The FBI silently removed Russian malware to thwart global cyberattacks

Attorney General Merrick B. Garland has revealed that the United States secretly removed malware from computer networks around the world over the past few weeks to pre-empt Russian cyberattacks. As The New York Times reports, Garland’s announcement comes shortly after the White House warned companies that Russia could attack critical infrastructure in the country, such as financial institutions and the electric grid. Apparently, the malware the US removed enabled the intelligence arm of the Russian military called the GRU to create botnets out of the infected computer networks. 

According to the Justice Department, the malware was designed to infect firewalls and made the compromised networks part of a botnet called Cyclops Blink. It’s controlled by Sandworm, a notorious group that the US government had previously connected to the GRU. Cyclops Blink is Sandworm’s latest known botnet, and it only came to light back in February. It’s still unclear what Russia was planning to do with the hijacked computers, but botnets are typically used to perform large-scale Distributed Denial of Service (DDoS) attacks, as well as to send spam and to compromise sensitive information. 

In its press release, the DOJ said the FBI notified owners of infected devices in the US before Cyclops Blink was identified in February 23rd. It also notified companies outside the country through local law enforcement partners. However, US authorities didn’t want to wait to find out what the botnet would be used for. 

The Justice Department and the FBI obtained secret court orders in the US and secured the help of governments worldwide to quietly remove the malware from infected devices. Those court orders even gave them the power to remotely remove the malware from American companies’ networks without their knowledge. After the feds disinfected the compromised machines, they also closed the external management ports Sandworm was using for access.

Over the past months, the Biden administration has been exposing as much intelligence on Russia as possible without giving away its actions to catch Putin off guard. This disclosure is just its latest effort to send a message to the Russian president. The fact that Sandworm infiltrated networks around the world to create a botnet just shows, however, that there’s a cyber warfare going on that might end up affecting countries other than Ukraine. If you’ll recall, a major cyberattack took down Ukraine’s government websites before the Russian invasion of the country began. Ukraine’s government, as well as US and UK authorities, blamed the attacks on the GRU.

State Department’s new bureau makes cybersecurity a part of foreign policy

The Department of State has cut the ribbon on the Bureau of Cyberspace and Digital Policy (CDP), which is now in operation. The move makes cybersecurity a more formal area of focus for US foreign policy following a swathe of attacks linked to Russia and China.

Secretary of State Antony Blinken announced the CDP in October. The bureau comprises three policy units: International Cyberspace Security, International Information and Communications Policy and Digital Freedom.

The office will eventually be led by an Ambassador-at-Large, who will require Senate confirmation. Jennifer Bachus, a career member of the Senior Foreign Service, is running the bureau on an acting basis as senior official and principal deputy assistant secretary.

The bureau could help the US address cybersecurity threats both by itself and through partnerships with allies. A spate of major hacks have been attributed to state-linked actors from Russia and China over the last several years, including several Microsoft Exchange cyberattacks (for which the Biden administration pinned the blame on China). Others include the SolarWinds attack, over which the US has sanctioned multiple Russian companies, individuals and entities.

In February, FBI Director Christopher Wray said the agency had more than 2,000 active investigations related to thefts of US tech or information that were allegedly carried out by China. He claimed the country had a “massive, sophisticated hacking program that is bigger than those of every other major nation combined.” Shortly before Russia invaded the country in February, Ukraine’s government blamed it for a cyberattack against its websites.

President Biden signed an executive order last May that sought to bolster the country’s cybersecurity infrastructure. He followed that up in January with an EO that contained more concrete directives concerning the Defense Department, the intelligence community and national security systems.

The UK will issue an official NFT (sigh)

The UK wants to show that it’s embracing crypto, and that includes digital tokens — whether you like them or not. Chancellor of the Exchequer Rishi Sunak has announced that the Royal Mint will issue an official NFT sometime this summer. More details aren’t yet available but Economic Secretary John Glen billed the token as a symbol of the “forward-looking approach” the country was taking toward crypto technologies.

