As fake updates target victims, Kaseya allegedly knew of exploited vulnerability in April

BY DUNCAN RILEY
UPDATED 23:09 EDT / JULY 07 2021

SECURITY

Users of software from Kaseya Ltd. are being targeted with fake updates following an attack by the REvil ransomware group, as it was revealed today that the company was allegedly informed of a vulnerability exploited in a ransomware attack by REvil in April.

Detected by researchers at Malwarebytes Labs, the campaign targets potential victims with spam that pushes Cobalt Strike payloads disguised as Kaseya VSA security updates.

Cobalt Strike is penetration testing software with legitimate uses but can also be used by bad actors to attack a company. As noted in November, when the source code for software allegedly leaked, in the hands of hackers the software can be used to identify security issues that can be exploited.

The “malspam” campaign involves an email with a message asking victims to install an update from Microsoft Corp. to protect against ransomware. Attached to the email is a file labeled called SecurityUpdates.exe and the email also includes a link pretending to be a security update from Microsoft to patch Kaseya vulnerabilities. The attachment subsequently installs Cobalt Strike.

While victims are being targeted with fake security updates, the Dutch Institute for Vulnerability Disclosure has disclosed that it discovered one of the vulnerabilities exploited by REvil in early April and informed Kaseya at the time.

“After some deliberation, we decided that informing the vendor and awaiting the delivery of a patch was the right thing to do,” Frank Breedijk from DIVD explained in a blog post. “We hypothesized that, in the wrong hands, these vulnerabilities could lead to the compromise of large numbers of computers managed by Kaseya VSA.”

Breedijk added that Kaseya’s response to the disclosure had been “on point and timely, unlike other vendors,” and that the company released two patches to address the identified vulnerabilities.” Clearly, it didn’t address them all, however, with Breedijk adding that “we later learned that one of the two vulnerabilities used in the attack was one we previously disclosed to Kaseya VSA.”

Kaseya has yet to comment on the claim. If true and Kaseya failed to act, whether intentionally or by accident, it does raise the issue that the company could potentially face legal liability issues, potentially given the theft of data involved in the attack.

As of its latest updates today, Kaseya is still struggling with the aftermath of the REvil attack. The company has published a runbook of the changes that should be made to the on-premises environment so that customers can prepare for a patch release.

The news comes a day after the White House vowed to take action against Russia if the Kaseya REvil attack was proved to be linked to the country. REvil is a known Russian ransomware gang with a long history, although it’s not known to be directly linked to the Russian government.
Image: Malwarebytes/Kaseya

Palestinian conflict: A unique resistance

Dr Farooq Hasnat & Dr Zamurrad Awan
THE NATION, PAKISTAN
July 08, 2021

Although the Palestinian conflict has by now become the oldest conflict, i.e., apart from Kashmir, its various dimensions emerging in new accretions continue to present a challenge for regional as well as international security. This is a typical feature of chronic conflicts where no serious efforts are made to resolve the very basics of the contention. The wishful desire of both the Israeli and Indian extreme right leadership that somehow the resistance would disappear has further created complications and aggravated the agony of the people as well as presents a new trial, nearly on a daily basis. It is a well known reality that if the fundamentals of the basic issue are not resolved on an equitable footing, it generates a variety of more lethal dimensions. This is exactly what we witnessed in recent months in the land of Palestine—an old conflict but with a diverse resistance, not seen before.

The founders of the Europe-based Zionist movement, supported by the British, in particular, in the late 19th century argued that they desire to establish a Jewish state in Palestine, arguing that thousands of years ago, this region was the land of Prophet Moses. The Zionists based their arguments primarily on religious injunctions of Judaism and called it a “Holy Land”. If we examine even these premises of the Zionist movement little ground holds for that “rationale”. Three of the Ten Commandments of Prophet Moses were: (1) Thou shalt not murder; (2) Thou shalt not steal; (3) Thou shalt not covet thy neighbour’s house. Ever since their existence in 1948, the state of Israel has flouted these Commandments and thus have lost the rationale of establishing a state on religious grounds, that being the only reason on which they lay their justification for a Jewish state.

A glaring example of Israeli “violation” against the Commandments of Prophet Moses came on May 10 of this year, which happened to be the holy night of Ramadan 27. The Zionist war machine pounced upon the praying defenseless Palestinians, men, women and children, at Al-Aqsa Mosque, the third holiest site in Islam with tear gas, stun grenades and rubber-coated steel bullets.

When the Palestinians responded with homemade benign rockets from besieged Gaza strip, the Zionist regime mercilessly bombarded, day and night with the sophisticated US-made bombs—killing 220 Palestinians, including about 63 children. The origin of this particular Israeli manslaughter came after the Israeli colonial force evicted 6 Palestinian families from their ancestral homes of Sheikh Jarrah (located in East Jerusalem). Their stolen houses were to be given to the migrant Jewish families from Europe.

Although Israel’s illegal settlement of Palestine (land theft) has been going on since 1948, the recent aggression is Israel’s fourth major audacity in the last five years. The European and American conspiracy to resettle European Jews in Palestine since World War II has led to the illegal eviction of thousands of Palestinians from their homeland. Between 2008 and 2021, 5,734 Palestinians have been killed in the conflict so far, including 22 percent children and 10 percent women. In comparison, only 251 Israelis have died. By forcing them to flee, they have also deprived the Palestinians of basic amenities, including education, health and livelihood opportunities, by restricting them to overcrowded ghettos. Today Israel remains the only example of the worst kind of apartheid colonial entity, where the subjects are treated worse than insets. Not only that, there are countless obstacles and checkpoints, making it a humiliating and painful experience for the Palestinian families, even if they have to visit relatives or require medical treatment in a nearby village. In the West Bank alone, there are 700 barriers and 140 checkpoints. In other words, the worst kind of Palestinian Holocaust is enforced

Although,as noted earlier, Israel has a long history of brutality against the Palestinians, its recent cruelty is unparalleled in the way social media has now exposed it. That is why solidarity with the unarmed Palestinians has become an international campaign. Expressing solidarity has become a universal campaign. Pakistan, Turkey, Iran, Indonesia and Malaysia, i.e., non-Arab Muslim countries have openly condemned Israeli aggression, calling it Israeli war crimes. Apart from that, some important political figures in the United States Congress raised their voices against the recent brutal Israeli terrorist act.

Although Israel has declared a ceasefire under international pressure, it remains to be seen how the issue can be resolved. The recent shade of outburst provides us with at least three dimensions. First, after a long delay, the Palestinians of the West Bank joined hands with those of the Gaza Strip. Second, the Palestinians have sent a strong message that Al Quds is the red line and the Zionist occupying force must not cross it. Third, the defenceless Palestinians have demonstrated that even without an air cover against the most sophisticated American supplied war machine, they will resist with whatever meagre defence they have. Fourth, the support to the suffering and besieged Palestinians came through the ever-growing Social Media, overshadowing the powerful pro-Israel Western media which is highly biased and on all accounts, justifies the gross atrocities of the Zionist apartheid colonial regime and its barbaric actions. And the most important message coming from the land of Palestine is that its inhabitants would continue their struggle till they are decolonised. History provides us with similar examples in the war of independence of Algeria and South Africa.

