Russia plans cyberattacks on Ukraine's grid, banks and government - NYT

Source : 112 Ukraine

The United States and the United Kingdom sent cyberwar experts to Ukraine to better prepare it to deal with hacker attacks

21 December 2021

 AFP 

Russia is preparing a series of cyberattacks against the Ukrainian government, power grids, the banking system and other important sectors of the economy as The New York Times reported citing the American intelligence.

According to the US intelligence community, the goal of Russian President Vladimir Putin at the moment is not an invasion of Ukraine with 175,000 troops that he collects at the border, but cyberattacks aimed at damaging Ukrainian infrastructure. Such subversive actions against Ukraine will not require occupation of the country or physical attack and will avoid the sanctions that Western countries have promised to impose in the event of Russian aggression.

Moreover, hacker attacks on important areas of the Ukrainian economy and government agencies will certainly weaken President of Ukraine Volodymyr Zelensky and expose him to society as inept and defenseless. All this will create the basis either for the overthrow of the government and the establishment of a puppet power loyal to Russia, or it will prepare a pretext for a real attack on the country.

Related: Pegasus — the favorite cyber weapon of dictators

American officials cannot say with certainty that a military invasion will take place.

“The current assessment of the U.S. government is that he has not made a decision,” President Biden’s national security adviser Jake Sullivan said.

Russian cyber activity has been the focus of the White House, the CIA, the NSA, and the US Cyber Command, whose "cyber missions" are deployed to identify vulnerabilities around the world. The data was obtained from classified sources.

Therefore, the United States and the United Kingdom secretly dispatched cyber warfare experts to Ukraine to better prepare it to deal with hacker attacks.

Related: 1,7 mln cyberattacks carried out on Ukraine's state agencies during six months

While no government provided details, officials said the United States is considering a larger deployment, including US Cyber Command resources.

In a statement, the administration of US President Joe Biden said that the United States "has long supported Ukraine's efforts to strengthen cyber defense and increase its cyber resilience."

A British government spokesman said the assistance provided by Britain and its allies was defensive in nature.

American officials believe that the Russian cyber campaign against Ukraine has, in a sense, never stopped, although until recently it continued at a low level. However, American officials and experts note that over the past month, the number of malicious activities in the cyberspace of Ukraine has increased, even as public attention has been focused on the troop build-up.

“It’s a widespread campaign targeting numerous Ukrainian government agencies, including internal affairs — the national police — and their electric utilities,” leading investigator of Russian cyber activity and the chairman of Silverado Policy Accelerator Dmitri Alperovitch said.

Related: Ukraine's Security Service exposes $758,000 sceme of cyber protection funds embezzlement

According to him, the Russian leader views cyberattacks as "preparing the battlefield."

The Ukrainian power grid was created during the Soviet Union and is connected to Russia. It has been upgraded with Russian equipment. The program is as familiar to cybercriminals as to operators.

As we reported, a hacker who carried out DDoS (attacks on a computer system made with the intention of making computer resources inaccessible to the user) and spam attacks (mass mailing of commercials) and hacked websites was exposed.

 

The Future of Work Has Changed, and Your Security Mindset Needs to Follow

VPNs have become a vulnerability that puts organizations at risk of cyberattacks.

Mark Guntrip
Senior Director, Cybersecurity Strategy, Menlo Security
December 23, 2021


Source: denisismagilov via Adobe Stock


When businesses first sent employees to work from home in March 2020 — thinking it'd only be for two weeks — they turned to quick fixes that would enable remote work for large numbers of people as quickly as possible. While these solutions solved the short-term challenge of allowing distributed workforces to connect to a company's network from anywhere, they're now becoming a security vulnerability that is putting organizations at risk of growing cyberattacks.

Now that almost two years have passed and work has fundamentally shifted, with fully or hybrid remote environments here to stay, business and security leaders need solutions that better fit their unique and increasingly complex needs. In fact, a new survey from Menlo Security has found that 75% of organizations are reevaluating their security strategies for remote employees, exemplifying that accommodating remote work is a top priority for the majority of business leaders.

To successfully manage the risks that distributed workforces entail, leaders must shift their mindset away from the hub-and-spoke approach of providing connectivity to the entire network, instead segmenting access by each individual private application, wherever it is deployed, as threats of cyberattacks loom across all industries. As organizations grapple with the added security challenges that remote and hybrid work environments bring, adopting a zero-trust approach will be critical for end-to-end network and endpoint protection.

Move Away From VPNs

Many businesses claim they are confident in their remote access security, yet the survey mentioned above also found that 75% of these organizations are still relying on virtual private networks (VPNs) for controlling remote access to applications. This is a problem. VPNs are an inherently insecure way of doing things, as they open access to everything on a network — meaning that as little as one person falling for a phishing scam could potentially put an entire network at risk of a cyber or ransomware attack. And with employees working from anywhere and everywhere for the foreseeable future, this is a risk that organizations can no longer be willing to take.


On top of the innate risks that VPNs hold, they are also difficult to manage at scale. Instead, business leaders should consider adopting a global cloud security platform that removes the burden of hardware management and offers elastic scalability for remote network access. Solutions that not only provide connectivity to applications but can secure the communication between the end user and the private application will remove potential security blind spots and enable an organization to protect the application and data from misuse.

Adopt a Zero-Trust Approach

While the zero-trust framework is not new, it is gaining steam across the public and private sectors, with the Biden administration encouraging all security leaders to adopt zero-trust-first strategies. According to the survey, more than a third of organizations are already pursuing some form of a zero-trust approach to providing remote access. This growing trend signals that the security industry is beginning to understand that it must move toward solutions that leave nothing to chance by preventing and isolating threats, rather than reacting to them after they strike and potentially cause irreversible damage.

