Ransomware ‘hero’ pleads guilty to US hacking charges

Ransomware ‘hero’ pleads guilty to US hacking charges
This May 15, 2017, file photo shows British IT expert Marcus Hutchins, branded a hero for slowing down the WannaCry global cyberattack, during an interview in Ilfracombe, England. (AP)
Updated 20 April 2019

Ransomware ‘hero’ pleads guilty to US hacking charges

Ransomware ‘hero’ pleads guilty to US hacking charges
  • Hutchins could face up to one year in jail on each of the criminal counts along with financial penalties

WASHINGTON: A British computer security researcher once hailed as a “hero” for helping stem a ransomware outbreak and later accused of creating malware to attack the banking system said Friday he pleaded guilty to US criminal charges.
Marcus Hutchins, whose arrest in 2017 stunned the computer security community, acknowledged in a statement pleading guilty to criminal charges linked to his activity in 2014 and 2015.
“I regret these actions and accept full responsibility for my mistakes,” the 24-year-old Hutchins, known by his alias “MalwareTech,” wrote, noting that the charges related to his activity prior to his work in security.
“Having grown up, I’ve since been using the same skills that I misused several years ago for constructive purposes. I will continue to devote my time to keeping people safe from malware attacks.”
Hutchins in 2017 found a “kill switch” to stem the spread of the devastating WannaCry ransomware outbreak, prompting widespread news reports calling him a hero.
Months later he was arrested after attending the Def Con gathering of computer hackers in Las Vegas.
The case drew fire from critics who argued that researchers often work with computer code that can be deployed for malicious purposes.
A federal indictment unsealed in Wisconsin accused Hutchins and another individual of making and distributing the Kronos “banking Trojan,” a reference to malicious software designed to steal user names and passwords used on online banking sites.
According to the indictment, Hutchins was part of a conspiracy to distribute the hacking tool on so-called dark markets.
He was released on bail while awaiting trial, allowing him to continue working for a security firm. He had maintained his innocence and won support from many others in his profession.
US prosecutors did not immediately respond to an AFP query about the case. But court documents published by the news site ZDNet showed Hutchins could face up to one year in jail on each of the criminal counts along with financial penalties.
Other counts in the indictment were dismissed, according to the court papers.


International Space Station thrown out of control by misfire of Russian module — NASA

International Space Station thrown out of control by misfire of Russian module — NASA
Updated 30 July 2021

International Space Station thrown out of control by misfire of Russian module — NASA

International Space Station thrown out of control by misfire of Russian module — NASA

LOS ANGELES/MOSCOW: The International Space Station (ISS) was thrown briefly out of control on Thursday when jet thrusters of a newly arrived Russian research module inadvertently fired a few hours after it was docked to the orbiting outpost, NASA officials said.
The seven crew members aboard — two Russian cosmonauts, three NASA astronauts, a Japanese astronaut and a European space agency astronaut from France — were never in any immediate danger, according to NASA and Russian state-owned news agency RIA.
But the malfunction prompted NASA to postpone until at least Aug. 3 its planned launch of Boeing's new CST-100 Starliner capsule on an uncrewed test flight to the space station. The Starliner had been set to blast off atop an Atlas V rocket on Friday from the Kennedy Space Center in Florida.
Thursday's mishap began about three hours after the multipurpose Nauka module had latched onto the space station. The module's jets inexplicably restarted, causing the entire station to pitch out of its normal flight position some 250 miles above the Earth, US space agency officials said.
The "loss of attitudinal control" lasted for a little more than 45 minutes, until flight teams on the ground managed to restore the space station's orientation by activating thrusters on another module of the orbiting platform, according to Joel Montalbano, manager of NASA's space station program.
In its broadcast coverage of the incident, RIA cited NASA specialists at the Johnson Space Center in Houston, Texas, as describing the struggle to regain control of the space station as a "tug of war" between the two modules.
At the height of the incident, the station was pitching out of alignment at the rate of about a half a degree per second, Montalbano said hours later in a NASA conference call with reporters.
The Nauka engines were ultimately switched off, the space station was stabilized and its orientation was restored to where it had begun, NASA said.
Communication with the crew was lost briefly twice during the disruption, but "there was no immediate danger at any time to the crew," Montalbano said.
A drift in the space station's normal orientation was first detected by automatic sensors on the ground, and "the crew really didn't feel any movement," he said.
What caused the malfunction of the thrusters on the Nauka module, delivered by the Russian space agency Roscosmos, has yet to be determined, NASA officials said.
Montalbano said there was no immediate sign of any damage to the space station. The flight correction maneuvers used up more propellant reserves than desired, "but nothing I would worry about," he said.
After its launch last week from Kazakhstan's Baikonur Cosmodrome, the module experienced a series of glitches that raised concern about whether the docking procedure would go smoothly.
Roscosmos attributed Thursday's post-docking issue to Nauka's engines having to work with residual fuel in the craft, TASS news agency reported.
"The process of transferring the Nauka module from flight mode to 'docked with ISS' mode is underway. Work is being carried out on the remaining fuel in the module," Roscosmos was cited by TASS as saying.
The Nauka module is designed to serve as a research lab, storage unit and airlock that will upgrade Russia's capabilities aboard the ISS.
A live broadcast showed the module, named after the Russian word for "science," docking with the space station a few minutes later than scheduled.
"According to telemetry data and reports from the ISS crew, the onboard systems of the station and the Nauka module are operating normally," Roscosmos said in a statement.
"There is contact!!!" Dmitry Rogozin, the head of Roscosmos, wrote on Twitter moments after the docking. 