Israel’s Drone Swarm Over Gaza Should Worry Everyone

It’s time global leaders set new rules for these future weapons already being using to kill.


A drone views of the ruins of buildings in Gaza city that was levelled by an Israeli air strike during the recent military conflict between Israel and Palestinian ruled by Hamas on June 11, 2021. 

MAJDI FATHI/NURPHOTO VIA GETTY IMAGES


BY ZAK KALLENBORN
JULY 7, 2021 
DEFENSEONE.COM


In a world first, Israel used a true drone swarm in combat during the conflict in May with Hamas in Gaza. It was a significant new benchmark in drone technology, and it should be a wakeup call for the United States and its allies to mitigate the risk these weapons create for national defense and global stability.

Israel’s use of them is just the beginning. Reporting does not suggest the Israeli Defense Forces deployed any particularly sophisticated capability. It seems a small number of drones manufactured by Elbit Systems coordinated searches, but they were used in coordination with mortars and ground-based missiles to strike “dozens” of targets miles away from the border, reportedly. The drones helped expose enemy hiding spots, relayed information back to an app, which processed the data along with other intelligence information. Future swarms will not be so simple.

Often the phrase “drone swarm” means multiple drones being used at once. But in a true drone swarm, the drones communicate and collaborate, making collective decisions about where to go and what to do. In a militarized drone swarm, instead of 10 or 100 distinct drones, the swarm forms a single, integrated weapon system guided by some form of artificial intelligence.

So, drone swarms are here, and we should be worried. But how best to reduce the risk these weapons pose?

The United States should lead the global community in a new conversation to discuss and debate whether new norms or international treaties are needed specifically to govern and limit the use of drone swarms. Current proposals to ban autonomous weapons outright would cover autonomous drone swarms; however, such a treaty would not likely cover the drone swarm Israel used. Despite some media reports to the contrary, there is no indication the swarm made autonomous decisions on who to kill (whether a small, human-controlled swarm like this should be banned is a different issue). And it’s unlikely the great powers will agree to a broad prohibition autonomous weapons. Narrow restrictions on high-risk autonomous weapons like anti-personnel drone swarms may have more appeal, particularly if they create asymmetric effects that threaten, but not help, great powers.

Related articles


The Pentagon Wants AI-Driven Drone Swarms for Search and Rescue Ops

The U.S. Military’s Drone Swarm Strategy Just Passed a Key Test

Pentagon Wants More Money for Lasers To Defend Against Missiles, Drone Swarms

Global militaries should expand work to develop, test, and share counter-swarm technology. Effective counter-drone systems need to be low cost, quick recharging, and able to hit multiple targets at once. Such systems should be deployed around high-risk target areas, like airports, critical infrastructure, and heads of state. As the threat is fundamentally international, states should also provide their cutting-edge counter-swarm capabilities to partners and allies who are at risk.

Keeping drone swarms from the hands of terrorists will require a separate effort. States may adopt measures akin to United Nations Security Council Resolution 1540 on preventing terrorist acquisition of chemical, biological, radiological, and nuclear weapons that apply to drone swarms (or just expand UNSCR 1540). Local, national, and international law enforcement agencies should also search for indicators of terrorists seeking drone swarm capabilities, such as large drone purchases and known extremist work to develop or modify drone control systems.

In recent years, the threat of drone swarms has grown alongside their increasing sophistication. In 2016, the Department of Defense launched 103 Perdix drones out of three F/A-18 Super Hornets. The drones operated using a “collective brain,” gathering into various formations, flying across a test battlefield, and reforming into new configurations. Notably, the system was designed by students at the Massachusetts Institute of Technology. If drone swarms are simple enough students can make them, conflict zones across the world can expect to see them soon. In the past year, China, France, India, Spain, South Africa, the United States, and the United Kingdom have all unveiled or tested new drone swarm programs.

Global proliferation of drone swarms creates risks of instability. In the Nagorno-Karabakh conflict last year, Azeri use of drones contributed significantly to a rapid Armenian surrender (other factors no doubt helped too). A swarm amplifies such effects with more drones, using more complex tactics that can overwhelm existing defenses. It’s a concern the U.S. military has studied for a decade already. A 2012 study by the Naval Postgraduate School simulated eight drones attacking a U.S. Navy destroyer, finding four drones would hit the ship. Terrorists may also see great appeal in drone swarms as a more accessible air force to overcome ground-based defenses, and carry out attacks on critical infrastructure and VIPs.

Drone swarms create risks akin to traditional weapons of mass destruction. As drone swarms scale into super-swarms of 1,000 or even up to a million drones, no human could plausibly have meaningful control. That’s a problem, autonomous weapons can only make limited judgments on the civilian or military nature of their targets. The difference of a single pixel can change a stealth bomber into a dog. Errors may mean dead civilians or friendly soldiers, and accidental conflict escalation.

The reality is that virtually no current counter-drone systems are designed for counter-swarm operations. Current detections systems cannot necessarily accommodate multiple drones. They could overwhelm interdiction systems, which contain limited or slow-to-shoot interceptors. And the drone swarm may simply be too spread out. Of course, new counter-drone systems like the Air Force’s microwave-based THOR system, low cost per shot defenses like lasers, and counter-swarm swarms may eventually prove effective. While these defenses may protect great powers, smaller states and civilians are likely to be more vulnerable.

The increased autonomy of a drone swarm allows states to use many more drones at once. Human cognition limits simultaneous drone operation, because it is difficult to monitor operations of many drones, ensure they do not collide, and still achieve mission objectives. But the military is working to overcome human limitations. In one 2008 study, a single operator could handle only four drones without significant losses to mission effectiveness. By 2018, the U.S. military’s Defense Advanced Research Projects Agency, or DARPA, confirmed a human could control an entire drone swarm telepathically, using a single microchip implanted in their brain.

The military value of drone swarms stems from enabling complexity and flexibility. Current swarms use typically small, homogenous drones. Future swarms may be of different sizes, equipped with an array of different interchangeable sensors, weapons, and other payloads. That enables combined armed tactics, where drones strike with multiple weapons from multiple angles: one may spray bullets, while another sprays a chemical weapons agent. Swarms may also have adaptive properties such as self-healing, where the swarm modifies itself to accommodate the loss of some members, or self-destruction, to complete one-way missions. Drone swarms will also likely be increasingly integrated into some form of drone mothership (and perhaps integrated into an even larger mothership in a “turducken of lethality.”)

Drone swarms are not science fiction. The technology is here, and spreading fast.

Zachary Kallenborn is a national / homeland security consultant, specializing in unmanned systems, drone swarms, homeland security, weapons of mass destruction (WMD), and WMD terrorism.

