A new cyber virus spread from Ukraine to wreak havoc around the globe on

Wednesday, crippling thousands of computers, disrupting ports from Mumbai to Los Angeles and halting production at a chocolate factory in Australia.

The virus is believed to have first taken hold on Tuesday in Ukraine where it silently infected computers after users downloaded a popular tax accounting package or visited a local news site, national police and international cyber experts said.

More than a day after it first struck, companies around the world were still wrestling with the fallout while cybersecurity experts scrambled to find a way to stem the spread.

Danish shipping giant A.P. Moller-Maersk said it was struggling to process orders and shift cargoes, congesting some of the 76 ports around the world run by its APM Terminals subsidiary.

U.S. delivery firm FedEx Corp said its TNT Express division had been significantly affected by the virus, which also wormed its way into South America, affecting ports in Argentina operated by China’s Cofco.

The malicious code locked machines and demanded victims post a ransom worth $300 in bitcoins or lose their data entirely, similar to the extortion tactic used in the global WannaCry ransomware attack in May.

More than 30 victims paid up but security experts are questioning whether extortion was the goal, given the relatively small sum demanded, or whether the hackers were driven by destructive motives rather than financial gain.

Hackers asked victims to notify them by email when ransoms had been paid but German email provider Posteo quickly shut down the address, a German government cybersecurity official said.

Ukraine, the epicenter of the cyber strike, has repeatedly accused Russia of orchestrating attacks on its computer systems and critical power infrastructure since its powerful neighbor annexed the Black Sea peninsula of Crimea in 2014.

The Kremlin, which has consistently rejected the accusations, said on Wednesday it had no information about the origin of the global cyberattack, which also struck Russian companies such as oil giant Rosneft and a steelmaker.

“No one can effectively combat cyber threats on their own, and, unfortunately, unfounded blanket accusations will not solve this problem,” said Kremlin spokesman Dmitry Peskov.

ESET, a Slovakian company that sells products to shield computers from viruses, said 80 percent of the infections detected among its global customer base were in Ukraine, with Italy second hardest hit with about 10 percent.

Eternal blue

The aim of the latest attack appeared to be disruption rather than ransom, said Brian Lord, former deputy director of intelligence and cyber operations at Britain’s GCHQ and now managing director at private security firm PGI Cyber.

“My sense is this starts to look like a state operating through a proxy … as a kind of experiment to see what happens,” Lord told Reuters on Wednesday.

While the malware seemed to be a variant of past campaigns, derived from code known as Eternal Blue believed to have been developed by the U.S. National Security Agency (NSA), experts said it was not as virulent as May’s WannaCry attack.

Security researchers said Tuesday’s virus could leap from computer to computer once unleashed within an organization but, unlike WannaCry, it could not randomly trawl the internet for its next victims, limiting its scope to infect.

Bushiness that installed Microsoft’s latest security patches from earlier this year and turned off Windows file-sharing features appeared to be largely unaffected.

There was speculation, however, among some experts that once the new virus had infected one computer it could spread to other machines on the same network, even if those devices had received a security update.

After WannaCry, governments, security firms and industrial groups advised businesses and consumers to make sure all their computers were updated with Microsoft security patches.

Austria’s government-backed Computer Emergency Response Team (CERT) said “a small number” of international firms appeared to be affected, with tens of thousands of computers taken down.

Security firms including Microsoft, Cisco’s Talos and Symantec said they had confirmed some of the initial infections occurred when malware was transmitted to users of a Ukrainian tax software program called MEDoc.

The supplier of the software, M.E.Doc denied in a post on Facebook that its software was to blame, though Microsoft reiterated its suspicions afterwards.

“Microsoft now has evidence that a few active infections of the ransomware initially started from the legitimate MEDoc updater process,” it said in a technical blog post.

Russian security firm Kaspersky said a Ukrainian news site for the city of Bakhumut was also hacked and used to distribute the ransomware to visitors, encrypting data on their machines.

Corporate Chaos

A number of the international firms hit have operations in Ukraine, and the virus is believed to have spread within global corporate networks after gaining traction within the country.

