Biden issues executive order to increase U.S. cybersecurity defenses

By Lawrence Abrams
May 12, 2021



President Biden signed an executive order Wednesday to modernize the country's defenses against cyberattacks and give more timely access to information necessary for law enforcement to conduct investigations.

This executive order follows the numerous cyberattacks targeting US interests this year, including the SolarWinds supply chain attacks in December and the more recent DarkSide ransomware attack against the largest US fuel pipeline, Colonial Pipeline.

The 34-page 'Executive Order on Improving the Nation's Cybersecurity' is designed to modernize the cybersecurity defenses of the federal government's infrastructure, created a standardized incident response playbook, and increase communication between service providers and law enforcement.

In summary, the executive order will direct the government to perform the following actions:

Require IT (information technology) and OT (operational technology) service providers, including cloud hosting providers, to share information about cybersecurity threats and breaches that they become aware of and to remove contractual issues that prevent the sharing of such information.

Modernize the federal government IT services, including moving towards a Zero Trust Architecture, require multi-factor authentication, encryption for data at rest and in transit, and develop strict security guidelines on the use of cloud services.

Improve supply-chain security by developing guidelines, tools, and best practices to audit and assure that critical software is not tampered with by malicious actors in supply-chain attacks. As part of this initiative, the Federal government will create an "energy star" type of program that shows software was developed securely.

Establish a "Cyber Safety Review Board" that includes Federal and private-sector members who will convene after a significant cyber incident to assess the attack, provide recommendations, and share relevant confidential information with law enforcement.

Create a standardized playbook across all government agencies for responding to breaches and cyberattacks.

Improve the detection and remediation of cybersecurity vulnerabilities and breaches on government networks by deploying a centralized Endpoint Detection and Response (EDR) solution and intra-governmental information sharing.

These initiatives will be conducting in rolling phrases ranging between 30 days from the executive order, to in some cases, 360 days.

"This is one of the most detailed and deadline-driven EOs I’ve seen from any administration. In the wake of a seismic attack, like SolarWinds, this is incredibly encouraging to see," Amit Yoran, CEO of Tenable and founding director of US-CERT, shared in a statement to BleepingComputer.

The White House has also released a summarized version of the executive order that provides a good overview of the upcoming changes being made to increase the country's cybersecurity posture.

Related Articles:

Malware attack is preventing car inspections in eight US states

Brown University hit by cyberattack, some systems still offline

City of Tulsa's online services disrupted in ransomware incident

Largest U.S. pipeline shuts down operations after ransomware attack

DarkSide ransomware will now vet targets after pipeline cyberattack

Ransomware Group Leaks Info on Some D.C. Cops as Retribution for Demands Going Unmet

Maggie Gile 
NEWSWEEK

A Russian-speaking ransomware syndicate that stole data from the Washington, D.C., police department said it rejected an initial offer of a $100,000 payment and that if more money is not offered, it will release sensitive information that could put lives at risk, the Associated Press reported.

© Alex Brandon/Associated Press FILE - In this April 2, 2021, file photo, Washington Metropolitan Police Department chief Robert Contee speaks during a news conference in Washington. Political hand-wringing in Washington over Russia's hacking of federal agencies and meddling in U.S. politics has mostly overshadowed a worsening digital scourge with a far broader wallop: crippling and dispiriting extortionary ransomware attacks by cybercriminal mafias. All the while, ransomware gangsters have become more brazen and cocky as they put more and more lives and livelihoods at risk. This week, one syndicate threatened to make available to local criminal gangs data they say they stole from the Washington, D.C., metro police on informants.

The Babuk group said on its website late Monday that it would release "all the data" if the D.C. police didn't "raise the price."

"The negotiations reached a dead end, the amount we were offered does not suit us," the group said.

A day after the initial threat, the gang leaked personal information of some police officers taken from background checks, including details of officers' past drug use, finances and of past sexual abuse.

For more reporting from the Associated Press, see below.

The extortion threat comes amid a separate ransomware attack on the Colonial Pipeline that's affected part of the nation's fuel supply, highlighting the power of internet-savvy criminal gangs to sow mayhem from a half a world away with impunity.