Zero-trust network access provides users with access only to applications and resources that are needed to do their job. Adopting this approach across an entire organization can change your whole security mindset and better protect your organization from attackers by ensuring full confidence in the entire network, from top to bottom — allowing your business to get ahead of modern threats by eliminating them. And while no single solution can provide all components needed for a fully baked zero-trust approach, you can prioritize which elements your organization needs most and build your customized security strategy from there.

As we prepare for the new future of work, one thing is certain: Fully embracing remote work means securing it. The Internet has become the new corporate network, and regulating employee access to private applications is more important now than ever. To best protect organizations moving forward, business leaders need to evolve their thinking from providing connectivity to the entire network to segmenting access by each individual application. They need to invest in solutions that will scale with their business and ensure protection 24/7. By adopting a zero-trust approach appropriate for your business, you will enable seamless, secure access between end users and the applications they are authorized to use, while all other applications are essentially invisible — preventing lateral discovery and closing a backdoor across the network.

The Irish Times on cybersecurity: Taking the threat seriously

All State agencies must finance digital systems and security expertise needed to deal with cyber threats

Wed, Dec 22, 2021

As the highly critical report on the attack earlier this month from PwC makes clear, the HSE’s cyber defences weren’t remotely fit for purpose, even though many long-standing problems were clearly identified to the service in the past. Photograph: Kacper Pempel/Reuters

 

The long tail – and tale – of the devastating cyberattack waged against the Health Service Executive’s computer services last May continued in recent days as the HSE received a tranche of stolen patient data via the Garda National Cyber Crime Bureau. The information was being stored in the US.

Now, the long task begins of identifying the individuals whose personal information was compromised during an attack that the HSE predicts may ultimately cost the service more than €100 million to address. For everyone affected – and inevitably, that is all of us – the costs are incalculable. An already-overburdened and delayed medical system was dealt a crippling blow. For weeks, patient consultations, diagnoses or treatments were disrupted.

And that’s before adding in the risks to individuals of having some of their most sensitive personal information – not just names, addresses and credit card data, but treatment details – sold on to the dark web, potentially to be exploited for identity theft, financial fraud, or blackmail attempts.

• Cyberthreat healthcare alert came months before HSE hit by hackers
• Cyber criminals ‘don’t take a holiday’ over Christmas, Minister warns
• Recovered Tusla data from cyberattack being assessed by agency

As the highly critical report on the attack earlier this month from PwC makes clear, the HSE’s cyber defences weren’t remotely fit for purpose, even though many long-standing problems were clearly identified to the service in the past.

Weaknesses were multitudinous. Systems were old and creaky, a “frail IT estate” that had suffered from lack of investment over many years, PwC stated. And the HSE lacked the expertise to prevent or respond adequately to an attack.

“It does not possess the required cybersecurity capabilities to protect the operation of the health services and the data they process, from the cyberattacks that all organisations face today,” the report concluded. The latter point is notable: this was not a rare and unexpected event, but a digital commonplace in the 21st century. Not just the HSE, but all State departments and agencies must finance the digital systems, security expertise and staff training needed to deal with cyber threats. We have all learned the painful costs of doing otherwise, a price that continues to mount.

Amazon's Alexa tasked a 10-year-old with a lethal challenge
by Vilius Petkauskas

28 December 2021


The child's mother was furious with the digital assistant nudging her child to stick a metal item into the power socket.

According to Kristin Livdahl, a mother of a 10-year-old child and a writer, her daughter asked Alexa, a digital Amazon Echo assistant, for a challenge to do.

Somewhat ominously, artificial intelligence offered a potentially lethal task for the child.

"The challenge is simple: plug in a phone charger about halfway into a wall outlet, then touch a penny to the exposed prongs," Alexa said and set the timer for 20 minutes to complete the challenge.

The mother explained that she and her daughter were doing physical challenges to warm up, and her 10-year-old asked for more, prompting the lethal suggestion from Amazon's AI.

"It was a good moment to go through internet safety and not trusting things you read without research and verification again. We thought the cesspool of YouTube was what we needed to worry about at this age—with limited internet and social media access—but not the only thing," Livdahl explained in a Tweet.

The activity Alexa suggested is "the penny challenge," a TikTok trend circulating the social network over a year ago. Inserting metal objects in a power socket may lead to a house fire, severe burns, and even death.

Amazon did not reveal what caused its system to recommend such a challenge, but it explained fixing the issue in a statement to the BBC.

"As soon as we became aware of this error, we took swift action to fix it," the company claims.

Online fraud is an ‘epidemic’
by Chris Stokel-Walker

27 December 2021



The latest report by Group-IB highlights the ways scammers operate.

Scams and phishing remain two of the most alarming and dangerous ways that cybercriminals can leverage insight into people’s lives. It’s an indication of just how far it’s risen that Russian cybersecurity firm Group-IB has deemed it an “epidemic of online fraud” – an indication of its pervasiveness and risk to rank and file users.

And its scale is equally concerning to the cybersleuths. More than 14,000 phishing resources were blocked by Group-IB in the first six months of 2021, an indication of how widespread their use and deployment in the online world is. Those phishing resources were hosted on 12,000 unique domains – with around one in five websites hosted on compromised legitimate resources.

