U.S. cybersecurity officials are still sounding an alarm about the so-called Log4j software vulnerability more than a month after it was first discovered, warning some criminals and nation state adversaries may be waiting to make use of their newfound access to critical systems.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said Monday that the vulnerability, also known as Log4shell, has been subject to widespread exploitation by criminals over the past several weeks, but that more serious and damaging attacking could still be in the works.

“We do expect Log4Shell to be used in intrusions well into the future,” CISA Director Jen Easterly told reporters during a phone briefing, adding, “at this time we have not seen the use of Log4shell resulting in significant intrusions.”

“This may be the case because sophisticated adversaries have already used this vulnerability to exploit targets and are just waiting to leverage their new access until network defenders are on a lower alert,” she said.

The vulnerability in the open-source software produced by the U.S.-based Apache Software Foundation, was first discovered in late November by the Chinese tech giant Alibaba. The first warnings to the public went out in early December. 

Cybersecurity officials and experts initially described the flaw in the software as perhaps the worst vulnerability ever discovered, noting the software’s widespread use – in at least 2,800 products used by both private companies and governments around the world.

CISA on Monday said the vulnerability has impacted hundreds of millions of devices around the world, with many software vendors racing to issue security patches to their customers.

So far, U.S. agencies appear to be unscathed.

“We, at this point, are not seeing any confirmed compromises of federal agencies across the broader country, including critical infrastructure,” CISA Executive Assistant Director for Cybersecurity Eric Goldstein told reporters.

But he cautioned the danger has not yet passed despite the lack of destructive attacks by sophisticated hacking groups and foreign adversaries.

“It is certainly possible that that may change, that adversaries may be utilizing this vulnerability to gain persistent access that they could use in the future, which is why we are so focused on remediating the vulnerability across the country and ensuring that we are detecting any intrusions if and when they arise,” he said.

Yet there are reports that other countries have already been targeted by cyber actors seeking to exploit the software vulnerability.

Belgium’s Ministry of Defense said last month that some of its computer systems went down last month following an attack, in which the Log4j vulnerability was believed to be exploited.

And some security experts warn other countries, including China, Iran, North Korea and Turkey, have sought to exploit Log4j.

“This activity ranges from experimentation during development, integration of the vulnerabilities to in-the-wild payload deployment, and exploitation against targets to achieve the actor’s objectives,” Microsoft’s Threat Intelligence Center wrote in a blog post last week.

In particular, Microsoft said the Iran cyber threat actor known as Phosphorus, known for launching ransomware attacks, has already modified the Log4j vulnerability for use in attacks, while the Chinese group known as Hafnium has also used it for some targeting activities.

The private cybersecurity firm CrowdStrike separately assessed that a Chinese-based group called Aquatic Panda sought to use the Log4j vulnerability to target an unnamed academic institution.

CISA on Monday said it could not independently confirm such reports, and further said it had yet to discover any ransomware attacks in which the attackers used the Log4j vulnerability to penetrate the victim’s systems.

CISA’s director said one reason could be that “there may be a lag between when this vulnerability is being used and when it is being actively deployed.”

Easterly also warned about information that U.S. officials are unable to see due to the failure of Congress to pass legislation that would require private companies to report cyberattacks – something the White House and many lawmakers have been advocating for some time.

“We are concerned that threat actors are going to start taking advantage of this vulnerability and having impacts in particular on critical infrastructure, and because there is no legislation in place, we will likely not know about it,” she said. 
…

Six months ago, pilot Hana Khan saw her picture on an app that appeared to be auctioning scores of Muslim women in India. The app was quickly taken down, no one was charged, and the issue shelved – until a similar app popped up on New Year’s Day.

Khan was not on the new app called Bulli Bai – a slur for Muslim women – that was hawking activists, journalists, an actor, politicians and Nobel Laureate Malala Yousafzai as maids.

Amid growing outrage, the app was taken down, and four suspects arrested this week.