D.C. police did not immediately comment and has not said whether it's negotiated any possible payment.

On Tuesday, the gang released screenshots that appear to be negotiations with the department. They show the gang asked for $4 million and received a counter-offer of $100,000. The authenticity of the screenshots could not be independently confirmed.

If true, it's an example how complex the ransomware problem is when even police find themselves forced to consider making payments to criminal gangs.

Late last month, the group said it had hacked into the network of the city's police department and threatened to leak the identities of confidential informants unless an unspecified ransom was paid. Experts said such a release could endanger the lives of the informants.

Babuk leaked similar background files on Monday with its threat to release more, said Brett Callow, a threat analyst and ransomware expert at the security firm Emsisoft.

"This is far worse than any hack of other police departments previously," Callow said, adding that he's never seen a law enforcement agency pay a ransom before.

Ransomware gangs have been leaking sensitive data from victims for well over a year, but experts said they've not seen such aggressive new tactics used before against police departments. The cybercriminal mafias mostly operate in foreign safe havens out of the reach of Western law enforcement.

The average ransom payments last year were $310,000, up 171% from 2019, according to Palo Alto Networks.

Related Articles
Gab CEO Andrew Torba Condemns Threats of Violence Against Social Network's Hackers
What is DarkSide? Russia-Linked Hacker Group Behind Colonial Pipeline Shutdown
Gas Shortages, Long Lines Across Southeast After Colonial Pipeline Cyberattack
Russian Ransomware Group Claims Credit for Cyber Attack on D.C. Metro Police

'Principled' ransomware hackers who took down the Colonial Pipeline: We regret it

The cybercriminals who caused an energy crisis on the U.S. East Coast said they had no hard feelings on Monday and expressed regret for causing trouble.

Provided by National Post Oil infrastructure stands at the Colonial Pipeline Co. Pelham junction and tank farm in Pelham, Alabama, U.S., Sept. 2016.

Colonial Pipeline Co. halted operations on May 7 after hackers stole almost 100 gigabytes of data and locked the company’s computers in a ransomware attack the FBI attributed to the DarkSide hacking ring.

The company has said the pipeline, the nation’s biggest, will be substantially back in operation by the end of the week. In the meantime, service stations from Virginia to Florida have sold out of gasoline as supplies dwindled and panic buying set in.

The 5,500-mile energy artery, extending from Texas to New Jersey, connects refineries along the Gulf Coast to population centres from Atlanta to New York and beyond. Each day, it carries about 2.5 million barrels, an amount that exceeds the entire oil consumption of Germany.

In a statement on Monday DarkSide expressed regret for the disruption, saying its intention was to “make money” — “not creating problems for society.”
Cyberattack shuts down America’s largest fuel pipeline, gasoline prices to spike
Colonial Pipeline says corporate website back online

The group also tried to shift the blame to its collaborators, adding that going forward DarkSide would “check each company that our partners want to encrypt to avoid social consequences.” It maintains that the targeted companies can afford the ransom, sometimes ranging in the millions, which it demands in return for encrypted data.

“We do not want to kill your business,” the group has previously said.

DarkSide’s site on the dark web hints at their hackers’ past crimes, claims they previously made millions from extortion and that just because their software was new “that does not mean that we have no experience and we came from nowhere.”

The site also features a Hall of Shame-style gallery of leaked data from victims who haven’t paid up, advertising stolen documents from more than 80 companies across the United States and Europe.

In a screenshot of one of its attacks posted on Bleeping Computer , the group reveals some of its stolen data to the company and threatens to release the entirety online.

In some ways DarkSide is hard to distinguish from the increasingly crowded field of internet extortionists. Like many others it seems to spare Russian, Kazakh and Ukrainian-speaking companies, suggesting a link to the former Soviet republics.

Since coming into the limelight last year, Canadian companies have also been a victim of DarkSide’s attacks. Earlier this year, it seized 120 gb of data from Discount Car and Truck Rentals, the Canadian division of U.S.-based Enterprise Holdings. Most recently, corporate data from Home Hardware has been pilfered and, last year, an unnamed billion dollar company was subject to its demands, IT World Canada reported .