Israel again tears down contested Palestinian hamlet in Jordan Valley

Courts have ruled that Khirbet Humsa, thrice demolished by authorities in recent months, was built illegally in an Israeli military firing zone

By AARON BOXERMAN

7 July 2021, 

YNET ISRAEL SOURCE

Palestinians and Israeli soldiers in Humsa al-Fouqa on Thursday, February 4, 2021 (Credit: WAFA/Suleiman Abu Srur)

Dozens of Palestinians saw their tents demolished again in the Jordan Valley on Wednesday morning as Israeli authorities took apart the small hamlet of Khirbet Humsa for at least the third time since November.

The hamlet is a collection of tents and pens for sheep, and most of the Palestinians living there are herders and belong to the same extended families.

Israel’s military liaison to the Palestinians said it destroyed structures that had been erected illegally on an Israeli military live-fire zone. Khirbet Humsa is one of 38 Bedouin communities on land the Israeli military has designated for training, according to the United Nations


“The [enforcement action] included the confiscation and demolition of tents that were once again illegally erected by Palestinian residents who invaded the firing range in the Jordan Valley in 2012,” the liaison, known by its acronym COGAT, said in a statement.

Palestinian residents see the demolitions as part of an attempt to remove their presence from the Jordan Valley. They also claim their presence predates 2012, going back decades.

At least 60 Palestinians live in the now-dismantled cluster of structures, according to residents.

“They give the settlers everything, but they won’t even allow us to stay here,” seethed Yasir Abu al-Kabbash, a local herder whose tent was confiscated.

Palestinian Bedouins rebuild a fence for an animal pen after Israeli troops demolished tents and other structures of the Khirbet Humsu hamlet in the Jordan Valley in the West Bank, Feb. 3, 2021. (AP Photo/Maya Alleruzzo)

The Jordan Valley is in Area C, under Israeli security and civilian control, according to the 1995 Oslo Accords. According to the agreements, Israel is responsible for planning and construction in the area.

Palestinians in Area C often clash with Israeli authorities over what Israel deems to be illegal construction. Israel asserts that Palestinians violate the law and engage in construction in illegal areas. Palestinians argue that Israel does not issue them enough permits or legalize existing villages, which they say amounts to an attempt to expunge their presence in the region.

Israel declared the area to be a live-fire zone in 1972, according to court filings. Humsa’s Bedouin residents appealed to the Israeli High Court to cancel their campsite’s impending demolition. In 2019, the court rejected the petition and ruled the herders had no right to stay in the area.

Israeli authorities have argued in court cases contesting firing zones that military training areas are designated with an eye to professional considerations, such as a locale’s unique topographic features.

Rights groups, however, allege that in some cases, areas have been declared firing zones as a means to cement Israeli control. Around 18 percent of the West Bank has been declared a live-fire zone, including some 30% of Area C, according to the UN.

According to a document discussed by the High Court last year, then-settlements minister Ariel Sharon explicitly told a 1981 committee meeting on West Bank settlement that the military would declare some areas to be training zones so as to check “the spread of Arab hill-villagers.”

“There are places which we have an interest in declaring to be live-fire zones, so as to ensure that they remain in our hands,” Sharon, who went on to become prime minister two decades later, told the committee.

Dror Etkes, who directs the left-wing Kerem Navot nonprofit, said that firing zones are occasionally redrawn to fit the needs of Jewish settlements. He pointed out that the town of Hemdat, which lies in a small pocket of legal land deep in the same firing zone as Humsa, has seen the training grounds redrawn so as to allow the town to spread further.

“You have [Jewish] settler outposts that are deep in firing zones and no one touches them. There are even cases, such as in Mitzpeh Kramim, where the army has stated it’s willing to change the dimensions of the firing zone to fit the settlement,” Etkes charged in a February phone call.

In this Feb. 3, 2021, file, photo, Palestinian Bedouin watch Israeli troops demolish tents and other structures of the Khirbet Humsu hamlet in the Jordan Valley in the West Bank (AP Photo/Majdi Mohammed)

A Defense Ministry official said on condition of anonymity that “official Israeli representatives” had offered the residents a nearby location in which to live, although they did not specify where.

“Despite repeated offers and attempts, the residents rejected all offers made to evacuate from the firing range and move to the alternative location offered to them,” the Defense Ministry official said.

Abu al-Kabbash claimed the land in question was quite far away, near the West Bank city of Nablus, on land that belonged to other Palestinian families.

“Would it be right for you to steal someone else’s car to give to me as a present?” Abu al-Kabbash said. “We’re not leaving this place.”

RIGHT WING ZIONIST BIAS

Report: Malaysian ‘Troll Army’ Targeted Israelis During Conflict With Hamas

Anti-Israel activists sought to intimidate users on Twitter, Facebook, and WhatsApp

Getty Images

Adam Kredo and Alana Goodman • July 7, 2021 


A series of cyberattacks aimed at shutting down pro-Israel social media accounts and spamming Israelis with abusive messages during the military conflict with Hamas was coordinated by a Malaysian "troll army," according to researchers who have been tracking the network's activities.

The campaign was "organized and led by a network of Malaysian anti-Israel and extremely influential organizations and groups, with hundreds of thousands of combined views and followers," according to research published by the Meir Amit Intelligence and Terrorism Information Center. Thousands of Israelis and pro-Israel leaders were targeted, including high-profile officials such as former prime minister Benjamin Netanyahu.


The "military-grade" attacks—which shut down the WhatsApp number for Israel Defense Force spokesman Avichay Adraee and flooded Israeli actress Gal Gadot's social media with harassing messages—show how anti-Israel activists are increasingly manipulating social media platforms such as Twitter, Facebook, and WhatsApp to crush support for Israel and intimidate the Jewish state's defenders. As anti-Semitism spikes across the globe in the wake of Israel's most recent conflict, there is concern that online vitriol is fueling real world violence—especially when these hacker groups publish personal information.

"The attacks illustrate once again the lack of responsibility by social media platforms to ensure that their users are able to freely express legitimate opinions and to facilitate public debate that does not hinder or silence one side or another of the discourse," the center's research says. "The attacks also illustrate an urgent need among social media platforms to take a more proactive and comprehensive response to ensure that their forums are used appropriately and safely."

A spokeswoman for WhatsApp said the company bans about 3 million accounts each month for engaging in abusive behavior and spam.

"Creating a safe space for users to communicate with one another is a priority and we work to reduce any spam messages that come through our system," the spokeswoman told the Washington Free Beacon.

Facebook and Twitter did not respond to request for comment. The IDF declined to comment.

Postings tied to the Malaysian activists first appeared in mid-May, when Iranian-backed Hamas terrorists fired thousands of missiles at Israel. One Twitter message from that time offered harassment instructions to what it described as a "Malaysian troll army" and a "guerilla army activity for Palestine."