Shipping giant A.P. Moller-Maersk, which handles one in seven containers shipped worldwide, has a logistics unit in Ukraine.

Other large firms affected, such as French construction materials company Saint Gobain and Mondelez International Inc, which owns chocolate brand Cadbury, also have operations in the country.

Maersk was one of the first global firms to be taken down by the cyberattack and its operations at major ports such as Mumbai in India, Rotterdam in the Netherlands and Los Angeles on the U.S. west coast were disrupted.

Other companies to succumb included BNP Paribas Real Estate, a part of the French bank that provides property and investment management services.

“The international cyberattack hit our non-bank subsidiary, Real Estate. The necessary measures have been taken to rapidly contain the attack,” the bank said on Wednesday.

Production at the Cadbury factory on the Australian island state of Tasmania ground to a halt late on Tuesday after computer systems went down.

Russia’s Rosneft, one of the world’s biggest crude producers by volume, said on Tuesday its systems had suffered “serious consequences” but oil production had not been affected because it switched to backup systems.
…

The U.N.’s disarmament chief warned Wednesday that terrorists and non-state actors are using the so-called dark web to seek the tools to make and deliver weapons of mass destruction.

“The global reach and anonymity of the dark web provides non-state actors with new marketplaces to acquire dual-use equipment and materials,” U.N. High Representative for Disarmament Affairs Izumi Nakamitsu told a meeting of the U.N. Security Council.

The dark web is a part of the internet that requires special software to access and allows users and website operators to remain anonymous or untraceable, making it appealing to criminals, terrorists and pedophiles.

Nakamitsu said that dual-use items are complicating their efforts to address the risks posed by WMD.

“We must keep in mind that many of the technologies, goods and raw materials required for developing weapons of mass destruction and their means of delivery derive from legitimate commercial applications that benefit many people,” she said. Nakamitsu added that it is important to strike the right balance between collective security and commercial opportunity with preventing proliferation.

Weapons of mass destruction include nuclear, chemical, radiological and biological weapons.

“While there are still significant technical hurdles that terrorist groups need to overcome to effectively use weapons of mass destruction, a growing number of emerging technologies could make this barrier easier to cross,” Nakamitsu said.

In addition to the dark web, she said the use of drones and 3-D printers by non-state actors are also growing concerns. Nakamitsu urged intensified international cooperation to make it harder for terrorists and criminals to illegally traffic sensitive materials.

Chemical weapons

Terrorists have already used poison gas in at least one deadly attack.

In Syria, Islamic State used mustard gas on civilians in the town of Marea in August 2015, according to a U.N.-authorized investigation last year. (The same investigators also concluded that the Syrian government carried out at least two chemical weapons attacks on civilians living in rebel-controlled areas in 2014 and 2015.)

“The use by non-state actors of chemical weapons is no longer a threat, but a chilling reality,” Joseph Ballard, a senior official with the Organization for the Prohibition of Chemical Weapons (OPCW) told council members.

Ballard said the OPCW is working to enhance the security of the global supply chain of dual-use materials and technologies, including working with international customs officials. He said the organization also works closely with the international chemical industry, to ensure that toxic chemicals do not fall into the wrong hands.
…

A global cyberattack disrupted operations Wednesday at India’s largest container port, adding to the headaches of governments and businesses affected by so-called ransomware code that takes a user’s data hostage until the victim agrees to pay for its release.

The problems at Jawaharlal Nehru Port in Mumbai involved a terminal run by Danish shipping giant A.P. Moller-Maersk.  The company had said Tuesday as the attack was spreading largely in Europe and the United States that the malicious code was affecting terminals “in a number of ports.”

Australia’s Cyber Security Minister Dan Tehan told reporters Wednesday that officials have not yet confirmed the same computer virus was responsible for ransomware attacks on two Australian companies, but that “all indications would point to” that being the case.

Ukraine targeted first

Banks, government offices and airports in Ukraine were among the first to report the cyberattack.

Ukrainian Deputy Prime Minister Pavlo Rozenko tweeted a photo of his black computer screen, saying the government’s headquarters had been shut down.