According to news reports of DarkSide’s website, the group spares funeral services, hospitals, universities, non-profits or government bodies from attacks, “based on our principles.”

“I assume the attack on Colonial was carried out by an affiliate and the group is concerned about the level of attention it has attracted,” an analyst told Financial Times .

National Post Staff
With files from Reuters and Bloomberg

NATIONALIZE PIPELINES

Tech audit of Colonial Pipeline found 'glaring' problems

BOSTON (AP) — An outside audit three years ago of the major East Coast pipeline company hit by a cyberattack found “atrocious” information management practices and “a patchwork of poorly connected and secured systems,” its author told The Associated Press.

“We found glaring deficiencies and big problems,” said Robert F. Smallwood, whose consulting firm delivered an 89-page report in January 2018 after a six-month audit. “I mean an eighth-grader could have hacked into that system.”

How far the company, Colonial Pipeline, went to address the vulnerabilities isn't clear. Colonial said Wednesday that since 2017, it has hired four independent firms for cybersecurity risk assessments and increased its overall IT spending by more than 50%. While it did not specify an amount, it said it has spent tens of millions of dollars.

"We are constantly assessing and improving our security practices — both physical and digital,” the privately held Georgia company said in response to questions from the AP about the audit's findings. It did not name the firms who did cybersecurity work but one firm, Rausch Advisory Services, located in Atlanta near Colonial's headquarters, acknowledged being among them. Colonial's chief information officer sits on Rausch's advisory board.

Colonial has not said how the hackers penetrated its network. How vulnerable it was to compromise is sure to be intensely scrutinized by federal authorities and cybersecurity experts as they consider how the most damaging cyberattack on U.S. critical infrastructure might have been prevented.

Friday's pipeline shutdown has led to distribution problems and panic-buying, draining supplies at thousands of gas stations in the Southeast. Colonial said it initiated the restart of pipeline operations on Wednesday afternoon and that it would take several days for supply delivery to return to normal.

Ransomware attacks have reached epidemic levels as foreign criminal gangs paralyze computer networks at state and local governments, police departments, hospitals and universities — demanding large sums to decrypt the data. Many organizations have failed to invest in the safeguards needed to fend off such attacks, though U.S. officials worry even more about state-backed foreign hackers doing more serious damage.

Any shortcomings by Colonial would be especially egregious given its critical role in the U.S. energy system, providing the East Coast with 45% of its gasoline, jet fuel and other petroleum products.

Smallwood, a partner at iMERGE and managing director of the Institute for Information Governance, said he prepared a 24-month, $1.3 million plan for Colonial. While iMERGE’s audit was not directly focused on cybersecurity “we found many security issues, and that was put in the report.”

Colonial’s statements Wednesday suggest it may have heeded a number of Smallwood’s recommendations. In addition, it says it has active monitoring and overlapping threat-detection systems on its network and identified the ransomware attack “as soon as we learned of it.” Colonial said its IT network is strictly segregated from pipeline control systems, which were not affected by the ransomware.

Unlike electrical utilities, the pipeline industry is not subject to mandatory cybersecurity standards, which the Federal Energy Regulatory Commission chair, Richard Glick, called for in a statement Tuesday.

Smallwood’s study was not a cybersecurity audit. It focused on ensuring smooth operations and preventing data theft, which is exactly what Colonial suffered last week. Colonial is not saying what the cybercriminals took before activating the ransomware.

The hackers, from a Russian-speaking syndicate called DarkSide, steal data before locking up networks to doubly extort victims. If a victim refuses to pay, they not only refuse to unscramble the data, they threaten to release sensitive material online. Colonial has not said whether it paid DarkSide.

Smallwood read portions of his report to the AP but would not share it because he said some of the content is confidential. He said he was paid about $50,000 for it.

He cited, for example, Colonial's inability to locate a particular maintenance document. "You’re supposed to be able to find it within 15 minutes. It took them three weeks.”

