of these things are easier said than done. But it’s not impossible, either: Look at China’s crackdown on cryptocurrencies. Experts are split on whether ransom payments should be banned.

One silver lining to all of this is that organizations that haven’t invested in cybersecurity will finally realize that they could be attacked and make cybersecurity a priority — and have better guidance and resources to do so.

“I think with CISA finally on its way to getting the funding and resources, I think that there’s a very big opportunity to make security better for everybody,” Turner said. “At the end of the day, all of these folks are chasing the almighty dollar or the almighty bitcoin … And if it continues to be lucrative and there are no penalties or there’s no traceability to what some of these folks are doing, they’re going to continue to do it.”

Pride merch won’t save trans youth .
If corporations want to support LGBTQ people, they should fight against the wave of anti-trans bills, advocates say.Walmart earned a perfect 100 percent rating on the Human Rights Campaign’s 2021 Corporate Equality Index, which scores companies based on their support of LGBTQ employees through HR policies, practices, and benefits, as well as their public advocacy. Earlier this year, when Arkansas — Walmart’s home state and the location of its global headquarters — banned both gender-affirming medical care for young people and the participation of trans girls and women in school sports, the CEO of the retail giant issued a statement calling the legislation “troubling.

See also