The fake auctions that were shared widely on social media are just the latest examples of how technology is being used – often with ease, speed and little expense – to put women at risk through online abuse, theft of privacy or sexual exploitation.

For Muslim women in India who are often abused online, it is an everyday risk, even as they use social media to call out hatred and discrimination against their minority community.

“When I saw my picture on the app, my world shook. I was upset and angry that someone could do this to me, and I became angrier as I realized this nameless person was getting away with it,” said Khan, who filed a police complaint against the first app, Sulli Deals, another pejorative term for Muslim women.

“This time, I felt so much dread and despair that it was happening again to my friends, to Muslim women like me. I don’t know how to make it stop,” Khan, a commercial pilot in her 30s, told the Thomson Reuters Foundation.

Mumbai police said they were investigating whether the Bulli Bai app was “part of a larger conspiracy”.

A spokesperson for GitHub, which hosted both apps, said it had “longstanding policies against content and conduct involving harassment, discrimination, and inciting violence.

“We suspended a user account following the investigation of reports of such activity, all of which violate our policies.”

Misconception

Advances in technology have heightened risks for women across the world, be it trolling or doxxing with their personal details revealed, surveillance cameras, location tracking, or deepfake pornographic videos featuring doctored images.

Deepfakes – or artificial, intelligence-generated, synthetic media – are used to create porn, with apps that let users strip clothes off women or swap their faces into explicit videos.

Digital abuse of women is pervasive because “everybody has a device and a digital presence,” said Adam Dodge, chief executive of EndTAB, a U.S.-based nonprofit tackling tech-enabled abuse.

“The violence has become easier to perpetrate, as you can get at somebody anywhere in the world. The order of magnitude of harm is also greater because you can upload something and show it to the world in a matter of seconds,” he said.

“And there is a permanency to it because that photo or video exists forever online,” he added.

The emotional and psychological impact of such abuse is “just as excruciating” as physical abuse, with the effects compounded by the virality, public nature, and permanence of the content online, said Noelle Martin, an Australian activist.

At 17, Martin discovered her image had been photoshopped into pornographic images and distributed. Her campaign against image-based abuse helped change the law in Australia.

But victims struggle to be heard, she said.

“There is a dangerous misconception that the harms of technology-facilitated abuse are not as real, serious, or potentially lethal as abuse with a physical element,” she said.

“For victims, this misconception makes speaking out, seeking support, and accessing justice much more difficult.”

Persecution

Tracking lone creators and rogue coders is hard, and technology platforms tend to shield anonymous users who can easily create a fake email or social media profile.

Even lawmakers are not spared: in November, the U.S. House of Representatives censured Republican Paul Gosar over a photoshopped anime video that showed him killing Democrat Alexandra Ocasio-Cortez. He then retweeted the video.

“With any new technology we should immediately be thinking about how and when it will be misused and weaponized to harm girls and women online,” said Dodge.

“Technology platforms have created a very imbalanced atmosphere for victims of online abuse, and the traditional ways of seeking help when we are harmed in the physical world are not as available when the abuse occurs online,” he said .

Some technology firms are taking action.

Following reports that its AirTags – locator devices that can be attached to keys and wallets – were being used to track women, Apple launched an app to help users shield their privacy.

In India, the women on the auction apps are still shaken.

Ismat Ara, a journalist showcased on Bulli Bai, called it “nothing short of online harassment.”

It was “violent, threatening and intending to create a feeling of fear and shame in my mind, as well as in the minds of women in general and the Muslim community,” Ara said in a police complaint that she posted on social media.

Arfa Khanum Sherwani, also featured for sale, wrote on Twitter: “The auction may be fake but the persecution is real.”
…

President Joe Biden touted an agreement Tuesday between wireless carriers and U.S. regulators to allow the deployment of 5G wireless technology in two weeks.

AT&T and Verizon said Monday they would delay activating the new service for two weeks following a request by Transportation Secretary Pete Buttigieg. He cited airline industry concerns that the technology’s rollout could interfere with sensitive electronic systems on aircraft and disrupt thousands of daily flights.