Locating such a document could be crucial in responding to an accident or keeping up-to-date pipeline inspection records to prevent leaks, Smallwood said.

Colonial experienced one of the worst gasoline spills in U.S. history last August, contaminating a nature preserve north of Charlotte . After it was discovered by two teenagers, the spill's severity was not immediately clear as Colonial's initial reports indicated a far lower volume. North Carolina environmental regulators angrily called the company's failure to promptly provide reliable data unacceptable. Colonial says it released the best available data on spill volume as the discovery progressed.

Separately, shippers have complained to the Federal Energy Regulatory Commission that Colonial inflated what it spends on pipeline integrity to deflect accusations it overcharges them. Colonial rejects this, citing the rising costs of safely maintaining its system.

Bill Caram, executive director of the nonprofit watchdog Pipeline Safety Trust, called worrisome the allegations of deficient IT management, piecemeal spill reporting and pipeline integrity issues.

“I think all these things just could paint a picture of the culture at Colonial maybe not taking risks seriously enough,” he said.

Smallwood said he was reluctant to go public about the Colonial audit for fear of alienating future clients “but the gravity of the situation demands that the public know just how fragile some of these systems within our infrastructure are.”

One of his main recommendations was that Colonial hire a chief information security officer, a position that cybersecurity experts consider essential in any company with infrastructure vital to national security. Colonial said it instead assigned those responsibilities to a subordinate of chief information officer Marie Mouchet.

Mouchet was on the advisory board of Rausch when it did a cybersecurity study for Colonial concurrent to Smallwood’s audit. Asked if that might present a conflict of interest, Rausch CEO Michael Lisenby said Mochet's advisory board seat is an unpaid, voluntary position.

Smallwood’s recommendations included a data loss prevention program to ensure highly confidential, marketable data — such as details on how the pipeline is used — could not be easily removed.

Colonial says it has strengthened data-loss-prevention defenses with three different software tools that provide alerts when data leaves the network.

Smallwood said he found no security-awareness training, which mostly teaches employees not to fall victim to phishing, the cause of more than 90% of cyber-intrusions. But Colonial said its expanded cybersecurity regime includes regular simulated phishing campaigns for employees.

The audit “covered environmental procurement, legal risk, business development, asset integrity, accounting and tax safety operations, information technology, (Microsoft) SharePoint and human resources. And so it was a very comprehensive assessment,” said Smallwood.

Originally founded by nine oil companies in 1962, Colonial is privately held. It's owners include a pair of private equity firms, a Canadian fund manager, a Koch Industries subsidiary and a subsidiary of Shell Midstream Partners. The company does not release earnings or revenue figures.

___

This story has been updated to correct reference to one of the owners of Colonial. It is a Koch Industries subsidiary, not a Koch Brothers subsidiary.

Frank Bajak, The Associated Press

Biden: White House in 'very close contact' with Colonial Pipeline on shutdown, fuel shortage

Courtney Subramanian
USA TODAY

WASHINGTON – President Joe Biden said Wednesday his administration is in "very close contact" with Colonial Pipeline after a cyberattack disrupted fuel deliveries and threatened a gas shortage across the Southeast and Mid-Atlantic regions in recent days.

"We have been in very, very close contact with Colonial Pipeline, which is the one area you’re talking about - one of the reasons gasoline prices are going up," Biden told reporters during remarks on the COVID-19 vaccine campaign.

Colonial Pipeline issued a statement following the president's remarks announcing that it restarted its pipeline operations after temporarily closing it for six days. The company said it would take several days before its supply chain could return to normal.

Biden's comments came as officials urged Americans not to hoard gas, including advising against filling up plastic bags of gasoline, and the administration worked to find alternative ways to deliver gas amid the temporary shutdown of Colonial Pipeline, a major system that delivers fuel across the East Coast.

The FBI announced last Friday that hackers known as DarkSide hit the Colonial Pipeline system with a ransomware attack, which takes computerized systems hostage until a payment is made.

The incident,along with the SolarWinds hack on U.S. federal agencies last year and a cyber breach of Microsoft Exchange, raised fresh questions about the vulnerability of the U.S. infrastructure system.