The NFT will come as part of a broader effort to support financial technology, and crypto in particular. The UK government aims to create a “dynamic regulatory landscape” that welcomes the technology, according to Glen. It now plans legislation that will welcome stablecoins into the country’s payment infrastructure, will mull the legal status of Decentralized Autonomous Organizations (DAOs) and hopes to remove “disincentives” to investment funds that include crypto.

The Financial Conduct Authority has already been experimenting through a regulatory sandbox, and plans its first in a series of policy “crypto-sprints” this May. The government is also forming a Cryptoasset Engagement Group that includes representatives from the FCA, Bank of England and business, with as many as eight meetings per year.

Glen was aware of the concerns surrounding crypto, such as the potential for scams, bootleg activity and environmental harms. However, he cast the NFT and similar projects as an opportunity to get “in on the ground floor” and thrive should crypto take off.

The NFT won’t thrill critics who see the tokens as creating artificial scarcity, increasing emissions or otherwise wasting resources. However, it will signal the UK government’s willingness to court the crypto industry. The country is clearly early to recreate its reputation as a financial hub in the digital realm.

White House launches covid.gov with testing and treatment resources

The White House has launched covid.gov, a dedicated website for COVID-19 guidance, including resources for treatment and testing. The site is meant to be a “one-stop shop” for all things related to COVID-19, including testing and treatment options, mas…

Lung Association report suggests zero-emission vehicles could save 110,000 US lives

The American Lung Association has released a report detailing the public health benefits of a complete national shift to zero-emission vehicles from 2020 to 2050. Apparently, if all new passenger and heavy-duty vehicles sold by 2035 and 2040, respectively, are zero-emission models, 110,000 deaths could be avoided in the United States over the next 30 years. That figure came from the association’s analysis, which also projects that the Biden administration will achieve its target of having 100 percent carbon pollution-free electricity by 2035.

With no air pollution affecting people’s health, up to 2.79 million asthma attacks could also be avoided. And perhaps to convince companies to get onboard with the transition, the association also made it a point to mention that up to 13.4 million lost workdays could be avoided with cleaner air. 

Harold Wimmer, National President and CEO of the American Lung Association, said in a statement:

“Zero-emission transportation is a win-win for public health. Too many communities across the U.S. deal with high levels of dangerous pollution from nearby highways and trucking corridors, ports, warehouses and other pollution hot spots. Plus, the transportation sector is the nation’s biggest source of carbon pollution that drives climate change and associated public health harms. This is an urgent health issue for millions of people in the U.S.”

The widespread transition to zero-emission vehicles would generate up to $1.2 trillion in public health benefits, the report noted, and $1.7 trillion in climate benefits. Communities and counties with the highest percentage of lower-income families and People of Color in the US would benefit greatly from the shift, since they have areas with highly concentrated doses of pollution from diesel hotspots, power plants and other fossil fuel facilities. The top metro locations that would benefit the most include Los Angeles, New York, Chicago, San Jose, Washington, Miami, Houston, Detroit and Dallas Fort-Worth. 

To be able to ensure that all new vehicles sold by 2040 are zero-emission and that the grid can supply the country with pollution-free electricity within 15 years, the association has listed a series of recommendations. They include a call for increased funding for non-combustion electricity generation and transportation, extending and expanding incentives for zero-emission vehicle purchases and “converting public fleets to zero-emission vehicles immediately.” The association is also urging the Congress to pass legislation that would accelerate the transition and for the EPA to adopt standards that would require lower carbon emissions from vehicles before the shift is complete. 

Transportation Secretary Buttigeig lays out his department’s electrified vision at SXSW 2022

Despite the pandemic shuttering offices and upending commutes across the nation for more than two years, America’s roads and bridges remain critical to its economic and social well being, acting as a circulatory system for goods and people. But like the ticker found in your average American, our transportation system could stand more routine checkups and maybe a few repavings if it wants to still be around in another four decades. The guy whose job it is to make sure that happens, US Secretary of Transportation Pete Buttigeig, took to the SXSW stage at the Austin Convention Center last week to discuss the challenges that his administration faces.