Other international firms that reported being affected include America’s Merck pharmaceutical company, Russia’s Rosneft oil giant, British advertising giant WPP and French industrial group Saint-Gobain.

“We confirm our company’s computer network was compromised today as part of global hack. Other organizations have also been affected,” Merck said on Twitter.

A U.S. National Security Council spokesman said the Department of Homeland Security, the FBI and other agencies are “working with public and private, domestic and international partners to respond to this event and provide technical information for prevention and remediation.”

“Individuals and organizations are discouraged from paying the ransom as this does not guarantee access will be restored,” the spokesman added.

Ransom demands 

Europol’s European Cybercrime Center has told anyone affected by Tuesday’s attack to report the crime to national police and encouraged them not to pay any ransom requested by hackers.

“What is interesting about this particular case is that the email system that is supposed to be used to deposit the Bitcoin ransoms has actually been disabled, so the hackers in this case may not get what they bargained for,” Cedric Leighton, who operates his own crisis management consultancy, told VOA.

WATCH: Related video report

Eternal Blue

The computer virus used in the attack includes code known as Eternal Blue, a tool developed by the NSA that exploited Microsoft’s Windows operating system and which was published on the internet in April by a group called Shadow Brokers.  Microsoft released a patch to protect systems from the exploit in March.

A similar ransomware attack last month named “WannaCry” affected computer systems in 150 countries.

Tim Rawlins, director of the Britain-based cybersecurity consultancy NCC Group, says these attacks continue to happen because people have not been keeping up with effectively patching their computers.

“This is a repeat WannaCry type of outbreak and it really comes down to the fact that people are not focusing on what they should be focusing on, the very simple premise of patching your systems,” Rawlins told VOA.

WATCH: Ransomeware basics facts
…

While technological revolution is changing much of the world, there are still areas that have seen only very small benefits, or none at all. There, people still live without electricity, clean water and basic healthcare. At a competition recently held in Washington, innovators presented affordable new devices, specially designed to help improve the lives of the world’s poorest. VOA’s George Putic reports.
…

International business in the United States and Europe, as well as Ukrainian state institutions, were among those affected by cyberattacks on Tuesday. The virus locked digital files and demanded payment for help to restore access to them. VOA’s Zlatica Hoke reports.
…

Tech enthusiasts may be drawn to HoloLens, the head-mounted holographic computer from Microsoft, but company executives say businesses also should consider how it can help improve their bottom line.

The wearable device allows users to interact with holograms using their gaze and simple hand gestures. Virtual interfaces are superimposed onto the immediate environment, combining the real world with a digital one. It’s a form of mixed reality that Microsoft executives say offers more than just entertainment value — it can be put to work in business scenarios.

“We’re seeing mixed reality broadly as a new kind of dimension, literally, of how we’re going to interact with information,” said Greg Sullivan, director of communications for the Windows and devices group at Microsoft.

Companies like German elevator maker Thyssenkrupp have begun experimenting with HoloLens. In a promotional video, an elevator repairman dons a HoloLens headset to begin a work order. The computer assesses the repair situation and displays holographic guidance, along with the ability to conference in an associate located remotely.

The associate can interact within the repair technician’s virtual workspace, “She can sit in her office in Germany and scale her expertise literally around the world … see what they’re seeing, guide them and even ink on their display,” Sullivan said.

WATCH: High-tech HoloLens in Action

Cirque de Soleil

Data visualization is another potential use for HoloLens.

“You can walk around the 3-dimensional representation of that data and it gives you powerful new insights, because as humans, we live in a 3-D world and we understand things better … if we interact with them in three dimensions,” Sullivan said.

That can be useful for creative industries. At Microsoft’s recent “Build” conference for software developers, set designers from Cirque de Soleil demonstrated how holographic versions of their theater sets allowed them to plan ahead. Team members wearing HoloLens could walk around and interact with true-to-scale holograms of their set designs, even inserting virtual avatars of real-life performers.