SpaceX lands NASA launch contract for mission to Jupiter’s moon Europa

SpaceX lands NASA launch contract for mission to Jupiter’s moon Europa
Updated 24 July 2021

SpaceX lands NASA launch contract for mission to Jupiter’s moon Europa

SpaceX lands NASA launch contract for mission to Jupiter’s moon Europa
  • Europa Clipper mission due for blastoff in October 2024

LOS ANGELES: Elon Musk’s private rocket company SpaceX was awarded a $178 million launch services contract for NASA’s first mission focusing on Jupiter’s icy moon Europa and whether it may host conditions suitable for life, the space agency said on Friday.
The Europa Clipper mission is due for blastoff in October 2024 on a Falcon Heavy rocket owned by Musk’s company, Space Exploration Technologies Corp, from NASA’s Kennedy Space Center in Florida, NASA said in a statement posted online.
The contract marked NASA’s latest vote of confidence in the Hawthorne, California-based company, which has carried several cargo payloads and astronauts to the International Space Station for NASA in recent years.
In April, SpaceX was awarded a $2.9 billion contract to build the lunar lander spacecraft for the planned Artemis program that would carry NASA astronauts back to the moon for the first time since 1972.
But that contract was suspended after two rival space companies, Jeff Bezos’s Blue Origin and defense contractor Dynetics Inc, protested against the SpaceX selection.
The company’s partly reusable 23-story Falcon Heavy, currently the most powerful operational space launch vehicle in the world, flew its first commercial payload into orbit in 2019.
NASA did not say what other companies may have bid on the Europa Clipper launch contract.
The probe is to conduct a detailed survey of the ice-covered Jovian satellite, which is a bit smaller than Earth’s moon and is a leading candidate in the search for life elsewhere in the solar system.
A bend in Europa’s magnetic field observed by NASA’s Galileo spacecraft in 1997 appeared to have been caused by a geyser gushing through the moon’s frozen crust from a vast subsurface ocean, researchers concluded in 2018. Those findings supported other evidence of Europa plumes.
Among the Clipper mission’s objectives are to produce high-resolution images of Europa’s surface, determine its composition, look for signs of geologic activity, measure the thickness of its icy shell and determine the depth and salinity of its ocean, NASA said. 