A picture posted along with the Malay-language tweet instructed viewers on how to specifically harass prominent pro-Israel leaders and block their social media accounts. That initial message, sent from a Twitter account with 831 followers, racked up more than 15,000 retweets.

To avoid getting banned on Twitter for spam, the infographic instructed supporters to start sending the harassing messages at 10 a.m. and continue every 5-to-10 minutes for two hours, using phrases that would fly under the radar of Twitter's anti-abuse policy, such as "Israhell," "Filastini," and "zio_nis."


Prominent Malaysian hacking groups also joined the fight, launching cyberattacks on Israelis and pro-Israel leaders. One group, known as DragonForce Malaysia, leaked personal, identifying information, including phone numbers, of Israeli doctors, artists, police officers, and soldiers. This leak led to a massive campaign of harassment on messaging apps like WhatsApp.

The hacking group instructed its followers to "spam" the Israeli phone numbers with just under 10 messages a day "to avoid you being banned by WhatsApp … Goodluck and have fun!"

A group called Tentera Netizen Malaysia, translated as the "Malaysian Army of Internet Citizens," took credit for getting the phone number of IDF spokesman Avichay Adraee banned on WhatsApp by repeatedly reporting it and targeting it with spam. Other trolls posted screenshots of harassing messages they sent to random Israeli WhatsApp accounts, including "You gonna die" and "The world with Palestine!"

Around the same time, a Telegram user identified as Nadir Al-Nuri posted a list of pro-Israel Facebook pages that he said should be targeted. "The intention is to keep them busy with other matters besides hitting our brothers," Al-Nuri wrote on May 14 to his 256,000 followers. That post was viewed at least 138,000 times.


A similar list of pro-Israel Twitter accounts was also posted and reposted across Twitter. Users identified Al-Nuri as the list's creator. These lists were posted along with "instructions on how to block the pro-Israel influencers' Twitter accounts by entering incorrect passwords with the influencers' username multiple times."

"These Malaysian groups designed and disseminated among their followers detailed instructions on how to attack, whom to attack and what content to use," according to the research. "The attacks took place using two main methods, namely by harassing and trolling pro-Israel accounts and by suspending or blocking pro-Israel accounts."

Activists associated with the anti-Israel network also used coded hashtags to amplify their messages. In some cases, these postings were mentioned more than half a million times, with a total reach of more than 250 million users.

Such hacking attacks are not new. The New York Times reported last month that Iranian agents infiltrated groups on social media and messaging applications as part of a disinformation campaign against Israel.

Update 3:20 p.m.: This post has been updated with comment from WhatsApp.

Code in huge ransomware attack written to avoid computers that use Russian, says new report

"They don't want to annoy the local authorities, and they know they will be able to run their business much longer if they do it this way," said an expert.

Red Square in Moscow last month. Most ransomware originates in Russia and the former Soviet Union, experts say.Alexander Zemlianichenko / AP

AND ALBANIA, NORTH KOREA, ESTONIA, ETC ETC


July 7, 2021, 10:00 AM MDT
By Ken Dilanian


WASHINGTON — The computer code behind the massive ransomware attack by the Russian-speaking hacking ring REvil was written so that the malware avoids systems that primarily use Russian or related languages, according to a new report by a cybersecurity firm.

It's long been known that some malicious software includes this feature, but the report by Trustwave SpiderLabs, obtained exclusively by NBC News, appears to be the first to publicly identify it as an element of the latest attack, which is believed to be the largest ransomware campaign ever.

Biden under pressure as Russian cybercriminals claim credit for ransomware attackJULY 6, 202100:53


"They don't want to annoy the local authorities, and they know they will be able to run their business much longer if they do it this way," said Ziv Mador, Trustwave SpiderLabs' vice president of security research.


Click here to read the report

The new revelation underscores the extent to which most ransomware originates in Russia and the former Soviet Union, and highlights the challenge facing the Biden administration as it contemplates a possible response.

Biden said Tuesday his administration has not yet determined where the latest attack originated. It does not appear to have had a significant disruptive impact inside the U.S., but it is being called the largest ransomware attack in history by volume, having infected some 1,500 organizations, according to security researchers.

The attack was particularly sophisticated, using a previously unknown software flaw — a "zero day" vulnerability — to infect an IT firm, that then infected other IT firms, that then infected hundreds of customers.


VIDEO 03:34 Can cyber insurance keep up with the growing number of ransomeware attacks?  JULY 6, 2021

Trustwave said the ransomware "avoids systems that have default languages from what was the USSR region. This includes Russian, Ukrainian, Belarusian, Tajik, Armenian, Azerbaijani, Georgian, Kazakh, Kyrgyz, Turkmen, Uzbek, Tatar, Romanian, Russian Moldova, Syriac, and Syriac Arabic."

In May, cybersecurity expert Brian Krebs noted that ransomware by DarkSide, the Russia-based group that attacked Colonial Pipeline in May, "has a hard-coded do-not-install list of countries," including Russia and former Soviet satellites that mostly have favorable relations with the Kremlin.


Colonial operates the largest fuel pipeline in the U.S. and was forced shut down all operations for days while trying to get back online, resulting in gas shortages across the country.

In general, criminal ransomware groups are allowed to operate with impunity inside Russia and other former Soviet states as long as they focus their attacks on the United States and the West, experts say.

Krebs noted that in some cases, the mere installation of a Russian language virtual keyboard on a computer running Microsoft Windows will cause malware to bypass that machine.

The Biden administration is trying to harness global support to pressure Russia and its neighbors to crack down.

Nothing like the mafia: cybercriminals are much like the everyday, poorly paid business worker

New research is questioning the popular notion that cybercriminals can make millions of dollars from the comfort of home — and without much effort.

Our paper, published in the journal Trends in Organised Crime, suggests offenders who illegally sell cybercrime tools to other groups aren’t promised automatic success.

Indeed, the “crimeware-as-a-service” market is a highly competitive one. To succeed, providers have to work hard to attract clients and build up their criminal business.

They must combine their skills and employ business acumen to attract (and profit from) other cybercriminals wanting their “services”. And the tactics they use more closely resemble a business practice playbook than a classic Mafia operation.

Read news coverage based on evidence, not alarm.Get newsletter
The online trade of DDoS stressers

Using social network analysis, we studied crimeware-as-a-service payment patterns online.

Read more: Prosecuting within complex criminal networks is hard. Data analysis could save the courts precious time and money

Specifically, we looked at a Distributed Denial of Service (DDoS) stresser. A “DDoS stresser”, also called an IP booter, is an online tool that offenders can rent to launch DDoS attacks against websites.

In such attacks, the targeted website is bombarded with numerous log-on attempts all at once. This clogs up the site’s traffic and leads to all users being denied access, effectively causing the site to crash.
Buy your VIP cybercrime membership today

The stresser we analysed was taken down by Dutch law enforcement after six months of operation. Since all the identities involved were anonymised, we’ve called it StressSquadZ.