The telecommunications giants’ announcement came one day after they maintained they would not postpone the introduction of the service. But they agreed to the delay amid pressure from the White House and aviation unions, and concerns expressed by the U.S. Federal Aviation Administration.

Biden said in a statement Tuesday the “agreement ensures that there will be no disruptions to air operations over the next two weeks and puts us on track to substantially reduce disruptions to air operations when AT&T and Verizon launch 5G on January 19th.”

In an email Tuesday to employees, Verizon Chief Executive Hans Vestberg said the company saw no aviation safety issue with 5G, but added the FAA “intended to disrupt an already difficult time for air travel if we move ahead with our planned activation… We felt that it was the right thing to do for the flying public, which includes our customers and all of us, to give the FAA a little time to work out its issues with the aviation community.”

Buttigieg and FAA Administrator chief Steve Dickson said in a letter sent Monday to AT&T and Verizon that the agencies would not seek any further delays beyond January 19 if there are not any “unforeseen aviation safety issues,” according to Reuters.

The letter also reportedly said the agreement “will give us additional time and space to reduce the impacts to commercial flights.”

Some information in this report came from The Associated Press and Reuters.
…

Rangers protecting threatened wildlife in Cambodia are using artificial intelligence to predict poachers’ next moves. Matt Dibble reports.
…

It’s a chaotic time for the Consumer Electronics Show 2022, the world’s largest technology event. Last-minute COVID-19-related cancellations have wreaked havoc on the organizers’ plans to host exhibitors and welcome visitors in person in Las Vegas and online. But as VOA’s JulieTaboh reports, the show will go on.
…

Twitter on Sunday banned the personal account of Rep. Marjorie Taylor Greene for multiple violations of its COVID-19 misinformation policy, according to a statement from the company. 

The Georgia Republican’s account was permanently suspended under the “strike” system Twitter launched in March, which uses artificial intelligence to identify posts about the coronavirus that are misleading enough to cause harm to people. Two or three strikes earn a 12-hour account lock; four strikes prompt a weeklong suspension, and five or more strikes can get someone permanently removed from Twitter. 

In a statement on the messaging app Telegram, Greene blasted Twitter’s move as un-American. She wrote that her account was suspended after tweeting statistics from the Vaccine Adverse Event Reporting System, a government database which includes unverified raw data. 

“Twitter is an enemy to America and can’t handle the truth,” Greene said. “That’s fine, I’ll show America we don’t need them and it’s time to defeat our enemies.” 

Twitter had previously suspended the account for periods ranging from 12 hours to a full week. 

The ban applies to Greene’s personal account, @mtgreenee, but does not affect her official Twitter account, @RepMTG. 

A Greene tweet posted shortly before her weeklong suspension in July claimed that the virus “is not dangerous for non-obese people and those under 65.” According to the U.S. Centers for Disease Control and Prevention, people under 65 account for nearly 250,000 of the U.S. deaths involving COVID-19. 

Greene previously blasted a weeklong suspension as a “Communist-style attack on free speech.” 
…

Looking west from Hazel Mountain, Brad Kreps can see forested hills stretching to the Tennessee border and beyond, but it is the flat, denuded area in front of him he finds exciting.

Surface coal mining ended on this site several years ago. But with a clean-up underway, it is now being prepared for a new chapter in the region’s longstanding role as a major energy producer – this time from a renewable source: the sun.

While using former mining land to generate solar energy has long been discussed, this and five related sites are among the first projects to move forward in the coalfields of the central Appalachian Mountains, as well as nationally.

Backers say the projects could help make waste land productive and boost economic fortunes in the local area, part of a 250,000-acre (101,171-hectare) land purchase by The Nature Conservancy (TNC) in 2019, one of its largest such acquisitions.

“There’s very little activity going on this land, so if we can bring in a new use like solar, we can bring tax revenue into these counties that are really trying to diversify their economies,” said Kreps, a TNC program director.