Architecture and engineering

Other industries that utilize 3-D modeling, like architecture and engineering, potentially can benefit from holographic computing, too. Trimble, a company specializing in GPS technologies, developed an application for HoloLens that allows architects and contractors to manipulate 3-D holographic designs and models in real-life environments, such as construction sites.

“You can have multiple people sharing an experience in mixed reality, look at a digital version of the project … and then make those changes in real time and all see them, and then go ahead and move right into production much, much quicker,” said Sullivan. “The efficiencies that are gained are really profound.”

Chris Silva, research director at Gartner, agrees. “3-D models in health care, extremely complex design documents … they’re a natural fit for something like HoloLens, where stepping into the data really can help get the job done better,” Silva said.

Big investment

But like many new technologies, HoloLens’ price tag initially may deter widespread adoption. The device retails for $3,000 for a developer edition and $5,000 for a business edition that comes bundled with enterprise applications.

“The biggest risk is making an investment in this technology and not having a plan for how it gets used,” Silva said. “These are devices that are two, maybe even three, times the cost of the average laptop, and much more expensive than a mobile device. They’re new, and therefore the organizations aren’t always sure how they’re going to use them.”

Silva recommends that companies take a pilot approach to the technology by introducing it to a single group, picking one process to improve upon and analyzing the subsequent results.

Microsoft’s long-time presence on office desktops means HoloLens eventually could transform everyday workspaces.

“When we look at the average worker model, where this type of technology starts literally replacing people’s monitors on their desks, somebody like Microsoft is well positioned to capture that,” Silva said. “They can plug HoloLens into the way they’re doing business today.”

Overall, Silva is excited for future developments in the mixed reality space.

“This is definitely the next frontier of mobile devices … this could be the next thing that replaces the desktop PC, the iPad, the smartphone in your pocket.”
…

Facebook announced Tuesday that it now has more than 2 billion users.

Facebook, which was a social website available only to Harvard University students when it was launched in 2004, has recently been criticized for giving extremist groups an easy way to disseminate content over the internet.

CEO and founder Mark Zuckerberg addressed the “Facebook community” after Tuesday’s announcement and defended the social media website, saying that he was proud of the role his company was playing in connecting people around the world.

Facebook’s user base is bigger than the population of any single country, and of six of the seven continents. It represents more than a quarter of the world’s 7.5 billion people.

The company uses its huge size advantage to lure advertisers, offering them targeted marketing capabilities based on its data about users. The number of advertisers topped 5 million in April, the company said.

Facebook’s growth has increasingly come from outside the United States, Canada and Europe. Three years ago, those regions accounted for 38 percent of users; in the first quarter of this year, the figure was about 30 percent.

To increase penetration rates in developing nations, Facebook has introduced stripped-down versions of its apps that use less data, and it has been developing solar-powered drones to extend internet connectivity around the planet.

This report contains information from Reuters and AP.
…

EU antitrust regulators fined Google $2.7 billion Tuesday for unfairly boosting search results for its online shopping service.

The European Union said Google began efforts in 2008 to boost the service now known as Google Shopping by making its results show up higher in search results, while demoting the search results of rival companies.

The result, according to regulators, was the most highly ranked rival services appeared on average on the fourth page of the results, an area few consumers ever reach.

EU Commissioner Margrethe Vestager said Google has created many innovative products, but in this case abused its market dominance in internet searches.

Google said it will review the EU decision as it considers an appeal to the decision.

“When you shop online, you want to find the products you are looking for quickly and easily. And advertisers want to promote those same products. That is why Google shows shopping ads, connecting our users with thousands of advertisers, large and small, in ways that are useful for both,” Kent Walker, a Google senior vice president, said in a statement.

Vestager said Google denied other companies the chance to compete on the merits and to innovate, and denied European consumers a genuine choice of service.

In addition to the fine, Google is required to give rival comparison shopping services equal treatment, and the company must explain how it will accomplish that.

 
…

The latest farm tools on the job in Pakistan are cell phones and satellites. A new program is using satellite data to estimate how much water a field needs, and then texting this information to farmers.