We explored StressSquadZ’s service operations and payment systems to observe how its service provider interacted with customers. Contrary to the idea of organised cybercrime looking like a cyberpunk version of The Godfather, their strategies seemed to come straight from a business playbook.

StressSquadZ’s provider offered clients a range of marketing and subscription plans. These started at an introductory trial price of US$1.99 for ten minutes of limited service, through to pricier options. Clients wanting a “full power” attack could buy a VIP bespoke service for US$250.

Clearly, StressSquadZ’s provider had a hankering to maximise profit. And just as we all appreciate a good bargain, their customers aimed to pay as little as possible.

Read more: MyGov's ill-timed meltdown could have been avoided with 'elastic computing'
(Cyber)crime doesn’t always pay

The communication data we analysed, mapped below, indicated the clientele compromised of three distinct groups of hackers: amateurs (red), professionals (green) and skilled non-professionals (yellow).
Some users who started with buying trials later graduated to more expensive premium services, which were pathways into more powerful attacks. The lines in this figure represent payments for DDoS stresser services.

The low-impact trial plan was the most popular purchase. These users, which made up about 40% of the total customer pool, are very likely driven by the thrill of transgression rather than pure criminal intent.

A smaller group had more serious intentions, as their more expensive subscription levels indicated. Having invested more, they’d need a higher return on their investment.

Notably, we found the average yield for those involved was low, compared to yield obtained during other cybercrime operations studied. In fact, StressSquadZ operated at a loss for most of its life.

Two things help explain this. First, the service was short-lived. By the time it started gaining traction, it was shut down. Also, it was competing in a large market, losing potential customers to other similar service providers.
Complicit in the act

While stressers can be used legally to test the resilience of security systems, we found the main intent to use StressSquadZ’s was as an attack vehicle against websites.

There was no attempt by the service provider to prevent clients from illegal use, thus making them a facilitator of the crime. This in itself is a crime under computer misuse legislation in most Australian jurisdictions.

That said, the group of criminals tapping into StressSquadZ was very different to a more archetypal and hierarchical criminal group, such as the Mafia. Without a “boss” StressSquadZ was sometimes disorganised and duties and benefits were more equally distributed.
We now face fewer (but stronger) DDoS attacks

The emergence of DDoS stressers over the past decade has actually led to an overall reduction in the number of DDoS attacks.

According to CRITiCaL project, out of 10,000 cyberattacks between 2012 and 2019 – of which 800 were DDoS attacks – the number of attacks fell from 180 in 2012 to fewer than 50 last year.

This may be because individual attacks are now more powerful. Early DDoS attacks were weak and short in duration, so cyber security systems could overcome them. Attacks today carry out their purpose, which it to invalidate access to a system, for a longer duration.

There’s been a massive increase in the scope and intensity of attacks over the past decade. Damage once done on a megabyte scale has now become gigabytes and terabytes.

This graph shows the increase in size of DDoS attacks in megabytes from 2007 to 2018. Carlos Morales/Arbor Network

DDoS attacks can facilitate data theft or increase the intensity of ransomware attacks.

In February, they were used as a persistent threat to seek ransom payments from various Australian organisations, including banks.

Read more: Australia is under sustained cyber attack, warns the government. What's going on, and what should businesses do?

Also in February we witnessed one of the most extreme DDoS attacks in recent memory. Amazon Web Services was hit by a sustained attack that lasted three days and reached up to 2.3 terabytes per second.

The threat from such assaults (and the networks sustaining them) is of huge concern — not least because DDoS attacks often come packaged with other crimes.

It’s helpful, however, to know stresser providers use a business model resembling any e-commerce website. Perhaps with this insight we can get down to business taking them down.

Authors

Roberto Musotto
Research fellow, Edith Cowan University

David S. Wall
Professor of Criminology, University of Leeds
Disclosure statement

David S. Wall receives funding from the EU (TAKEDOWN Project - Horizon 2020, Grant 700688) and the EPSRC CRITiCal project (EP/M020576/1).

CRIMINAL CAPITALI$M

Holding the world to ransom: the top 5 most dangerous criminal organisations online right now

July 7, 2021 

On the internet, nobody knows you’re a dog!

These words from Peter Steiner’s famous cartoon could easily be applied to the recent ransomware attack on Florida-based software supplier Kaseya.

Kaseya provides software services to thousands of clients around the world. It’s estimated between 800 and 1,500 medium to small businesses may be impacted by the attack, with the hackers demanding US$50 million (lower than the previously reported US$70 million) in exchange for restoring access to data being held for ransom.

The global ransomware attack has been labelled the biggest on record. Russian cybercriminal organisation REvil is the alleged culprit.

Despite its notoriety, nobody really knows what REvil is, what it’s capable of or why it does what they does — apart from the immediate benefit of huge sums of money. Also, ransomware attacks often involve vast distributed networks, so it’s not even certain the individuals involved would know each other.

Ransomware attacks are growing exponentially in size and ransom demand — changing the way we operate online. Understanding who these groups are and what they want is critical to taking them down.

Here, we list the top five most dangerous criminal organisations currently online. As far as we know, these rogue groups aren’t backed or sponsored by any state.
DarkSide

DarkSide is the group behind the Colonial Pipeline ransom attack in May, which shut down the US Colonial Pipeline’s fuel distribution network, triggering gasoline shortage concerns.

The group seemingly first emerged in August last year. It targets large companies that will suffer from any disruption to their services — a key factor, as they’re then more likely to pay ransom. Such companies are also more likely to have cyber insurance which, for criminals, means easy moneymaking.

DarkSide’s business model is to offer a ransomware service. In other words, it carries out ransomware attacks on behalf of other, hidden perpetrator/s so they can lessen their liability. The executor and perpetrator then share profits.

Groups that offer cybercrime-as-a-service also provide online forum communications to support others who may want to improve their cybercrime skills.

This might involve teaching someone how to combine distributed denial-of-service (DDoS) and ransomware attacks, to put extra pressure on negotiations. The ransomware would prevent a business from working on past and current orders, while a DDoS attack would block any new orders.
REvil

The ransomware-as-a-service group REvil is currently making headlines due to the ongoing Kaseya incident, as well as another recent attack on global meat processing company JBS. This group has been particularly active in 2020-2021.

REvil’s HappyBlog web site showing US$70m ransom demand. Author provided

In April, REvil stole technical data on unreleased Apple products from Quanta Computer, a Taiwanese company that assembles Apple laptops. A ransom of US$50 million was demanded to prevent public release of the stolen data. It hasn’t been revealed whether or not this money was paid.
Clop

The ransomware Clop was created in 2019 by a financially-motivated group responsible for yielding half a billion US dollars.

The Clop group’s speciality is “double-extortion”. This involves targeting organisations with ransom money in exchange for a decryption key that will restore the organisation’s access to stolen data. However, targets will then have to pay extra ransom to not have the data released publicly.