The Secretary’s hour-long town hall presentation touched on a wide range of subjects beginning with the projects his agency plans to focus on thanks to the recent passage of a $1.2 trillion infrastructure package, roughly half of which is earmarked for transportation programs. “There are five things that we’re really focused on,” Secretary Buttigeig said. “Safety, economic development, climate, equity and transformation.

“It’s the reason the department exists,” he continued. “We have a Department of Transportation, first and foremost, to make sure everybody can get to where they need to go safely.”

But despite his agency’s efforts, the Secretary noted that some 38,000 Americans died on the road last year, compared to air travel where, “it’s not unusual to have a year where there are zero deaths in commercial aviation in the United States… I don’t believe it has to be that way.”

These investments will also help position the country to better compete economically. He points to China, which has invested extensively in its infrastructure for decades, “because of how important it is for their economic future,” he said. “This is what countries do. This is what the United States, historically, has done except we sort of skipped about 40 years.”

We need not look further than the collapse of Pittsburgh’s Forbes Avenue bridge in January to see the impacts of nearly half a century of investment austerity upon the nation’s roadways. Hours before President Biden was scheduled to speak in the city, promoting his infrastructure plan no less, when the elevated span fell, sending ten people to the hospital with non-life-threatening injuries and highlighting Pennsylvania’s ongoing struggles to ensure the proper upkeep of its nearly 500 bridges.

Ensuring the safe operation of transportation also promotes economic development, Buttigeig argued, “so we’re going to make sure that we drive economic opportunity through great transportation, both in the installation of electric chargers and the laying of track.”

Tempering the capitalist urges that a functional transportation network seems to rouse are the agency’s climate goals. “Every transportation decision is a climate decision, whether we recognize it or not,” Buttigeig said, noting that the transportation sector is the US economy’s second leading source of greenhouse gas, behind the energy sector. “Not only do we have to cut emissions from transportation on our roads by making it so that you don’t have to drag two tons of metal along to get to where you need to go all the time, we’ve got to prepare for the climate impacts that are already happening.”

Secretary Buttigeig also touched on how to most equitably distribute the benefits from those mitigation efforts and the incoming investment funds. “Infrastructure can and should connect, but sometimes it divides,” Buttigeig said, referencing the nation’s historical red-lining practices and “urban renewal” projects that tore apart black communities for generations.

“We have a responsibility to make sure that doesn’t happen this time around, and to make sure that the jobs that are going to be created, are available to everybody,” he continued. “Including fields that have been traditionally very male, or very white, but could be open to everybody. A lot of great pathways in the middle class, through these kinds of construction and infrastructure jobs that are being created.”

Looking ahead, “I will say that I think the 2020s will probably be one of the most transformative periods we’ve ever seen in transportation,” Buttigeig told the SXSW audience, nodding to recent advances in EVs, automation, UAVs and private space flight. “These things are happening, they’re upon us, and we have an opportunity to prepare the way to make sure that the development of these innovations benefits us in terms of public policy goals.”

But for the Transportation Secretary’s excitement at these future prospects, he had no misconceptions about how long it will likely take to achieve them. “I get a lot of interviews where the first question is, ‘all right, what are we going to see this summer,’” he said. “I will say, you will see more construction starting to happen as early as this summer in some places as a result of this bill.”

This is not a 2009 economic stimulus-style plan where “the idea was to get as much money pumped into our economy as possible to stimulate demand and deal with high unemployment,” he said. “This is a very different economic reality right now. And there’s a very different purpose behind this bill. It’s not about short-term stimulus. This is about getting ready for the long term.”