The hope is to prevent overwatering. A 2013 report from the Asian Development Bank called Pakistan “one of the most water-stressed countries in the world,” with a 30-day storage capacity, well below the recommended capacity of 1,000 days. The per capita water resources are on par with those of Syria, where drought has helped to fuel a civil war.

The water crisis is being driven by several factors: climate change, an expanding population, local mismanagement and a greater demand on farmers. It threatens to destabilize relations between Pakistan and India, who share the Indus River.

Turning off the spigot

Overwatering is costly for farmers trying to make ends meet. While Pakistan continues to suffer from chronic fuel shortages, farmers must use diesel motors to pump groundwater onto their fields. The lower the water table, the more fuel it takes to pump it to the surface.

And overwatering also reduces crop yields. But many older farmers learned their trade at a time when the water ran freely, and the risks of under-watering are so great that farmers still err on the side of too much irrigation. The Pakistan Council of Research in Water Resources (PCRWR)  found that rice farmers were using more than three times as much water as they needed to.

The PCRWR reached out to the Sustainability, Satellites, Water, and Environment research group (SASWE) at the University of Washington, hoping to use science to inform irrigation choices.

Pakistan’s program started last spring with a 700-farmer pilot. As of January, 10,000 farmers were receiving messages like this one: “Dear farmer friend, we would like to inform you that the irrigation need for your banana crop was 2 inches during the past week.”

The messages come from a fully-automated system that does everything from downloading publicly available satellite data and distributing the text messages to using models to compute how much each farmer needs to irrigate.

A nationwide effort

PCRWR plans to scale up the program for use across the nation, and expects millions of farmers to participate. But first they are reviewing the system. They want to know how easy it is for farmers to use, and how many actually follow the irrigation advisories. And they want to know how accurate it is and how effective it is at saving farmers money.

They are collecting feedback from farmers over the phone.

“I haven’t seen any report yet,” Faisal Hossain of SASWE told VOA, but “we got a story last month from one of the farmers who was telling us how he was able to get, I think, for every acre 700 kilograms more of wheat than his neighbor.” The farmer credited the irrigation advisories.

There are challenges to expansion. They may need to do more work to persuade farmers to trust the technology. As more farmers use it on smaller farms in areas with more varied terrain, the satellite data resolution may not be precise enough for accurate measurements. And small farmers may not be comfortable relying on cell phone technology.

But for the most part, cell phones already are fairly ubiquitous in Pakistan. Last year, the Punjab government reported that it would be giving out 5 million smartphones to farmers.
…

Social media giants Facebook, Twitter, YouTube and Microsoft say they are forming a working group to remove terrorist content from their platforms.

The global technology companies announced Monday they are creating the Global Internet Forum to Counter Terrorism which will help them share technical solutions to remove terrorist and extremist postings.

The companies are facing growing pressure from governments around the world to quickly remove hateful content. They have previously begun working together to create fingerprints for videos or pictures with extremist information that can be shared across social media platforms.

The tech firms say the new forum will also help them to commission research to fight terrorist speech as well as to work with counter-terrorism experts.

The forum will “formalize and structure existing and future areas of collaboration between our companies and foster cooperation with smaller tech companies, civil society groups and academics, governments and supra-national bodies such as the EU and the U.N.,” the companies said in a statement.  “The scope of our work will evolve over time as we will need to be responsive to the ever-evolving terrorist and extremist tactics.”

Last week, European heads of state called on tech companies to develop new technology to automatically detect and remove extremist content. Germany has proposed a new law that would fine social media firms up to $56 million if they do not quickly remove extremist postings.
…

A SpaceX rocket carried 10 communications satellites into orbit from California on Sunday, two days after the company successfully launched a satellite from Florida.

The Falcon 9 rocket blasted off through low-lying fog at 1:25 p.m. PDT from Vandenberg Air Force Base northwest of Los Angeles. It carried a second batch of new satellites for Iridium Communications, which is replacing its orbiting fleet with a next-generation constellation of satellites.

About 7 minutes after liftoff, the rocket’s first-stage booster returned to earth and landed on a floating platform on a ship in the Pacific Ocean, while the rocket’s second stage continued to carry the satellites toward orbit.