Historical examples reveal that organisations which pay a ransom once are more likely to pay again in the future. So hackers will tend to target the same organisations again and again, asking for more money each time.

ClopLeaks website showing directly downloadable ransom files. Author provided

Syrian Electronic Army

Far from a typical cybercrime gang, the Syrian Electronic Army has been launching online attacks since 2011 to promote political propaganda. With this motive, they have been dubbed a hactivist group.

While the group has links with Bashar al-Assad’s regime, it’s more likely made up of online vigilantes trying to be media auxiliary for the Syrian army.

Their technique is to distribute fake news through reputable sources. In 2013, a single tweet sent by them from the official account of the Associated Press, the world’s leading news agency, had the effect of wiping billions from the stock market.

The fake AP tweet from the Syrian Electronic Army. www.theatlantic.com/

The Syrian Electronic Army exploits the fact that most people online have a tendency to interpret and react to content with an implicit sense of trust. And they’re a prime example of how the boundaries between crime and terror groups online are less distinct than in the physical world.
FIN7

If this list could contain a “super villain”, it would be FIN7. Another Russian-based group, FIN7 is arguably the most successful online criminal organisation of all time. Operating since 2012, it mainly works as a business.

Many of its operations have been undetected for years. Its data breaches have exploited cross-attack scenarios, wherein the data breach serves multiple purposes. For example, it may enable extortion through ransom while also allowing the attacker to use data against victims, such as by reselling it to a third party.

In early 2017, FIN7 was alleged to be behind an attack targeting companies providing filings to the US Security and Exchange Commission. This confidential information was exploited and used to obtain ransom which was then invested on the stock exchange.

As such, the groups made huge sums of money by trading on confidential information. The insider trading scheme facilitated by hacking went on for many years — which is why it’s not possible to quantify the exact amount of economic damage. But it’s estimated to be well over US$1 billion.
Organised crime vs organised criminals

When it comes to complex criminal organisations, techniques evolve and motives vary.

The way they organise themselves and commit crimes online is very different from your local offline gang. Ransomware can be launched from anywhere in the world, so it’s very difficult to prosecute these criminals. Matters are made even more complicated when several parties coordinate across borders.

It’s no wonder the challenge for law enforcement agencies is significant. It’s crucial that authorities investigating an attack are sure it was indeed perpetrated by who they suspect. But to know this, they need all the help they can get.

Authors

Roberto Musotto

Research fellow, Edith Cowan University

Brianna O'Shea

Lecturer, Ethical Hacking and Defense, Edith Cowan University

Paul Haskell-Dowland

Associate Dean (Computing and Security), Edith Cowan University
Disclosure statement

POST-FORDISM 2.0

Bugatti merges with Rimac and announces a hybrid/electric future
By Loz Blain
July 06, 2021


Bugatti and Rimac have merged to form Bugatti Rimac, with Mate Rimac as CEO, in a blockbuster deal
Bugatti Rimac

After months of rumors, the blockbuster hypercar business deal of the decade is now official: storied brand Bugatti, with its 112-year history of ultra-exclusive automaking, is now majority owned by 12-year-old Croatian electric hypercar upstart Rimac Automobili.

Bugatti was founded in France back in 1909, and made some of the world's most famous and influential race cars, luxury cars and sports cars. It was a high-end, boutique automotive powerhouse right through until the death of its founder Ettore Bugatti in 1947, after which things slowly trickled to a halt in 1963.

The brand was resurrected in the late 1980s to build the EB110, a V12 supercar with a carbon fiber chassis, but really rocketed into prominence again when Volkswagen acquired Bugatti in 1998 and set about building the world's first production hypercar.

The Bugatti Veyron smashed every paradigm in the supercar world to create a class all of its own. It was the most powerful production car in history, debuting with 1,001 horsepower. It was the fastest, too, with its Super Sport version averaging 431.072 km/h (267.856 mph) to seize the title of world's fastest production car between 2010 and 2017, when it was displaced by Koenigsegg's Agera. Bugatti's follow-up car, the Chiron, was unofficially the first car in the world to break the 300-mph (482.8-km/h) mark.


The Chiron and Nevera are two of the most important hypercars of this generation. The Porsche is pretty decent too.
Bugatti Rimac

It's fair to say Volkswagen thoroughly reinvigorated the Bugatti brand under its stewardship, and now it's passing the torch to 33-year-old wunderkind Croatian EV genius Mate Rimac as the electric era dawns.

Rimac, of course, has just launched his own groundbreaking hypercar. The Rimac Nevera, some 12 years in the making, is itself a technological wonder, a 1,914-horsepower, 1,741 lb-ft (2,360-Nm) AWD all-electric widowmaker that can catapult you to 60 mph (96 km/h) from a standstill in 1.85 seconds.


Under the terms of the deal announced today, a new company has been created, called Bugatti Rimac. This isn't the world's most imaginative name, but we can see why they steered clear of Bumac or Rimatti.

Bugatti Rimac will be 55 percent owned by Rimac Group, with the other 45 percent owned by Porsche. Mate Rimac will be CEO, and this new entity will own both Bugatti Automobiles and Rimac Automobili. Both companies will continue to have their own factories and distribution networks.

Rimac and Bugatti will keep their separate headquarters and production facilities for the time being
Bugatti Rimac

Does this mean Bugatti is going fully electric? Surprisingly enough, no. It'll continue to manufacture its current range, including the Chiron, for the moment, and while upcoming products will definitely be fusions of Bugatti and Rimac DNA, Top Gear reports the combustion engine will live on in future hybrid Bugattis alongside fully electric cars – and Rimac won't be confining Bugatti just to the hypercar realm, hinting that the brand might expand back into the ultra-luxury realm as well in the coming years.

Rimac Group is also splitting out its EV technology business into a new, fully independent entity called Rimac Technology, which will continue to sell powertrain, battery, infotainment, e-axle, connectivity and other technologies developed for the Nevera hypercar to other manufacturers, including Porsche, Koenigsegg, Hyundai, Aston Martin, Pininfarina and others. This company stays 100 percent under Rimac Group ownership.

Rimac also recently announced an €200-million (US$238-million) Rimac Campus development to house the companies, including Rimac's own test track, kindergarten and gym. Spread across a 100,000-square-meter (1,076,400-sq-ft) location just outside Zagreb, the Croatian capital, and ready to accommodate a workforce two and a half times bigger than the 1,000-odd employees currently working for Rimac, the new campus begins construction in the next few months and is scheduled for completion in 2023.


You can watch the entire launch event, set in a spectacular castle in Dubrovnik, in the video below.

Rimac Live Event — Bugatti Rimac Announcement

Source: Rimac/Bugatti

WORTH REPEATING
Iceland’s short work week trial declared an “overwhelming success”
By Rich Haridy
July 05, 2021



A trial looked at how reducing a work week to 35 or 36 hours affected worker well-being and productivity
johnkwan/Depositphotos


A massive five-year trial in Iceland exploring the effects of a shorter working week is reporting significantly positive outcomes. The results suggest cutting just four or five hours from a standard work week can lead to dramatic increases in worker well-being and improvements in productivity.