In response, Biden signed an executive order Wednesday to modernize the nation's cyber defense, according to a senior administration official.

The order includes removing contractual barriers to allow IT service providers to share breach information with government officials, establishing baseline security standards for commercial software sold to the government, creating a standard playbook for cyber incident responses and establishing a cybersecurity safety review board led by government and private sector officials.

The official said the order was the first of many steps the government would take to confront cybersecurity threats but reflected a shift in the administration's mindset from incident response to prevention.
Your stories live here.
Fuel your hometown passion and plug into the stories that define it.
Create Account

More:Colonial Pipeline restarted operations, owners say 'it will take several days' for supply chain to return to normal

More:Continued gas shortages? Panic buying after Colonial Pipeline cyberattack won't solve the problem, experts say.

Panicked drivers rushed to fill up their tanks, fearing a gas shortage, even though pipeline officials have said they expect to "substantially" restore service by the end of the week, likely limiting most of the fallout.

According to AAA Gas Prices, which conducts a daily survey, the national average price for gas rose 8 cents from a week ago to $3.01, marking the first time national prices have topped $3 since 2014. The impact is largely concentrated in the Southeast, with station outages occurring throughout the region.

Biden and other White House officials have sought to allay concerns by issuing emergency waivers to ease restrictions on the distribution of fuel and assist in supply challenges

"I have in the meantime made it easier for us to have lifted some of the restrictions on the transportation of fuel, as well as access to the United States military providing fuel and with vehicles to get it there, places where it's badly needed," Biden told reporters.

Transportation Secretary Pete Buttigieg told reporters earlier on Wednesday the administration was "working around the clock" to tackle the delays caused by the pipeline shutdown.

Buttigieg, who appeared alongside Michael Regan, Administrator of the Environmental Protection Agency, outlined the steps the administration has taken in recent days, including surveying the availability of vessels that are qualified to carry petroleum in the Gulf of Mexico and up the eastern seaboard and issuing waivers to extend the hours during which drivers can transport fuel.


He also said the White House determined that 10 states can use existing federal major debt disaster declarations to issue permits that allow drivers to temporarily carry additional gasoline that would ordinarily exceed existing weight limits on federal highways in their state.

Buttigieg, who is among the administration officials pushing Biden's $2 trillion infrastructure proposal, said the incident was a reminder that the U.S. infrastructure needed to be more resilient.

"This is not an extra, this is not a luxury, this is not an option,” he said. “This has to be core to how we secure critical infrastructure.”

Contributing: Brett Molina, Nathan Bomey, USA TODAY

#FREEINTERNETFORALL

Internet Subsidy Gives $50 A Month Discounts For Low-Income Americans


The pandemic has underscored the importance of having a reliable internet connection, with adults dependent on it for work and young people reliant on it for their education.Nam Y. Huh/AP

Financially strapped American families are now eligible for an emergency discount on their internet service under a COVID-19 relief program that went into effect on Wednesday.

The Emergency Broadband Benefit program from the Federal Communications Commission provides a discount of up to $50 per month toward broadband service for eligible households and up to $75 per month for households on qualifying Tribal lands. It also gives low-income families a $100 discount for the purchase of a laptop or desktop computer, or a tablet. However, the FCC reports, Cox and Windstream are the only providers participating in this benefit so far.

The pandemic has underscored the importance of having a reliable internet connection, with adults dependent on it for work and young people reliant on it for their education. Expanding high-speed internet access is a priority for the Biden administration which has placed Vice President Harris in charge of the endeavor. The White House has asked Congress for $100 billion to make broadband more affordable and to carry it to rural areas that have been left behind by the tech advances.
Article continues after sponsor message

"High-speed internet service is vital for families to take advantage of today's health, education, and workplace opportunities," Jessica Rosenworcel, the acting chair of the FCC, said in a statement. "And the discount for laptops and desktop computers will continue to have positive impact even after this temporary discount program wraps up."

The $3.2 billion temporary pandemic subsidy was approved by Congress late last year but it's taken months for the FCC to finalize the rules of the program.