Besides creating a new source of green energy, the project offers a model for solar development that does not impinge on forests or farmland, he said.

TNC, a U.S.-based environmental nonprofit, has identified six initial sites for solar plants in the area and is now moving forward with projects on parcels covering about 1,700 acres.

The two companies that have bid to do the work – solar developer Sun Tribe and major utility Dominion Energy – estimate the projects could produce around 120 megawatts (MW) of electricity, potentially enough to power 30,000 homes.

Construction is expected to start in two or three years after pre-development work and permitting are completed.

“This is a ground-breaking model,” said Emil Avram, Dominion’s vice president of business development for renewables in Virginia.

Dominion believes it is the largest utility-scale renewable energy initiative to be developed on former coal mining land, and could be replicated elsewhere, Avram added.

Renewables targets

The U.S. government formally began looking at putting renewable energy installations on disturbed land – including mines, but also contaminated sites and landfills – in 2008.

Since then, the RE-Powering America’s Land program has mapped over 100,000 potential sites covering more than 44 million acres, and helped establish 417 installations producing 1.8 gigawatts (GW) of electricity, according to March data.

A toxic landfill site in New Jersey, for instance, now hosts a 6.5-MW solar installation, while a former steel mill in New York has been turned into a wind farm with capacity of 35 MW.

Yet on mine land, the work has so far been mostly limited to doing inventories and providing technical assistance, resulting in fewer than a half-dozen projects, said Nels Johnson, TNC’s North America director for energy.

That has stunted solar developers’ interest in mine land, he said – a knowledge gap he hopes the new projects can help fill, particularly amid a surging focus on meeting clean energy goals.

“After five to 10 years of almost nobody paying attention to this, there’s an awakening starting to take place,” he said. “As more and more states pass renewable energy commitments, it’s kind of a situation of the dog catching the car.”

Virginia, for instance, has a 2020 clean energy bill that, among other things, pushes for Dominion Energy’s electricity in the state to be carbon-free by 2045.

There are about 100,000 acres affected by coal mining in southwest Virginia alone, said Daniel Kestner, who manages the Innovative Reclamation Program for the state’s energy department.

“Reusing land like former coal mines makes a lot of sense instead of looking at prime farmland … or lands near populated areas where there may be conflict,” he said.

Kestner’s team is now exploring renewable energy development as an approved option for required post-mining reclamation work.

‘LIFE AFTER COAL’

Appalachia had harbored a deep-rooted skepticism toward renewable energy, said Adam Wells, regional director of community and economic development with Appalachian Voices, a nonprofit that works in former coal communities.

But recent years have seen a turnaround, he noted, with the recognition that the coal industry – the region’s longstanding main economic driver – will not return to its former strength.

Across the country, the number of coal mines dropped by 62% from 2008 to 2020, based on U.S. government figures, translating into a loss of 100,000 jobs since the mid-1980s, according to the Environmental Defense Fund.

Starting around 2015, Wells said, “it became necessary to talk about what life after coal looks like in Appalachia. And so, as a result, it became safe to talk about solar.”

While the number of jobs from utility-scale solar development does not compare to coal-industry jobs, he said, it could still be significant.

“It does generate notable and meaningful tax revenues for localities at a time of declining revenues from coal,” he added.

For now, communities are watching the shift with a “wait-and-see” attitude, he said.

Dominion Energy’s 50-MW project is the largest of the six local solar initiatives now underway.

While Dominion does not have job and tax revenue estimates for that project, it noted in a recent regulatory filing that 15 newly proposed solar projects across Virginia would generate more than $880 million in economic benefits and support almost 4,200 jobs associated with construction.

The company is under major pressure to increase solar production and is planning for an additional 16,000 MW by 2035, executive Avram said, requiring new capacity of about 1,000 MW annually through that date.

“That will require a fair amount of land – a thousand acres per project, roughly,” he said.

While the initial mine-land project in southwestern Virginia is relatively small, he said, it is an important “stepping stone” in learning how to work on previously disturbed sites.