That all-encompassing, easily-available scam network is changing the types of people who operate such cons, according to Group-IB. “The popularity of the scam-as-a-service model has led to scams scaling up on a global level and to a lower entry threshold for newbie-scammers with no real skills for conducting scams,” they say.
Scams increasing in popularity

In the first half of 2020, scams accounted for 54% of all cybercrime that Group-IB encountered. That’s risen to 57% in the first half of 2021, based on the ability in part of everyday people to launch their own attacks through scam-as-a-service models, where people buy off-the-shelf tools that enable them to project attacks into the wild without any prior knowledge of coding.

Phishing too has seen an increase in popularity, going from 16% of all cybercrime in the first six months of 2020 to 17.5% of all cybercrime a year later.

One thing that hasn’t changed much is the geographical distribution of from where such phishing attacks are hosted.

The US, Germany and Canada were the top countries hosting phishing websites in H1 2021, according to Group-IB data. Perhaps because of its ubiquity as the de facto reliable gTLD, the United States’s .com accounted for 60% of all phishing sites.

A new scam uncovered

Alongside looking at how scammers have operated in the past, Group-IB tries to identify the latest scams and how they operate. One they’ve recently found targets users in over 90 countries all around the world, including the United States, Canada, South Korea, and Italy. The fraudsters employ the tried and tested technique with fake surveys and giveaways purporting to be from popular brands to steal users’ personal and payment data, with the total number of big-name companies impersonated in the scheme exceeding 120.

Group-IB fears that about 10 million people could be losing about $80 million per month to this scam, according to their estimates.

Fraudsters trap their victims by distributing invitations to partake in a survey, after which the user would allegedly get a prize.

The “branded survey” page takes very long to download because would-be victims find themselves in a long chain of redirects, which scammers use to glean as much information about their session as possible, including the country they’re based in, their time zone, language, IP and browser. The final scam link is customised to a specific user and can be opened only once.

Users are asked to answer questions to receive a prize from a well-known brand and to fill out a form asking for their personal data. The data required usually includes the full name, email, postal address, phone number, bank card data, including expiration date and CVV, says Group-IB – all you need to scam someone.

“Just a couple of years ago, online scams were focused on scale: by indiscriminately targeting users, fraudsters tried to ensure that at least someone would take the bite,” says Dmitriy Tiunkin, Group-IB Digital Risk Protection head, Europe. “Over time, as scam awareness was growing, fewer and fewer people fell prey to such schemes, which made it much more difficult for cybercriminals to make money.” This is just the latest example of a hyper-targeted scam fooling individuals.

Kronos ransomware fallout: Electrolux workers still not receiving full pay

by Edvardas Mikalauskas

29 December 2021


It appears that the aftershock effects of the ransomware attack on Kronos are still felt by real people who are not getting their full paychecks weeks after the incident took place.

Employees at an Electrolux facility in South Carolina claim that they haven’t been paid in full for about two weeks, according to a WSPA 7News report.

The report comes about two weeks after Kronos, a major HR and payroll service provider, suffered a ransomware attack that prevented the company’s clients from accessing staff management and payroll processing services.

According to WSPA 7News, Electrolux North America released a statement on Monday about the Kronos ransomware incident. “Kronos, our time clock supplier, is experiencing a global systems issue and is working to address it as quickly as possible. Upon learning this news, we immediately moved to manually recording employee work hours at the factory to ensure our employees are accurately paid, including overtime,” said the company.

One Electrolux employee told WSPA 7News that she hasn’t received a paycheck for the week of December 13 through 17.

Due to the disruptions caused by the Kronos ransomware attack, teams at the Electrolux facility had to resort to putting down their time clock data on paper. “We had to manually do it on a piece of paper and write everybody’s names down, and what time they came in and what time they left,” another employee told the reporter.

Kronos, the HR company that suffered the ransomware attack, claims that the initial forensic investigation shows the incident affected Kronos Private Cloud, the portion of UKG business where UKG Workforce Central, UKG TeleStaff, Healthcare Extensions, and Banking Scheduling Solutions are deployed.

Other high-profile Kronos clients who rely on services affected by the attack include Tesla, Puma, Sainsbury's, and the City of Cleveland.
Golden age for ransomware gangs

Pundits talk of a ransomware gold rush, with the number of attacks increasing over 90% in the first half of 2021 alone.

The prevalence of ransomware has forced governments to take multilateral action against the threat. It's likely a combined effort allowed to push the infamous REvil and BlackMatter cartels offline and arrest the Cl0p ransomware cartel members.

Gangs, however, either rebrand or form new groups. Most recently, LockBit 2.0 was the most active ransomware group with a whopping list of 203 victims in Q3 of 2021 alone.

Calm before the storm: the number of cyberattacks decreases in the third quarter of 2021

by Anna Zhadan

28 December 2021

It seems like malicious actors are giving companies a second to breathe freely. This quarter, analysts recorded an overall decrease in cyberattacks compared to Q2 2021, but the number of threats targeting individuals increased, according to the report by Positive Technologies.

On December 23, Positive Technologies released their Cybersecurity Threatscape: Q3 2021 report, overviewing the latest attack vectors and trends. The overall share of cyberattacks decreased by 4.8% in the third quarter of 2021, but a small tendency towards an increase in attacks targeting individuals also became evident, rising from 12% last quarter to 14%.

Such results can be attributed to two factors. The first has to do with the decrease in ransomware incidents - this tendency is described by the report as a “rapid decline.” As such, ransomware peaked in April with 120 attacks recorded and was down to 45 in September - an overall 65% decline. Threat actors mostly targeted government, healthcare, scientific and educational institutions, with REvil, LockBit 2.0, and Conti at the cybercriminal forefronts.