A SpaceX Falcon 9 on Friday launched from Cape Canaveral, Florida and boosted a communications satellite for Bulgaria into orbit. Its first stage was recovered after landing on a drone ship in the Atlantic.  

Billionaire Elon Musk, who founded Hawthorne, California-based SpaceX, believes reusing rocket components will bring down the cost of space launches.  

Iridium plans to put in place 75 new satellites for its mobile voice and data communications system by mid-2018, requiring six more launches, all by SpaceX.

The $3 billion effort by the McLean, Virginia, company involves complex procedures to replace 66 operational satellites in use for many years. Some of the new satellites will be so-called on-orbit spares, or older satellites that remain in orbit on standby for use if the newer ones malfunction.

Swapping out and deorbiting some old satellites has already begun, Iridium CEO Matt Desch said in a pre-launch call with reporters.

Several old satellites have been moved into lower orbits to use up their remaining fuel and configure the solar panels for maximum drag so they will re-enter the atmosphere and burn up.

The first re-entry was believed to have occurred on June 11, Desch said.

“It’s hard to celebrate something like that, but these satellites have put in almost 20 years of service, and making sure we’ve cleaned up after ourselves as we deploy our new constellation is a priority,” he said.

The new satellites also carry payloads for joint-venture Aerion’s space-based, real-time tracking and surveillance of aircraft around the globe, which has implications for efficiency, economy and safety — especially in remote airspace over the oceans.

“This will truly be a revolutionary aspect of air-traffic control,” said Aireon CEO Don Thomas.

The technology, which requires aircraft to be equipped with certain equipment, is undergoing testing involving eight of the initial batch of Iridium NEXT satellites.

The Iridium NEXT program also will bring an end to so-called “Iridium flares,” which space enthusiasts have observed for years. The new satellites will not create visible flashes of reflected sunlight as they passed overhead.
…

Governments around the world are using surveillance software that taps into individual smartphones, taking screenshots, reading email and tracking users’ movements, according to security experts and civil liberties groups.

The rise of so-called spyware comes as electronic communications have become more encrypted, frustrating law enforcement and governments’ surveillance efforts.

Over the past several years, private companies have begun selling advanced software that first appears as a text message with a link. When a person clicks on the link, the phone becomes infected. A third party can then read emails, take data and listen to audio, as well as track users’ movements.

The companies that sell this spyware exclusively to government agencies insist that the software must be used only in a legal manner, to fight crime and terrorism. However, security researchers and civil liberties groups contend that some governments use the programs to track human rights activists, journalists and others.

​A recent story in The New York Times focused on activists and journalists in Mexico who have received text messages and emails with links that, if clicked on, would infect their devices with spyware. In some cases, the messages appeared to come from legitimate sources, such as the U.S. Embassy.

The Mexican government says it does not target activists, journalists and others with spyware unless it has “prior judicial authorization.”

‘Lawful intercept’

In recent years, there’s been a rise in software sales in what is known as the “lawful intercept” market, said Mike Murray, vice president of security intelligence at Lookout, a mobile security company based in San Francisco, California.

Countries that can’t make their own surveillance software can now buy sophisticated surveillance tools, Murray said.

“What’s new is the enthusiasm [from] nation-states. … It’s a capability they always wished they had. Now they have it,” he added.

Lookout, which makes security software and services, receives monthly information from more than 100 million phones in 150 countries. It has seen spyware “in every kind of contentious place around the world,” Murray said.

Nation-state use

The use of nation-state spyware used to be limited to a handful of governments, said Eva Galperin, director of cybersecurity at the Electronic Frontier Foundation, a nonprofit digital rights group. But now that the price of the spyware has come down, countries can spend a few hundred thousand dollars to get the same capability.

Galperin spent three weeks in Mexico last year training activists. One tip she gives: Users who are not certain that a link in email or a text message is safe should forward it to a separate account, such as Google’s Gmail or Google Docs, to prevent infection.

“We should be very concerned,” Galperin said. “Surveillance malware is incredibly powerful. You have full control of the machine. You can see everything the user can see, and do everything the user can do.”
…