TNC’s Kreps sees much more opportunity, literally on the horizon.

“There’s hundreds of thousands of acres like this across the region – and in many cases, right now they aren’t creating a lot of economic value,” he said.

His organization, he added, aims to demonstrate “that we can manage these lands for nature outcomes and people outcomes.” 
…

U.S. authorities have asked telecom operators AT&T and Verizon to delay for up to two weeks their already postponed rollout of 5G networks amid uncertainty about interference with vital flight safety equipment.

The U.S. rollout of the high-speed mobile broadband technology had been set for December 5, but was delayed to January 5 after aerospace giants Airbus and Boeing raised concerns about potential interference with the devices used by planes to measure altitude.

U.S. Transportation Secretary Pete Buttigieg and the head of the Federal Aviation Administration, Steve Dickson, asked for the latest delay in a letter sent Friday to AT&T and Verizon, two of the country’s biggest telecom operators.

The U.S. letter asked the companies to “continue to pause introducing commercial C-Band service” — the frequency range used for 5G — “for an additional short period of no more than two weeks beyond the currently scheduled deployment date of January 5.”

The companies did not immediately respond to a request for comment.

The U.S. officials’ letter assures the companies that 5G service will be able to begin “as planned in January with certain exceptions around priority airports.”

The officials say their priority has been “to protect flight safety, while ensuring that 5G deployment and aviation operations can co-exist.”

Last February, Verizon and AT&T were authorized to start using 3.7-3.8 GHz frequency bands on December 5, after obtaining licenses worth tens of billions of dollars.

But when Airbus and Boeing raised their concerns about possible interference with airplanes’ radio altimeters, which can operate in the same frequencies, the launch date was pushed back to January. 

The FAA requested further information about the instruments, and it issued directives limiting the use of altimeters in certain situations, which sparked airline fears over the potential costs.

When Verizon and AT&T wrote to federal authorities in November to confirm their intention to start deploying 5G in January, they said they would take extra precautions beyond those required by U.S. law until July 2022 while the FAA completes its investigation.

The conflict between 5G networks and aircraft equipment led French authorities to recommend switching off mobile phones with 5G on planes in February.

France’s civil aviation authority said interference from a signal on a nearby frequency to the radio altimeter could cause “critical” errors during landing. 
…

U.S. Transportation Secretary Pete Buttigieg and the head of the Federal Aviation Administration (FAA) on Friday asked AT&T and Verizon Communications to delay the planned Jan. 5 introduction of new 5G wireless service over aviation safety concerns.

In a letter Friday seen by Reuters, Buttigieg and FAA Administrator Steve Dickson asked AT&T Chief Executive John Stankey and Verizon Chief Executive Hans Vestberg for a delay of no more than two weeks as part of a “proposal as a near-term solution for advancing the co-existence of 5G deployment in the C-Band and safe flight operations.”

The aviation industry and FAA have raised concerns about potential interference of 5G with sensitive aircraft electronics like radio altimeters that could disrupt flights.

“We ask that your companies continue to pause introducing commercial C-Band service for an additional short period of no more than two weeks beyond the currently scheduled deployment date of January 5,” the letter says.

Verizon and AT&T both said they received the letter and were reviewing it. Earlier Friday the two companies accused the aerospace industry of seeking to hold C-Band spectrum deployment “hostage until the wireless industry agrees to cover the costs of upgrading any obsolete altimeters.”

Buttigieg and Dickson said under the framework “commercial C-band service would begin as planned in January with certain exceptions around priority airports.”

The FAA and the aviation industry would identify priority airports “where a buffer zone would permit aviation operations to continue safely while the FAA completes its assessments of the interference potential.”

The government would work to identify “mitigations for all priority airports” to enable most “large commercial aircraft to operate safely in all conditions.” That would allow deployment around “priority airports on a rolling basis,” aiming to ensure activation by March 31 barring unforeseen issues.