The five-day, 40-hour work week was well and truly entrenched in the 20th century. Previously, the industrial revolution resulted in work dominating life to such an unhealthy extent it wasn’t unusual for people to work 16 hours a day, six days a week. Across the late 1800s demand for better regulation of work hours ultimately culminated in US federal laws setting the maximum work week at 40 hours, with overtime for hours worked beyond that threshold.

More recently there has been a growing push to again cut our standard work week down. This primarily has come from several prominent “four-day week” experiments, showing great benefits in cutting the work week down from five days.

A significant New Zealand trial in 2018 found widespread improvements in productivity and worker engagement after asking workers to deliver the same output as usual across a four-day work week. Their pay remained the same, the participants simply worked 30 hours across four days instead of 37.5 hours over five days. A Swedish trial saw similar benefits testing six-hour work days.

These experiments with alternative work weeks take a number of forms, from reducing one’s total work hours over five days to cramming extra hours into a four-day week. The Iceland trial demonstrates how broadly a shortened work week can be applied, looking at around 2,500 workers across a variety of industries.

The trial first started small, initiated by the Reykjavik City Council. A few dozen employees were offered 40 hours of pay but directed to only work 35 or 36 hours every week. Early results proved successful and over the subsequent years the trial was expanded to include a number of different workplaces, including schools, hospitals and police.

Across all metrics the experiment was found to be a success. Productivity either improved or remained the same in the vast majority of workplaces trialed. And worker well-being and health dramatically improved.


“This study shows that the world’s largest ever trial of a shorter working week in the public sector was by all measures an overwhelming success,” says Will Stronge, director of research at Autonomy, a UK organization tasked with analyzing the data. “It shows that the public sector is ripe for being a pioneer of shorter working weeks – and lessons can be learned for other governments.”

Unlike other trials testing more strict formulas, such as a specific four-day work week, this trial tasked its participants with finding their own individual ways of making the shorter week work. Some workers took a half day off once a week, others took a full day off every fortnight.

Workplaces changed internal processes to maintain productivity across shorter hours. This manifested in briefer, more focused meetings and new strategies for increased workflows.

Shift workers saw restructured shift patterns, with amended and often flexible start or end times. Even police stations experimented with different work hours, finding benefits to changing conventional shift patterns.

“In a police station, hours for investigative officers were shortened every other week, so that workers would leave one hour early on Monday to Thursday (8:00 to 15:00), and four hours early on Fridays (8:00 to 12:00),” the report states. “The next week they would work longer days (8:00 to 16:00). This way every other week was shortened by eight hours. Staff working around the clock had a different pattern.”

The report notes the key to successfully deploying a shortened work week is, “flexibility in how tasks were completed, how hours of work and shifts were constructed, combined with interest and engagement in the process of shortening hours from the workplace.”


The trial has proved so successful in Iceland that since its completion 86 percent of the country’s entire working population has either directly moved to a shorter work week or been offered that opportunity.

The report notes a significant amount of evidence correlating increased productivity with shorter work hours. It’s unsurprising people feel better when they work less but perhaps what is surprising is how productivity generally increases when people work shorter hours.

As work hours increased between 2005 and 2015 productivity per hour decreased
Alda, Association for Democracy and Sustainability, 2021

Data spanning 10 years reveals most wealthy European countries show productivity per hour dropping as working hours increase. This relationship reverses as work hours reduce, with a correlation often seen between increased productivity and shortened work hours.

Gudmundur Haraldsson, a researcher working on the new report, says the findings from this massive trial present a roadmap for future work reforms, demonstrating how shorter work weeks can improve outcomes for both businesses and individuals.

“The Icelandic shorter working week journey tells us that not only is it possible to work less in modern times, but that progressive change is possible too,” says Haraldsson. “Our roadmap to a shorter working week in the public sector should be of interest to anyone who wishes to see working hours reduced.”


Sources: Autonomy, Alda

1933

World's first 3D-printed school tackles classroom shortages in Africa
By Nick Lavars
July 05, 2021

Having completed the world's first 3D-printed school in Malawi, 14Trees now hopes to carry out similar projects in Kenya and Zimbabwe
CDC Group

Through pioneering projects in Mexico, China, Texas and elsewhere, we're starting to see how 3D printing can make building construction a whole lot more cost effective. An affordable housing venture in Africa named 14Trees has now leveraged the technology to produce the world's first 3D-printed school in Malawi, where students started taking their first lessons late last month.

14Trees is a joint effort between the UK's CDC Group and construction multinational LafargeHolcim, and is looking to help address housing shortages in Africa. As we've seen with other 3D-printed construction projects, the team uses a large extruder to form the walls of structures before the finishing touches, like windows, doors, roofing and various fittings, are added by skilled workers.

This approach can greatly reduce the time of construction and its impact, with CDC Group claiming the technique reduces the environmental footprint of constructing new buildings by 50 percent. 14Trees began scaling up its operations in Africa late last year, and recently completed the first 3D-printed "affordable" house in Africa, printing the walls in just 12 hours.

Along with a housing shortage, there is also a great need for new schools in Malawi, with UNICEF estimating that the shortage of 36,000 classrooms in the country would take 70 years to build. With the help of 3D printing, 14Trees believes this gap could be addressed in as little as 10 years.


Classes began at the world's first 3D-printed school in Malawi on June 21
CDC Group

The organization's first school was built in the district of Salima, with the walls printed in just 18 hours, compared to the several days required by conventional methods. It was then officially transferred to a village community in the Yambe zone, with classes then beginning on June 21.

“Before, we had 12 schools in the Yambe zone; we now have 13 – with this new 3D-printed school," says Juliana Kuphanga Chikandila, a Primary Education Advisor in Malawi. "To increase our supply of education to children, we need a total of four more primary schools in the Yambe zone, but as a district, we need approximately 50 more schools to serve those in need. I am very impressed by the new building – its durability and design provide the space and facilities that students did not have before; teaching and learning can now happen inside and outside the classroom."


With the world's first 3D-printed school now complete in Malawi, 14Trees will now look to build on this proof of concept with further projects in Kenya and Zimbabwe. Elsewhere, a 3D-printed school is also planned for Madagascar, with construction to take place sometime this year.

The short video below offers a look at the 14Trees 3D printing process.

14Trees pioneers 3D printing technology in Africa for affordable housing and schools

Source: CDC Group

UK Ministry of Defence developing missiles that talk to each other
By David Szondy
July 03, 2021



The CSTWD program will allow next-generation missiles like the Spear 3 to communicate with one another


The British Ministry of Defence is investing £3.5 million (US$4.8 million) in the Defence Science Technology Laboratory (Dstl) for the Co-operative Strike Weapons Technology Demonstrator (CSWTD) program to develop new systems that will allow missiles in flight to communicate with one another.