Only those Americans who already qualify for free and reduced-price school lunch programs, are recipients of a federal Pell Grant, experienced a substantial loss of income since early 2020, or meet eligibility criteria for participating providers' existing low-income or COVID-19 programs are eligible to apply for the benefits. People can access the funds until the money runs out or up to six months after the Department of Health and Human Services declares an end to the pandemic.

Earlier this week the FCC approved the Emergency Connectivity Fund, which sets aside nearly $7.2 billion to help schools and libraries provide devices and connectivity to students, school staff, and library patrons during the pandemic.

NATIONALIZE BIG PHARMA
Private equity group swoops on pharma services provider UDG Healthcare with a £2.6bn bid

By MATT OLIVER FOR THE DAILY MAIL

PUBLISHED: 12 May 2021

Private equity buyers have swooped on pharmaceuticals services provider UDG Healthcare with a £2.6billion bid.

The London-listed firm urged shareholders to back the cash offer from Clayton, Dubilier & Rice (CD&R), which is worth 1023p per share. That is a 21.5 per cent premium on UDG’s closing price on Tuesday.

It is the latest British company to fall into private equity hands after a string of deals, including approaches which were made for John Laing and St Modwen last week.


Pharmaceuticals services provider UDG Healthcare has urged shareholders to back a £2.6bn cash offer from private equity group Clayton, Dubilier & Rice

Analysts say the bonanza is being fuelled by a perception that UK firms appear ‘cheap’, due to the weak pound and the knock to share prices in the pandemic.

UDG’s shares leapt more than 20 per cent in response to the takeover bid.

They closed up 20.7 per cent, or 174p, at 1016p.

Shane Cooke, chairman of Dublin-based UDG, insisted the board was ‘confident’ in its future prospects but that the takeover bid was ‘an attractive offer for shareholders’.

‘The offer reflects the quality, strength and long-term performance of UDG’s businesses and its future growth potential,’ he added.


‘We believe that our people, our clients and our businesses will continue to prosper under the stewardship of CD&R.’

Eric Rouzier, partner at CD&R, said: ‘UDG has long established itself as a leading provider of high-value services to pharma and biotech companies globally, supported by a highly skilled workforce.’

UDG, which has its headquarters in Dublin, specialises in healthcare advisory, communications, commercial, clinical and packaging services.

Its manufacturing services include making placebos used in clinical trials.

However, the offer premium of 21.5 per cent is lower than the average of 36 per cent that has been offered in a string of other recent deals, according to AJ Bell.

Russ Mould, AJ Bell’s investment director, said that the avalanche of bids ‘suggests that someone, somewhere feels UK companies are still going cheap’.

He said overseas buyers were attracted by the weak pound, which still sits below levels reached ahead of the EU referendum in 2016, giving them improved buying power.

UDG also reported for the six months the end of March, showing that revenues fell 5 per cent to £469million but profits rose 5 per cent to £46million

APARTHEID ISRAEL

Mob 'lynching of Arab' aired live on Israeli TV

By AFP - May 13,2021 - 

This video grab obtained from a footage released by Kan 11 Public broadcaster on Wednesday, shows a far-right Israeli mob attacking who they considered an Arab man, on the seafront promenade of Bat Yam, a town south of Israel's commercial capital Tel Aviv (AFP photo)

OCCUPIED JERUSALEM — Fooage of a far-right Israeli mob attacking a man near Tel Aviv they believed to be an Arab was aired live on television Wednesday night, as the Israel-Palestinian conflict raged on.

The shocking images show a man being forcibly removed from his car and beaten by a crowd of dozens until he lost consciousness.

The attack, broadcast by public broadcaster Kan, took place on the seafront promenade of Bat Yam, south of Israel's commercial capital Tel Aviv.

Police and emergency services did not arrive on the scene until 15 minutes later, while the victim lay motionless on his back in the middle of the street.

Those in the crowd justified the attack by saying the man was an Arab who had tried to ram the far-right nationalists, but the footage shows a motorist trying to avoid the demonstration.