The carriers, which won the spectrum in an $80 billion government auction, previously agreed to precautionary measures for six months to limit interference.

On Thursday, trade group Airlines for America asked the Federal Communications Commission (FCC) to halt deployment of new 5G wireless service around many airports, warning thousands of flights could be disrupted.

Sara Nelson, president of the Association of Flight Attendants-CWA, representing 50,000 flight attendants at 17 airlines, called the Transportation Department proposal “the right move to successfully implement 5G without using the traveling public (and the crews on their flights) as guinea pigs for two systems that need to coexist without questions for safety.”

Wireless industry group CTIA said 5G is safe and spectrum is being used in about 40 other countries.

House Transportation Committee chair Peter DeFazio on Friday backed the airline group petition warning “we can’t afford to experiment with aviation safety.” 
…

This year’s Consumer Electronics Show will end a day earlier than planned, the organizer of the global technology and gadget show said, after companies including Amazon and General Motors dropped out of attending the Las Vegas event in person because of omicron concerns. 

“The step was taken as an additional safety measure to the current health protocols that have been put in place for CES,” event organizer Consumer Technology Association said on Friday, announcing the event will now end on January 7. 

The spread of the omicron variant has led to a sharp jump in COVID-19 infections across the world, making many reconsider their travel plans and leading to thousands of flight cancellations. 

The number of new COVID-19 cases in the U.S. has doubled in eight days to a record of 587,143 new cases on Thursday, according to a Reuters tally. 

As worries over the new variant loom, many companies have withdrawn from presenting in-person at the event, planned both virtually and in-person, that begins on January 5 with more than 2,200 exhibitors. 

Over the last few days, a host of firms including Advanced Micro Devices, Proctor & Gamble, Google, and Facebook parent Meta Platforms have also dropped their in-person plans. 

Sony Group’s Sony Electronics has said it will have limited staffing and attendees at the event. 

All attendees in Las Vegas will be required to be fully vaccinated and masked. COVID-19 test kits will also be provided at the venue, according to CTA’s statement. 

 
…

Iran has used a satellite launch rocket to send three research devices into space, a Defense Ministry spokesman said on Thursday, as indirect U.S.-Iran talks take place in Austria to try to salvage a 2015 nuclear deal. 

He did not clarify whether the devices had reached orbit. 

Iran, which has one of the biggest missile programs in the Middle East, has suffered several failed satellite launches in the past few years due to technical issues. 

Spokesman Ahmad Hosseini said the Simorgh satellite carrier rocket, whose name translates as “Phoenix”, had launched the three research devices at an altitude of 470 kilometers (290 miles). He did not give further details. 

“The intended research objectives of this launch were achieved,” Hosseini said, in comments broadcast on state television. “This was done as a preliminary launch … God willing, we will have an operational launch soon.” 

Iranian state television showed footage of what it said was the firing of the launch vehicle. 

Thursday’s reported space launch comes as Tehran and Washington hold indirect talks in Vienna in an attempt to salvage a nuclear accord that Iran reached with world powers and that former U.S. president Donald Trump abandoned in 2018. 

The United States imposed sanctions on Iran’s civilian space agency and two research organizations in 2019, claiming they were being used to advance Tehran’s ballistic missile program. 

Tehran denies such activity is a cover for ballistic missile development. 

Iran launched its first satellite Omid (Hope) in 2009 and its Rasad (Observation) satellite was also sent into orbit in June 2011. Tehran said in 2012 that it had successfully put its third domestically-made satellite, Navid (Promise), into orbit. 

In April 2020, Iran said it successfully launched the country’s first military satellite into orbit, following repeated failed launch attempts in the previous months. 
…

For U.S. social media companies, the violent mob storming the U.S. Capitol on January 6 last year spurred action. They shut down then-President Donald Trump’s accounts. One year later, are Facebook, Twitter and YouTube any better prepared to face similar situations in the U.S. or in other countries? Michelle Quinn reports.

Camera: Deana Mitchell Produced by: Matt Dibble
…