The second reason concerns the departure or rebranding of some major ransomware groups. As such, REvil joined DarkSide to form the BlackMatter ransomware group after international cooperation caused their servers to shut down.

“So many ransomware groups rebranded around the same time this July, and now we see the results of that. I imagine all these new groups are going to want to establish themselves and potentially increase targeting, activity, and increase the level of attack against larger organizations to rebuild that name,” Alec Alvadaro, threat intelligence manager at the digital risk protection company Digital Shadows, said during the webinar in September.

Later in November, the group announced that the new project was being canceled following rising pressure from authorities. Although, many experts saw it as simply another rebranding campaign.

“Taking these factors into account, it is likely this is yet another ransomware group pretending to shut down when in reality it is just a rebrand and launch of a new, improved version sometime soon in the future,” Peter Mackenzie, the Director of incident response at cybersecurity company Sophos, told CyberNews.

Attacks against individuals accelerate

Although the overall state of cybercrime is slightly less daunting in Q3 of 2021 than Q2, attacks against individuals are on the rise. Most of the attacks targeted people (83%), computers or network equipment (39%), and mobile devices (20%.) Overall, 62% of all attacks against individual users resulted in data leaks. Threat actors were primarily interested in credentials (42%), personal data (21%), and payment card information (15%.)

There was an evident increase in the use of Remote Access Trojan (by 2.5 times) and loaders (by 2.2 times) against individual users. Out of the RATs and loaders, the report highlights the FatalRAT Trojan, which is distributed via malicious links in the Telegram messenger, and MosaicLoader, disseminated through ads and targeting users looking for pirated versions of software.

The number of attacks against individual users via social engineering tactics has also increased - up from 67% in Q3 2020 to the current value of 83%. In comparison, the number of social engineering incidents involving organizations plummeted from 47% in Q3 2020 to 41%. Other popular attack tools on individuals were malware (51%) and hacking (11%.) Malware was mainly distributed via websites (34%), email (19%,) and compromised computers (16%.)
Attacks against organizations drop slightly

Unlike with individuals, the number of targeted attacks against companies has declined from 77% in Q2 to 75% in Q3. Targets in this segment included computer networks (75%,) people (41%,) and web resources (21%.) The most popular methods used were malware (51%,) social engineering (41%,) and hacking (33%.)

Among organizations, various industries were targeted, but the government (21%,) healthcare (12%,) and manufacturing sectors (9%) were especially of interest to criminals. According to the report, the most notable attacks on the state agencies were the hit on the Greek city of Thessaloniki, which paralyzed its most critical IT systems, and on the Italian region of Lazio, which also resulted in disruption to its IT infrastructure.

Overall, incidents resulted in sensitive data leaks (45%,) disruption to activities (38%,) and financial losses (24%.)

While there is a popular misconception that only big firms are of interest to threat actors, it is not the case. Small companies often present more opportunities to cybercriminals, as they have fewer resources to invest in cybersecurity. As such, the Verizon Business Data Breach Investigation Report (DBIR) showed that SMEs were at a high risk of data breaches and cyberattacks during the COVID-19 pandemic. And the trend is unlikely to slow down.

While it seems like there is a slight improvement in the number of attacks this quarter, such values constantly change and depend on a variety of factors. To stay safe, it is important to maintain proper cybersecurity hygiene, implement security measures, and not let your guard down.

Zuckerberg’s ring of power

As in ancient Athens, our task is to empower the demos without succumbing to the lure of power.

Yanis Varoufakis
Published December 29, 2021 

Once upon a time, in the ancient kingdom of Lydia, a shepherd called Gyges found a magic ring, which, when rotated on his finger, made him invisible. So, Gyges walked unseen into the royal palace, seduced the queen, murdered the king, and installed himself as ruler. If you were to discover such a ring or another device that granted you exorbitant power, Socrates asked, would it be wise to use it to do or get whatever you want?

Mark Zuckerberg’s recent announcement of some fabulous digital metaverse awaiting humanity gives new pertinence to Socrates’ answer: People should renounce excessive power and, in particular, any device capable of granting too many of our wishes. Was Socrates right? Would reasonable people renounce the ring? Should they?

Socrates’ own disciples were not convinced. Plato reports that they expected almost everyone to succumb to the temptation, pretty much as Gyges had. But could this be because Gyges’ ring was not powerful, and thus not scary, enough? Might a device far more powerful than a ring that merely makes us invisible cause us to shudder at the thought of using it, as Socrates recommended? If so, what would such a device do?

The ring allowed Gyges to overcome rivals physically, thus removing several constraints impeding his desires. But, while invisibility allowed Gyges to murder the King’s guards, it went nowhere near removing all of Gyges’ constraints. What if there were a gadget, let’s call it the Freedom Device, that removed every constraint stopping us from doing whatever we want? What would a constraint-free existence be like once this Freedom Device was activated?

We would be able to fly like birds, travel to other galaxies in an instant, and perform feats experienced within the universes designed by talented video game developers. But that would not be enough. One of the harshest constraints is time: It forces us to forego reading a book while swimming in the sea or watching a play. So, to remove all constraints, our theoretical Freedom Device should also allow for infinite, concurrent experience. Still, one final constraint, perhaps the most perplexing, would remain: other people.

When Jill wants to go mountaineering with Jack, but Jack craves a romantic stroll along the beach, Jack is Jill’s constraint and vice versa. To liberate them from constraints, the Freedom Device should allow Jill to go mountaineering with a willing Jack while he is strolling with a version of her contented self along the beach. It would let us all inhabit the same virtual world but experience our mutual interactions differently. It would fashion not merely a universe of bliss but, in fact, a multiverse of infinite, simultaneous, overlapping pleasures. It would grant us, in other words, freedom not only from scarcity but also from what other people do to us, expect of us, or want from us. With all constraints gone, all dilemmas dissolved, all trade-offs eradicated, boundless satisfaction would be at our fingertips.