 

 


Climate ‘mysteries’ still puzzle scientists, despite progress

Climate ‘mysteries’ still puzzle scientists, despite progress
Updated 23 July 2021

Climate ‘mysteries’ still puzzle scientists, despite progress

Climate ‘mysteries’ still puzzle scientists, despite progress
  • Scientists are still unsure what part clouds play “in the energy balance of the planet”
  • Climate models have come a long way, even since 2014, but there is still room for improvement to reduce uncertainties

PARIS: What worries one of the world’s leading climate scientists the most?
Heatwaves — and particularly the tendency of current models to underestimate the intensity of these bursts of deadly, searing temperature.
This is one of the “major mysteries” science still has to unravel, climatologist Robert Vautard told AFP, even as researchers are able to pinpoint with increasing accuracy exactly how human fossil fuel pollution is warming the planet and altering the climate.
“Today we have better climate projection models, and longer observations with a much clearer signal of climate change,” said Vautard, one of the authors of an upcoming assessment by the United Nations’ panel of climate experts.
“It was already clear, but it is even clearer and more indisputable today.”
The assessment, the first part of a trio of reports from the Intergovernmental Panel on Climate Change (IPCC), will be released on August 9 at the end of meetings starting Monday.
It focuses on the science underpinning our understanding of things like temperature increases, rising ocean levels and extreme weather events.
This has progressed considerably since the last assessment in 2014, but so has climate change itself, with effects being felt ever more forcefully across the planet.

'Phenomenal temperatures'
Scientists now have a greater understanding of the mechanisms behind “extreme phenomena, which now occur almost every week around the world,” said Vautard, adding that this helps better quantify how these events will play out in the future.
In almost real time, researchers can pinpoint the role of climate change in a given disaster, something they were unable to do at all until very recently.
Now, so-called “attribution” science means we can say how probable an extreme weather event would have been had the climate not been changing at all.
For example, within days of the extraordinary “heat dome” that scorched the western United States and Canada at the end of June, scientists from the World Weather Attribution calculated that the heatwave would have been “almost impossible” without warming.
Despite these advances, Vautard said “major mysteries remain.”
Scientists are still unsure what part clouds play “in the energy balance of the planet” and their influence on the climate’s sensitivity to greenhouse gases, he said.
But it is “phenomenal temperatures,” like those recorded in June in Canada or in Europe in 2019, that preoccupy the climatologist.
“What worries me the most are the heat waves” and the “thousands of deaths” they cause, said Vautard, who is director of France’s Pierre-Simon Laplace Institute, a climate research and teaching center.
With rainfall, scientists have a physical law that says water vapor increases by seven percent for every degree of warming, he said, with intense precipitation increasing by about the same amount.
But extreme heat is harder to predict.
“We know that heatwaves are more frequent, but we also know that our models underestimate the increasing intensity of these heatwaves, particularly in Europe, by a factor of two,” he said.
Climate models have come a long way, even since 2014, but there is still room for improvement to reduce these uncertainties.
“Before we had models that represented the major phenomena in the atmosphere, in the oceans,” said Vautard.
Today the models divide the planet’s surface into grids, with each square around 10 kilometers (six miles).
But even now he said the “resolution of the models is not sufficient” for very localized phenomena.
The next generation of models should be able to add even more detail, going down to an area of about a kilometer.
That would give researchers a much better understanding of “small scale” events, like tornadoes, hail or storm systems that bring intense rain like those seen in parts of the Mediterranean in 2020.

'Tipping points'
Even on a global scale, some fundamental questions remain.
Perhaps one of the most ominous climate concepts to have become better understood in recent years is that of “tipping points.”
These could be triggered for example by the melting of the ice caps or the decline of the Amazon rainforest, potentially swinging the climate system into dramatic and irreversible changes.
There are still “a lot of uncertainties and mysteries” about tipping points, Vautard said, including what level of temperature rise might set them off.
Currently, they are seen as low probability events, but he said that it is still crucial to know more about them given the “irreversible consequences on the scale of millennia” that they could cause.
Another crucial uncertainty is the state of the world’s forests and oceans, which absorb about half of the CO2 emitted by humans.
“Will this carbon sink function continue to be effective or not?” Vautard said.
If they stop absorbing carbon — as has been found in areas of the Amazon, for example — then more C02 will accumulate in the atmosphere, raising temperatures even further.
“It is a concern,” said Vautard.