"The victim of the lynching is seriously injured but stable," Tel Aviv's Ichilov hospital said in a statement, without revealing his identity.



Issawi Fredj, an Arab deputy from the left-wing Meretz party, said the images were a sign that the country was heading towards "civil war".

Demonstrations by far-right activists broke out Wednesday night in several cities, leading to clashes with police and sometimes Arab Israelis.

Police said they were responding to violent incidents in cities including Acre, Haifa and Lod.

In Acre, a mixed Arab-Jewish town in northwest Israel, a Jew was seriously injured by stone throwers, police said.

"The rioters in Lod and Acre do not represent Israeli Arabs, the rioters in Bat Yam... do not represent Israeli Jews, violence will not dictate our lives," said opposition leader Yair Lapid, who is currently tasked with forming a government after March elections.

Palestinian militants in Gaza have launched hundreds of rockets since Monday at Israel, which has carried out air strikes on the crowded coastal enclave.

The most intense hostilities in seven years between Israel and Gaza's armed groups were triggered by weekend unrest at Jerusalem's Al-Aqsa mosque compound.

Polish bishop resigns after probe into cover-up allegations

OPPOSES LGBTQ RIGHTS COVERS UP CHILD ABUSE

WARSAW, Poland (AP) — Pope Francis has accepted the resignation of a Polish bishop following a Vatican investigation into alleged negligence in addressing cases of sexual abuse of minors by priests under the bishop's authority.

The forced departure of Bishop Jan Tyrawa was the latest in a string of sanctions the pope has meted out since mid-2020 to Polish Catholic Church leaders over cases of cover-up of sexual abuse by other priests.

The Vatican Embassy in Poland said that on Wednesday Francis accepted Tyrawa's resignation from the diocese of Bydgoszcz, in central Poland, and placed Bishop Wieslaw Smigiel from the neighboring Torun diocese temporarily in charge.

The Vatican communique said the investigation was launched in response to signs of negligence in addressing sex abuse of minors. It didn't say what the findings were concerning these allegations.

It said Tyrawa handed in his resignation after the probe was concluded and also due to some other difficulties in the running of the diocese.

Tyrawa was mentioned among other cases described in TV documentaries in Poland about alleged sex abuse by priests and cover-up by their superiors. The allegations came as a shock in the predominantly Roman Catholic country.

The Associated Press

Prosecutors shelves probe of gang rape that shocked Egypt

CAIRO (AP) — Egyptian prosecutors said they have shelved their months-long investigation into an alleged 2014 gang rape of a 17-year-old girl at a luxury Cairo hotel, ordering the release of all suspects for lack of evidence.

© Provided by The Canadian Press

The case shocked Egypt’s conservative society when it was revealed last year by a social media account that tracks alleged sexual assaults in the country.

In a detailed statement late Tuesday, prosecutors said evidence collected during their nearly nine-month investigation was not enough to refer the case to a criminal court. The statement said witnesses gave conflicted testimonies.

Prosecutors ordered the release of the four suspects, who were arrested last year and jailed pending investigations. Three of them were arrested in Lebanon and deported to Cairo last year.

Prosecutors said the probe could be reopened if new evidence emerges.

The alleged gang rape involves a group of young men from wealthy and powerful families. They allegedly drugged the teen at a party at a five-star Cairo hotel, then took turns raping her.

Accounts of the alleged assault surfaced amid a renewed #MeToo campaign on social media that swept Egypt last summer.

Potential witnesses in the suspected gang rape case and acquaintances were arrested as private, explicit videos purportedly from their phones circulated via private messenger apps. Some of them were later released.

In a joint statement Wednesday, seven Egyptian rights groups asked prosecutors to reconsider their decision. The groups, including the Egyptian Initiative for Personal Rights, said prosecutors ignored the arrest and intimidation of some of the witnesses, which “undoubtedly contributed to such regrettable outcome.”

The investigation into the hotel case uncovered another alleged gang rape in the North Coast resort on Mediterranean. Three suspects were referred to criminal trial last month in that resort case.

The Associated Press