It is not hard to imagine Zuckerberg salivating at the thought of such a device. It would be the ultimate version of the “metaverse” into which he has said he wants to immerse Facebook’s 2 billion-plus users. I can imagine him letting us sample a cornucopia of pleasures for an instant, free of charge, just enough to crave more, at which point he would charge users accordingly. Every nanosecond of immersion in this multiverse would produce enormous multiple pleasures—for which he would charge us again and again. Before long, the capitalisation of Meta, the company that now owns Facebook, would dwarf that of all other corporations put together.

The fact that our technologists are far from inventing the Freedom Device is irrelevant, as was the fact that Gyges’ ring was mythical. Socrates’ question, resting on these two science-fiction devices, one ancient and one modern, remains central: Is it wise to deploy exorbitant power over others, and over nature, in pursuit of our desires?

Big Tech and free marketeers think nothing of it: What’s wrong with joy? Why would anyone resist simultaneous experiences that satisfy one’s strongest desires? How is it wrong for Zuckerberg to make money from people who want to pay him for liberation from all constraints?

Socrates’ answer remains as apt today as it was 2,500 years ago: The price you pay for deploying excessive power is a disordered soul—that is, radical unhappiness. Whether you are a client seeking absolute control of your senses within a multiverse created by some device, or Zuckerberg striving to own the digital realm into which billions will soon be immersed, your misery is guaranteed. A successful life requires the capacity to overcome our hunger for power. It presupposes an understanding that power, in the hands of contradictory beings like us, is a dangerous double-edged sword.

Excessive power is counterproductive, even self-defeating, because we crave interaction with other minds that we cannot control, even while craving to control them. When others do what we do not want them to do, we feel disappointed, angry, or sad. But the moment we controlled them fully, their consent would give us no pleasure, and their approval would not boost our self-esteem.

Learning to appreciate that control is an illusion is hard, especially when we are prepared to sacrifice almost everything, to pay any price, to control others. But if we are to stop others—Zuckerberg, for example—from controlling us, it is a lesson we must learn.

Socrates was keen to warn us against yielding to the temptation of the magical ring, pointing to Gyges’ unhappiness. Today, with techno-feudalism and various immersive metaverses in the pipeline, his warning is more relevant than ever. As in ancient Athens, our tricky task is to empower the demos without succumbing to the lure of power.

—Project Syndicate




Yanis Varoufaki a former finance minister of Greece, is the leader of the MeRA25 party and Professor of Economics at the University of Athens.

Russians have called out Poland and Germany for the reverse on Jamal (Yamal), because they want to continue upping the prices

According to the Russians, the use of the reverse flow on the Yamal gas pipeline in Poland by the Germans is unreasonable. They are joined in criticism by Yulia Tymoshenko accusing Ukraine of paying extra to European intermediaries. In reality, however, it is a routine element of the EU gas market and a prelude to the polonisation of Yamal’s capacity. Meanwhile, the Russians can continue fuelling uncertainty, which will further increase natural gas prices that are already record-high.

The Russians accuse Germans of “unreasonable sale of gas” to Poland via the reverse flow on the Yamal gas pipeline. Russian President Vladimir Putin has suggested that this gas goes to Ukraine, and Yulia Tymoshenko, dubbed “the gas princess”, has accused Kyiv of overpaying for Russian gas coming from Europe. It is worth recalling that before the crisis, gas contracts with the Russians were more expensive than the offer on the European stock exchange.

“This (resold-ed.) gas comes from underground storage in Germany, which has already been used at 47 percent. And the winter is just beginning … this is not the most rational decision,” said Gazprom spokesman Sergei Kuprianov. This was his way of commenting on a routine purchase of gas on the German exchange by Poland’s  PGNiG and other entities, possible thanks to free access to the capacity of the Yamal gas pipeline after the end of the transmission contract with Gazprom and the introduction of EU regulations for the Polish section of the pipeline. PGNiG and other customers can use Yamal’s spare capacity through an auction to bring gas from the west, which constituted up to a quarter of deliveries to Poland in 2020.

Ultimately, the operator of the gas transmission pipelines Gaz-System wants to make the Polish section of the Yamal a normal part of the transmission system allowing gas to be distributed in different directions, including LNG and deliveries from the Baltic Pipe to the east. However, the Russians have suggested problems were coming.

“There is a reversal of gas flow from Germany to Poland and reportedly also to Ukraine, of the order of 3 million to 5 million cubic meters a day,” said the spokesman for Gazprom in a video that was posted on the internet. “This gas comes from underground storage in Germany, which have already been used at 47 percent. And winter is just beginning … this is not the most rational decision, ” Kuprianov added, quoted by the Polish News Agency. According to him, the prices of these supplies are “significantly higher than the volumes supplied by Gazprom”.

The Russians suggest that such a solution is unreasonable and argue for long-term contracts with Gazprom. However, these were on average several percent more expensive compared to the price on the European stock market in the period preceding the price records resulting from the energy crisis.