Scientists stunned by rare Arctic lightning storms north of Alaska

Scientists stunned by rare Arctic lightning storms north of Alaska
Updated 17 July 2021

Scientists stunned by rare Arctic lightning storms north of Alaska

Scientists stunned by rare Arctic lightning storms north of Alaska
  • Air over the Arctic Ocean typically lacks the convective heat needed to generate lightning storms, but that's changing, scientists say

ANCHORAGE, Alaska: Meteorologists were stunned this week when three successive thunderstorms swept across the icy Arctic from Siberia to north of Alaska, unleashing lightning bolts in an unusual phenomenon that scientists say will become less rare with global warming.
“Forecasters hadn’t seen anything like that before,” said Ed Plumb, a National Weather Service meteorologist in Fairbanks, speaking about the storms that started on Saturday.
Typically, the air over the Arctic Ocean, especially when the water is covered with ice, lacks the convective heat needed to generate lightning storms.
But as climate change warms the Arctic faster than the rest of the world, that’s changing, scientists say.
Episodes of summer lightning within the Arctic Circle have tripled since 2010, a trend directly tied to climate change and increasing loss of sea ice in the far north, scientists reported in a March study published in the journal Geophysical Research Letters. As sea ice vanishes, more water is able to evaporate, adding moisture to the warming atmosphere.
“It’s going to go with the temperatures,” said co-author Robert Holzworth, an atmospheric physicist at the University of Washington in Seattle.
These electrical storms threaten boreal forests fringing the Arctic, as they spark fires in remote regions already baking under the round-the-clock summer sun. Boreal Siberia in Russia gets more lightning than any other Arctic region, Holzworth said.

“What used to be very rare is now just rare.”

Rick Thoman, climate scientist at University of Alaska Fairbanks

The paper also documented more frequent lightning over the Arctic’s treeless tundra regions, as well as above the Arctic Ocean and pack ice. In August 2019, lightning even struck within 60 miles (100 kilometers) of the North Pole, the researchers found.
In Alaska alone, thunderstorm activity is on track to increase three-fold by the end of the century if current climate trends continue, according to two studies by scientists at the National Center for Atmospheric Research in Boulder, Colorado, published over the last year in the journal Climate Dynamics.
“What used to be very rare is now just rare,” said Rick Thoman, a climate scientist with the University of Alaska Fairbanks. As the parade of Arctic storms this week demonstrated, lightning is already appearing in unexpected places, he said. “I have no memory of three consecutive days of this kind of thing” in the Arctic.
With the sharp uptick in lightning, Siberia has seen increasingly ferocious forest fires in recent years. This week, the Russian army deployed water-dropping aircraft to douse flames burning some nearly 2 million acres (800,000 hectares) of forest, while the hardest-hit region of Yakutia has been in a state of emergency for weeks.
Meanwhile, mid-June lightning sparked one of the biggest fires this summer in Alaska, scorching more than 18,000 acres of tundra about 125 miles (200 km) north of the Arctic Circle in the Noatak National Preserve in the northwestern corner of the state.
Warming in the Arctic is also encouraging the growth of vegetation on northern Alaska’s tundra, adding further fuel for fires, scientists said.
By the end of the century, twice as much Alaska tundra could burn on a regular basis than was the norm in the past, with fires occurring four times more frequently, according to researchers at the International Arctic Research Center in Fairbanks.
On the water, the lightning is an increasing hazard to mariners, and vessel traffic is increasing as sea ice retreats, Holzworth said.
People can become lightning rods and usually try to get low for safety. That’s tough to do on flat tundra or ocean expanse.
“What you really need is to pay better attention to the lightning forecasts,” he said.