Bipartisan bill would expand US data collection transparency requirements

A bipartisan group of legislators today introduced bills in the House and Senate that would expand transparency requirements when it comes to government surveillance of US citizens, adding email, text, location and cloud data to the existing reporting framework. Currently, the US government is required to alert Americans who have been targeted by wiretaps and bank record subpoenas, but this doesn’t apply to digital or cloud data. The Government Surveillance Transparency Act aims to adjust the parameters of this rule, expanding it to cover more common, modern forms of digital communication and data storage.

The Senate bill is sponsored by Oregon Democrat Ron Wyden, Montana Republican Steve Daines, New Jersey Democrat Cory Booker and Utah Republican Mike Lee, while a companion bill in the House of Representatives is backed by California Democrat Ted Lieu and Ohio Republican Warren Davidson. They argue that hundreds of thousands of criminal surveillance orders from US authorities go unreported each year, keeping Americans in the dark about the broad scope of government monitoring programs.

The bill also addresses the government’s use of gag orders to halt technology companies from informing their customers of surveillance campaigns. While many tech companies have tried voluntarily reporting government subpoenas and data requests to their customers, authorities have used gag orders to keep these campaigns secret, according to the legislators.

“When the government obtains someone’s emails or other digital information, users have a right to know,” Wyden said in a press release. “Our bill ensures that no investigation will be compromised, but makes sure the government can’t hide surveillance forever by misusing sealing and gag orders to prevent the American people from understanding the enormous scale of government surveillance, as well as ensuring that the targets eventually learn their personal information has been searched.”

Alongside reforms to notification requirements and the gag-order process, the legislation would force authorities to publish online general information about every surveillance order they complete. It also would require law enforcement to notify the courts if they search the wrong person, house or device in the scope of an investigation, and also if a company shares unauthorized information.

New SEC rules would require companies to disclose climate goals and emissions

Public companies would be required to disclose greenhouse gas emissions they produce under new rules proposed by the US Securities and Exchange Commission. The move is part of the Biden government’s push to identify climate risks and cut emissions as much as 52 percent by 2030. The SEC’s three Democratic commissioners voted to approve the proposal, while Republican commissioner Hester M. Peirce voted against it.

“I am pleased to support today’s proposal because, if adopted, it would provide investors with consistent, comparable, and decision-useful information for making their investment decisions, and it would provide consistent and clear reporting obligations for issuers,” said SEC Chair Gary Gensler.

Under the new rule, companies would need to explain how climate risks would affect their operations and strategies. They’d be required to share the emissions they generate and larger companies would need to have those numbers confirmed by independent consulting firms. They’d also need to disclose indirect emissions generated by supplies and customers if those are “material” to their climate goals. 

In addition, any companies that have made public promises to reduce their carbon footprint would need to explain how they plan to meet those goals. That includes the use of carbon offsets like planting trees, which have been criticized as being a poor substitute for actually slashing emissions, as Greenpeace said in a recent report

The SEC already allows for voluntary emissions guidance, but the new rules would make it mandatory. Many companies like Ford already share emissions date from factory production as well as vehicle fuel usage. However, “there are lots of companies that won’t do it unless it’s mandatory,” task force chief Mary Schapiro told The Washington Post ahead of the report’s release. 

After the proposed rule is published on the SEC’s website, the public will have 60 days to comment. The final rule will likely head to a vote in several months, and would be phased in over several years. The ruling will likely be challenged in court by Republicans in states like West Virginia, along with business groups, on the grounds that climate change is not a material issue for investors in the near future. 

However, experts have warned that time is of the essence. The Intergovernmental Panel on Climate Change (IPCC) recently issued a report stating that many of the impacts of global warming are “irreversible” and that there’s only a brief window of time to avoid the worst. UN Secretary General Antonio Guterres called it a “damning indictment of failed climate leadership.” 

Impostor poses as Ukraine’s Prime Minister in video call with UK defense secretary

The British defense secretary has ordered an inquiry into a video call he received on Thursday from an imposter pretending to be Denys Shmyhal, Ukraine’s prime minister. In a series of tweets, the Right Honorable Ben Wallace disclosed that the man aske…