Yulia Tymoshenko, who was accused by her critics of signing an unfavorable long-term contract Naftogaz-Gazprom, expressed a similar view. Ukrainians have not imported gas directly from Gazprom since 2015, and instead import it through the European Union, including Poland. Tymoshenko has calculated that European brokers earn from USD 70 to 100 per 1000 cubic meters on such deliveries, and has accused the government in Kyiv of deceiving the public. The topic was also raised in Vladimir Putin’s end-of-year-speech, where he suggested that the gas from Yamal eventually lands by the Dnieper. PGNiG exports to Ukraine about a billion cubic meters of gas a year. Even dedicated shipments of American LNG from Świnoujście have made it there. It is possible that these deliveries will only increase in volume as part of the Poland-Ukraine-USA deal, we wrote about this on BiznesAlert.pl.

“This narrative has been manipulated. Since the Russians do not want to use the Yamal, the Poles can use it for reverse deliveries to the east,” BiznesAlert.pl’s sources in the gas sector argued. “Such suggestions are intended to add to the uncertainty in the market, which is driving up gas prices in Europe,” the informant adds.

Wojciech Jakóbik

Here's why critics are disturbed by the CDC's new guidance on isolating after getting COVID
Photo by Mulyadi on Unsplash
man in green shirt and blue knit cap sitting on floor

Julia Conley and
Common Dreams
December 28, 2021

Workers' rights advocates accused the Centers for Disease Control and Prevention of putting business interests ahead of public health Tuesday after the agency released new guidelines for asymptomatic Americans with Covid-19, while experts expressed concern that the guidance will result in confusion and more transmission of the disease.

The CDC announced late Monday that instead of isolating at home for 10 days, people who contract the coronavirus will be advised to isolate for five days immediately after testing positive. If the person is asymptomatic after five days f, they may return to work, school, and other activities but should wear a mask everywhere, including at home if they live with others, for five more days.

People who still exhibit symptoms after five days of isolating should continue to stay home until they are asymptomatic, the CDC said.

The agency said the guidance was revised because scientists now understand people with Covid-19 to be most contagious in the two days prior to showing symptoms and for three days afterward.

CDC director Dr. Rochelle Walensky also said concerns about economic activity provoked the new guidelines, as the fast-spreading Omicron variant overwhelms airlines, hospitals, and other businesses.



Sick crew members forced the cancellation of thousands of flights on Christmas Eve and Christmas Day, and the spread of the variant is "significantly diminishing" the healthcare workforce at hospitals across the country, according to the American Public Health Association.

"We want to make sure there is a mechanism by which we can safely continue to keep society functioning while following the science," Walensky told the Associated Press.

As Common Dreams reported Sunday, the CDC's amended guidance for healthcare workers—who as of last week are advised to stay home for seven days instead of 10 if they are asymptomatic and test negative—alarmed the nation's largest nurses' union, which said the guidelines were changed in the interest of hospitals' "business operations, revenues, and profits."

The CDC's new guidelines for the larger public come after officials at Delta Air Lines and JetBlue Airways wrote to the agency asking them to consider shortening the advised isolation period for people with Covid-19.

Sara Nelson, international president of the Association of Flight Attendants, acknowledged that the CDC provided a medical explanation for the new guidance, but emphasized that "the fact that it aligns with the number of days pushed by corporate America is less than reassuring" and warned that businesses may use the guidelines to pressure employees out of isolation before they are ready to return to work.

"If any business pressures a worker to return to work before they feel better we will make clear it is an unsafe work environment, which will cause a much greater disruption than any 'staffing shortages,'" Nelson said in a statement. "We cannot allow pandemic fatigue to lead to decisions that extend the life of the pandemic or put policies on the backs of workers."

Dr. Megan Ranney, an emergency physician at Brown University, also expressed concern that the new guidelines "will too easily move to 'go back to work when you have symptoms'" and that many people who come out of isolation after just five days will not wear face masks after the isolation period.

Dr. Aaaron Glatt, a spokesperson for the Infectious Diseases Society of America, pointed out that the shortened isolation timeframe will make it more likely that people return to normal activities when they are still infectious.

"If you decrease it to five days, you're still going to have a small but significant number of people who are contagious," Glatt told the AP.

Some observers also urged the CDC to clarify the guidance, as the agency's website suggested people can come out of isolation if they are asymptomatic or if their "symptoms are resolving after five days."

While calling the new guidance "reasonable" and noting that the shorter isolation period could push people to get tested who otherwise would not have, Harvard Medical School professor Dr. Ashish Jha said the CDC should include more precautions to help prevent transmission as people come out of isolation.

Epidemiologist Dr. Michael Mina noted that he has previously recommended a shorter isolation period to the CDC, but pointed out that recommendation "was always with a negative test."

Pushing people to return to normal activities without a negative test is "reckless," Mina tweeted.

In the U.K., epidemiologist Dr. Eric Feigl-Ding pointed out, two negative tests are required before people can exit isolation.

"But somehow a five-day exit with zero negative test is okay in [the U.S.]?" he said. "American exceptionalism does not apply to a pandemic virus."

With the highly transmissible Omicron variant, Mina said, "Someone KNOWN to be positive for five days is, in my view, still one of the highest risk individuals in society for onward spread."

"We do SO much just to find people who are positive in [the] first place," he added. "When we do identify them, we should do everything possible to keep them from spreading."

Flight attendants​ fire back after CDC cuts quarantine time

Quintin Soloviev / Wikimedia Commons

Meaghan Ellis December 29, 2021

Flight attendants are not pleased with the Centers for Disease Control and Prevention's (CDC) decision to loosen COVID guidelines as the Omicron variant spreads rapidly across the United States, per Politico.

After the CDC announced its recommendation to cut the COVID quarantine time from 10 to 5 days, the Association of Flight Attendants-CWA International President Sara Nelson released a statement expressing airline workers' concerns. According to Nelson, the directive appears to be one that is influenced by the desires of corporate America as opposed to medical professionals.