US, UK cybersecurity agencies disclose hacking methods used by Russian spy group

US, UK cybersecurity agencies disclose hacking methods used by Russian spy group
Updated 02 July 2021

US, UK cybersecurity agencies disclose hacking methods used by Russian spy group

US, UK cybersecurity agencies disclose hacking methods used by Russian spy group
  • Operatives linked to Russia's spy agency GRU have tried to break into networks using Kubernetes, says NSO

WASHINGTON: US and British agencies disclosed on Thursday details of “brute force” methods they say have been used by Russian intelligence to try to break into the cloud services of hundreds of government agencies, energy companies and other organizations.
An advisory released by the US National Security Agency describes attacks by operatives linked to the GRU, the Russian military intelligence agency, which has been previously tied to major cyberattacks abroad and efforts to disrupt the 2016 and 2020 American elections.
In a statement, NSA Cybersecurity Director Rob Joyce said the campaign was “likely ongoing, on a global scale.”
Brute force attacks involve the automated spraying of sites with potential passwords until hackers gain access. The advisory urges companies to adopt methods long urged by experts as common-sense cyber hygiene, including the use of multi-factor authentication and mandating strong passwords.
Issued during a devastating wave of ransomware attacks on governments and key infrastructure, the advisory does not disclose specific targets of the campaign or its presumed purpose, saying only that hackers have targeted hundreds of organizations worldwide.
The NSA says GRU-linked operatives have tried to break into networks using Kubernetes, an open-source tool originally developed by Google to manage cloud services, since at least mid-2019 through early this year. While a “significant amount” of the attempted break-ins targeted organizations using Microsoft’s Office 365 cloud services, the hackers went after other cloud providers and email servers as well, the NSA said.
The US has long accused Russia of using and tolerating cyberattacks for espionage, spreading disinformation, and the disruption of governments and key infrastructure.
The Russian Embassy in Washington on Thursday “strictly” denied the involvement of Russian government agencies in cyberattacks on US government agencies or private companies.
In a statement posted on Facebook, the embassy said, “We hope that the American side will abandon the practice of unfounded accusations and focus on professional work with Russian experts to strengthen international information security.”
Joe Slowik, a threat analyst at the network-monitoring firm Gigamon, said the activity described by NSA on Thursday shows the GRU has further streamlined an already popular technique for breaking into networks. He said it appears to overlap with Department of Energy reporting on brute force intrusion attempts in late 2019 and early 2020 targeting the US energy and government sectors and is something the US government has apparently been aware of for some time.
Slowik said the use of Kubernetes “is certainly a bit unique, although on its own it doesn’t appear worrying.” He said the brute force method and lateral movement inside networks described by NSA are common among state-backed hackers and criminal ransomware gangs, allowing the GRU to blend in with other actors.
John Hultquist, vice president of analysis at the cybersecurity firm Mandiant, characterized the activity described in the advisory as “routine collection against policy makers, diplomats, the military, and the defense industry.”
“This is a good reminder that the GRU remains a looming threat, which is especially important given the upcoming Olympics, an event they may well attempt to disrupt,” Hultquist said in a statement.
The FBI and the Cybersecurity and Infrastructure Security Agency joined the advisory, as did the British National Cyber Security Center.
The GRU has been repeatedly linked by US officials in recent years to a series of hacking incidents. In 2018, special counsel Robert Mueller’s office charged 12 military intelligence officers with hacking Democratic emails that were then released by WikiLeaks in an effort to harm Hillary Clinton’s presidential campaign and boost Donald Trump’s bid.
More recently, the Justice Department announced charges last fall against GRU officers in cyberattacks that targeted a French presidential election, the Winter Olympics in South Korea and American businesses.
Unlike Russia’s foreign intelligence agency SVR, which is blamed for the SolarWinds hacking campaign and is careful not to be detected in its cyber ops, the GRU has carried out the most damaging cyberattacks on record, including two on Ukraine’s power grid and the 2017 NotPetya virus that caused more than $10 billion in damage globally.
GRU operatives have also been involved in the spread of disinformation related to the coronavirus pandemic, US officials have alleged. And an American intelligence assessment in March says the GRU tried to monitor people in US politics in 2019 and 2020 and staged a phishing campaign against subsidiaries of the Ukrainian energy company Burisma, likely to gather information damaging to President Joe Biden, whose son had earlier served on the board.
The Biden administration in April sanctioned Russia after linking it to election interference and the SolarWinds breach.