Back in the 1960s, the first laser-guided munitions were nicknamed "smart bombs." These could simply be steered toward their target by a pilot or weapons officer, but five decades later we're seeing an emerging generation of weapons that are smart in the very real sense that they can gather data, assess situations, and alter their plans to achieve their objectives.

The problem is that for such weapons to be effective, they need to be able to operate as a team rather than in a top-down fashion. The current generation of missiles can talk to their launcher, but not to one another. This is a considerable drawback with weapons that are able to adapt to their situation and need to inform their fellow missiles of the situation.

To remedy this, the CSWTD will look at developing both new hardware and new software that will make missiles more cooperative, as well as studying how to apply them to real-world scenarios. The new program is part of a larger £6-billion (US$8-billion) research and development budget by the ministry.


The two-year project began in April 2021 and the new technology could be integrated into a smarter integrated network of missiles within five years.

"Currently missiles can communicate with the launch platform but not each other," says a Dstl scientist identified as Charlie. "The aim of this program is to investigate how inter-missile communication and cooperative behaviors can be technically achieved to solve UK military challenges"

Source: Ministry of Defence

  

Fronius rolls out its first customer SolHub solar-to-hydrogen station
By Loz Blain
June 30, 2021

Visualization of the SAN Biotech Park under construction in Herzogenburg, with its huge 1.5 MW solar array on top
SWAP Arcitectur / Janusch - the visual collective / SAN Group

Well-respected Austrian solar energy company Fronius has broken ground on its first customer green hydrogen hub, giving us a good look at what it'll take to run a fleet of vehicles on green hydrogen produced entirely on-site using solar panels.

The first Fronius SolHub is under construction as part of SAN Group's new hydrogen facility in Herzogenburg, Lower Austria. Producing an average of around 100 kg of clean hydrogen a day, it'll be used as a filling station for SAN's own hydrogen vehicles. SAN is also working out deals with other companies interested in potentially running their own similar hubs, to use this facility as a demonstrator of sorts.

The aim here is to generate hydrogen fuel in a completely standalone, self-contained and clean fashion, and to do so, the SolHub requires some 1.5 megawatts of photovoltaic panels. That's not a small installation – the average home rooftop system is typically around 3-6 kilowatts, to put things in context. For 1.5 MW of solar, you're looking at some 5,000 or more panels, taking up close to 100,000 square feet (9,000 square meters) of space.

A prototype SolHub unit at Fronius's research and development site
Fronius

One hundred kilograms of green hydrogen a day will fully fuel around 16 typical fuel cell passenger cars, or power some 1,500 km (930-odd miles) of bus or truck travel.

Fronius is investing quite a bit on hydrogen, and is soon to begin construction on a new "hydrogen competence center" in Steinhaus, where it plans to accelerate R&D as well as production of H2 systems. This first SolHub installation is expected to be complete and commissioned by the spring of 2022.

Source: Fronius

 

Colombia used ‘excessive’ force against protesters: IACHR

Inter-American Commission on Human Rights urges Colombia to make structural changes to its militarised police force.

Demonstrators clash with police during anti-government protests in Medellin on June 28, 2021 [File: Santiago Mesa/Reuters]

By Megan Janetsky

7 Jul 2021

Bogota, Colombia – The Colombian government used “excessive and disproportionate” force during mass protests earlier this year, the Inter-American Commission on Human Rights (IACHR) said in a long-awaited report released on Wednesday.

The IACHR, an autonomous body in the Organization of American States, called on the South American nation to make structural changes to its militarised police force, which has been accused of committing “egregious” abuses against protesters.

KEEP READING

Can protesters in Colombia win change?

‘Egregious’ police abuse against Colombian protesters: Report

Violent protests erupt in Colombia anew over ‘egregious abuses’

Colombia to ‘modernise’ police after protest violence criticism

“The response of the state was characterised by an excessive and disproportionate use of force, in many cases, including lethal force,” IACHR President Antonia Urrejola said during a press conference.

The protests, known as the Paro Nacional, erupted in April as a pushback against a controversial tax reform bill and inequalities caused by the pandemic.

After the largely peaceful demonstrations resulted in a harsh crackdown by police forces, the protests quickly expanded into a reaction to state violence, gripping the South American country for months.

Human Rights Watch has confirmed that 34 people – largely protesters and civilian bystanders – were killed during the protests. Other activist organisations put that death count even higher.]

Other alleged human rights violations, including sexual abuse by riot police, forced disappearances and many injuries, prompted the visit of the human rights panel in early June.

The highly critical IACHR report followed a detailed investigation into the state’s response to the protests, which included testimony from more than 500 people including government officials, human rights defenders and violence victims in protest hotspots like the cities of Cali and Bogota.

The commission documented law enforcement’s indiscriminate use of firearms against protesters and civilians not participating in protests, gender-based violence and the use of violence against journalists and medical staff.

It also called on President Ivan Duque‘s administration to investigate abuses and protect the right to protest.

The report was welcomed by international observers like Gimena Sánchez-Garzoli, Andes director of the Washington Office on Latin America, who said the report also rejects the narrative by Duque and his party that protesters are vandals and criminals.

“They’ve been blaming the opposition, blaming everybody and not looking inward,” Sánchez-Garzoli said. “I think this report shows that attitude is not what the international community accepts.”

Demonstrators gather at the Los Heroes monument during a protest to demand government action to tackle poverty, police violence and inequalities, in Bogota on May 28 [File: Santiago Mesa/Reuters]

The human rights panel offered more than 40 recommendations to the Colombian government, most notably urging it to separate Colombian police from the country’s military.

Like the army, Colombian police fall under the jurisdiction of the country’s defence ministry, a product of decades of armed conflict.

But that structure has led to militarised law enforcement – notably by the riot police, ESMAD – that has been heavily criticised by the Colombian public and international observers.

Sergio Guzmán, director of Colombia Risk Analysis, said the recommendations “lend credibility” to longtime calls to demilitarise police forces.

“In a country under conflict it makes sense to have all military and police authorities under this same chain of command, but that’s not the same case today,” Guzmán said.

While Duque has pledged police reforms including increased officer training and different disciplinary standards for officers, Guzmán doubts that the Duque administration will implement many of the suggestions made in the report.

The government already has rejected a number of the suggestions, while Duque and members of his party criticised the report on Wednesday morning, continuing to decry “acts of vandalism” and “roadblocks that violate the rights of citizens”.

“No one can recommend that a country be tolerant of criminal acts,” the president said to a group of journalists on Tuesday.

While protest organisers have temporarily suspended the demonstrations, Guzmán predicted only more protests are on the horizon if significant changes are not made.

“The underlying reasons people have for protesting aren’t resolved: unemployment, unequality, corruption, urban poverty,” he said. “As there’s no reform for police – how police conduct their jobs, how police deal with protests – that’s likely to be a trigger for future unrest.”

SOURCE: AL JAZEERA