"We said we wanted to hear from medical professionals on the best guidance for quarantine, not from corporate America advocating for a shortened period due to staffing shortages,” said Sara Nelson.

Although the CDC has insisted that there is a medical explanation behind its recommendation, Nelson notes that it actually aligns with the demands of corporations.

“The CDC gave a medical explanation about why the agency has decided to reduce the quarantine requirements from 10 to five days, but the fact that it aligns with the number of days pushed by corporate America is less than reassuring,” Nelson said.

Also speaking on behalf of flight attendants, Airlines for America President and CEO Nicholas Calio also penned a letter addressed to CDC Director Rochelle Walensky. Calio urged the CDC to make 'scientifically sound" decisions based on clear data.

“As an industry, we stand ready to partner with the CDC to make scientifically sound policy decisions and work with you to collect empirical data necessary to appropriately monitor any guideline modifications,” Airlines for America President and CEO Nicholas Calio said in the letter.

The latest changes came shortly after Delta Air Lines made the initial request for the quarantine time period to be reduced to five days. The airline also argued that the previous 10-day guidance “was developed in 2020 when the pandemic was in a different phase without effective vaccines and treatments.”

People in US perplexed due to cut in COVID-19 isolation period by half

CDC guidelines endorsing to end isolation 5 days after infection prompt reactions amid concerns over high transmissibility of omicron variant

Dilan Pamuk |29.12.2021


ANKARA

The US Centers for Disease Control and Prevention's (CDC) recent guidelines to cut the isolation and quarantine period in half have raised questions among experts and caused concern among the general public in the US.

As omicron, the variant notorious for its rapid contagiousness, pervades and triggers new spikes in the number of cases worldwide, the CDC guidelines have been met with strong criticism and disagreement for recommending shorter isolation and allowing it to end without the requirement of a negative PCR test.

The unexpected changes in isolation and quarantine periods, amid recent spikes in cases due to the omicron variant, raised doubts about whether the CDC was caving in to the pressures of major sectors and profit-driven laypeople affected by the pandemic's negative impact on the workforce.

Concerns have also been raised about the health care sector, as health professionals may be required to return to work before fully recovering from COVID-19, leading to the spread of the virus and, as a result, a reduction in the number of health care workers available in hospitals.

Meanwhile, experts point out that there is not enough research involving the omicron form to back up CDC2's decision.

The CDC reduced the recommended COVID-19 isolation period from 10 days to five days on Monday, followed by another five days of wearing a mask around others for asymptomatic patients.

If the patient is asymptomatic, they may be released from isolation on the condition that they wear a mask around others for another five days to minimize the risk of infecting others, according to the CDC.

The CDC attributed the change in guidelines to the fact that the virus is transmitted in the early stages of the illness, usually within the first two days of infection.

The center also altered its quarantine recommendations for people who have been exposed to the coronavirus, depending on whether or not they have been vaccinated.

People who have not been vaccinated or have not had their last mRNA dose in more than six months should undergo a five-day quarantine followed by strict mask wear for another five days.

If a five-day quarantine is not feasible, the CDC recommends wearing a well-fitting mask at all times while around others for 10 days after exposure.

Individuals who have had their booster shot do not need to be quarantined after being exposed, but they should wear a mask for 10 days afterwards, it added.

CDC draws criticism for shorter COVID quarantine, isolation as omicron bears down
Data backs shorter periods, but experts say testing is key.

BETH MOLE - 12/28/2021

Enlarge / Travelers wait in line to check-in at LaGuardia Airport in New York, on December 24, 2021. -On Christmas Eve, airlines, struggling with the Omicron variant of Covid-19, have canceled over 2,000 flights globally, 454 of which are domestic, into or out of the US.

As the ultratransmissible omicron coronavirus variant bears down on the US, the Centers for Disease Control and Prevention on Monday made a controversial decision to ease COVID-19 isolation and quarantine rules.

The country's omicron surge has sent graphs of case counts vertical, and is already causing severe strain on health systems, shuttering businesses, and wreaking havoc on holiday travel and festivities. The US is currently averaging over 243,000 new COVID-19 cases per day, near the country's all-time high of an average just over 250,000 per day set in early January 2021. Still, federal officials and public health experts say this is only the beginning of omicron's towering wave, which may not peak until next month.

The CDC's decision Monday is intended to ease the economic burden of the skyrocketing cases and follows an accumulation of data suggesting that infectiousness tends to wane two to three days after the onset of symptoms. However, some public health experts called the new rules "reckless" for not incorporating testing requirements.

As of Monday, the CDC says that people who test positive for COVID-19 but do not develop symptoms can cut their isolation period down from 10 days to only five—though they must wear a mask for an additional five days when around others. The new guidance does not stipulate that people should test negative prior to ending isolation at the earlier time period.

"The change is motivated by science demonstrating that the majority of SARS-CoV-2 transmission occurs early in the course of illness, generally in the 1-2 days prior to onset of symptoms and the 2-3 days after," the CDC said in its announcement.Advertisement

Similarly, the CDC slashed quarantine periods for people who are unvaccinated or are vaccinated but past due for a booster dose. If someone in one of these two groups is exposed to someone with COVID-19—that is, they were within six feet of an infected person for a cumulative 15 or more minutes over a 24-hour period—they can quarantine for only five days, rather than the previous recommendation of 14 days. The exposed person must still mask for an additional five days after the quarantine period. Again, the new rule does not stipulate that an exposed person receive a negative test result to end quarantine.

A balance

The CDC did not change its guidance for people who are vaccinated and boosted or vaccinated and not yet eligible for a booster. For these groups, people do not need to quarantine after an exposure unless they develop symptoms. However, the CDC still recommends that they get tested and mask indoors.

In a statement Monday, CDC Director Dr. Rochelle Walensky called the new recommendations a "balance" between the fighting the formidable variant and keeping the country functioning. “The omicron variant is spreading quickly and has the potential to impact all facets of our society," Walensky said. "CDC’s updated recommendations for isolation and quarantine balance what we know about the spread of the virus and the protection provided by vaccination and booster doses. These updates ensure people can safely continue their daily lives. Prevention is our best option: get vaccinated, get boosted, wear a mask in public indoor settings in areas of substantial and high community transmission, and take a test before you gather.”

The decision drew praise from businesses and industry leaders, particularly those in charge of airlines. There have been thousands of flights cancelled over the holidays due, in part, to staff shortages. Just last week, the airline trade group, Airlines for America lobbied the CDC to cut recommended isolation periods.

In a statement late Monday, Delta Air Lines welcomed the CDC's updated guidance, saying it "allows more flexibility for Delta to schedule crews and employees to support a busy holiday travel season and a sustained return to travel by customers."

Delta's Chief Health Officer Dr. Henry Ting added that it "is a safe, science-based and more practical approach based on what we now know about the omicron variant."
"Reckless"

But, while other public health experts generally agreed with Ting's point, they were frustrated that the CDC's new guidance did not also require negative test results. Dr. Michael Mina, a Harvard epidemiologist and long-time advocate of rapid testing, called the new guidance "reckless."

He noted that while some people may be infectious for only three days, some may be infectious for longer periods, even up to 12 days. "I absolutely don’t want to sit next to someone who turned [positive] five days ago and hasn't tested [negative]," Mina wrote on Twitter. Requiring a negative test result to leave isolation early is "just smart," he concluded.

Similarly, Dr. Céline Gounder, an infectious disease expert at New York University, said on Twitter that the shortened isolation and quarantine periods are only reasonable if they're paired with rapid testing. "People are infectious for a wide range of time. Some for a couple days. Others, for over a week," she wrote.

Gounder and others pointed out that the CDC may not have included testing requirements in their update because the country is currently seeing shortages of rapid tests and long lines at testing centers. "CDC's isolation policy is being driven by a scarcity of rapid antigen tests," she concluded. But, Mina pushed back on this excuse, calling it an "artificial" problem stemming from a failure to fortify testing capacity earlier in the pandemic.

BETH MOLEBeth is Ars Technica’s health reporter. She’s interested in biomedical research, infectious disease, health policy and law, and has a Ph.D. in microbiology.

COVID-19: Government under pressure to further reduce self-isolation period for positive cases

Despite Omicron being less severe in terms of its symptoms, it is more transmissible, meaning that some industries are struggling to cope due to the quarantine requirements - particularly the NHS.

Wednesday 29 December 2021 UK

There are calls to reduce the self-isolation period to help stimulate the economy

A number of scientists have said that the UK should follow in the footsteps of the US and reduce the COVID self-isolation period to five days, in an effort to protect the NHS.

The US Centers for Disease Control and Prevention said on Monday that Americans who catch COVID and don't have any symptoms only need to self-isolate for five days, so long as masks are worn for another five.

It has prompted similar calls in the England, despite the rules being relaxed slightly ahead of Christmas.

This is a modal window. This modal can be closed by pressing the Escape key or activating the close button.

Professor Alison Leary has told Sky News health and social care workers 'are absolutely exhausted' by the pandemic.

In England, those who have tested positive for COVID are able to leave self-isolation after seven days, as long they can produce two negative tests.

Despite Omicron being less severe in terms of its symptoms, it is more transmissible, meaning that some industries are struggling to cope due to the quarantine requirements - particularly the NHS, which at one point last week reported a 50% rise in staff absences.

A record number of people tested positive in the latest reporting period, with 117,093 new infections in England alone, as the new variant sweeps through communities, with up to 800,000 thought to be in isolation.
It's led to calls for the isolation period to be further reduced, to get the economy moving again.

Professor Tim Spector from Kings College London, who runs a nationwide COVID symptoms study, tweeted on Tuesday in favour of the recommendation, saying it would "protect the economy".

That was echoed by Paul Hunter, professor of medicine at the University of East Anglia, who told the BBC that he believes Omicron has become "effectively just another cause of the common cold".

"We're going to have to let people who are positive go about their normal lives as they would do with any other cold.

"I think the whole issue of how long are we going to be able to allow people to self-isolate if they're positive is going to have to be discussed fairly soon, because I think this is a disease that's not going away."

He did caveat his thoughts though, adding: "Maybe not quite just yet".

Sir John Bell, regius professor of medicine at Oxford University, also piled on the pressure, telling the BBC's Today programme that a negative test is a "better way to measure if we're allowing people to go back into community" instead of isolation periods.

The president of the Confederation of British Industry (CBI), Lord Bilimoria, went further, pointing out to the Today programme that South Africa, which discovered Omicron through genetic sequencing, dropped the requirement to isolate altogether for those who are asymptomatic.

He added: "We have got to do everything we can to stop the disruption to our lives and to our livelihoods and to the economy in as safe a way as possible.

"We need people to isolate for as little time as possible."

The Department of Health said: "Anyone who takes a negative lateral flow test on days six and seven of their self-isolation period can end their isolation early, following analysis by the UK Health Security Agency that this has a similar protective effect to a ten-day isolation without lateral flow testing."