Categories
Genel

UN human rights chief: Crisis in Gaza, Israel "has deteriorated at an alarming rate" From “Yahoo News – Latest News & Headlines”



UN human rights chief: Crisis in Gaza, Israel "has deteriorated at an alarming rate"







Read All

Categories
Genel

Low- and regular-dose aspirin safe, effective From “Yahoo News – Latest News & Headlines”



An unusual study that had thousands of heart disease patients enroll themselves and track their health online as they took low- or regular-strength aspirin concludes that both doses seem equally safe and effective for preventing additional heart problems and strokes.But there’s a big caveat: People had such a strong preference for the lower dose that it’s unclear if the results can establish that the treatments are truly equivalent, some independent experts said. Half who were told to take the higher dose took the lower one instead or quit using aspirin altogether.“Patients basically decided for themselves” what they wanted to take because they bought the aspirin on their own, said Dr. Salim Virani, a cardiologist at Baylor College of Medicine in Houston who had no role in the study.Still, the results show there’s little reason to take the higher dose, 325 milligrams, which many doctors assumed would work better than 81-milligram “baby aspirin,” he said.Results were published Saturday by the New England Journal of Medicine and discussed at an American College of Cardiology conference.Aspirin helps prevent blood clots, but it’s not recommended for healthy people who have not yet developed heart disease because it carries a risk of bleeding. Its benefits are clear, though, for folks who already have had a heart attack, bypass surgery or clogged arteries requiring a stent.But the best dose isn’t known, and the study aimed to compare them in a real-world setting. The study was funded by the Patient-Centered Outcomes Research Institute, created under the 2010 Patient Protection and Affordable Care Act to help patients make informed decisions about health care.About 15,000 people received invitations to join through the mail, email or a phone call and enrolled on a website where they returned every three to six months for follow-up. A network of participating health centers supplied medical information on participants from their electronic records and insurance claims.Story continuesThe participants were randomly assigned to take low- or regular-dose aspirin, which they bought over the counter. Nearly all were taking aspirin before the study began and 85% were already on a low dose, so “it was an uphill task right from the get-go” to get people to use the dose they were told, Virani said.After roughly two years, about 7% of each group had died or been hospitalized for a heart attack or a stroke. Safety results also were similar — less than 1% had major bleeding requiring hospitalization and a transfusion.Nearly 41% of those assigned to take the higher dose switched at some point to the lower one, and that high rate “could have obscured a true difference” in safety or effectiveness, Colin Baigent, a medical scientist at the University of Oxford in the United Kingdom, wrote in a commentary in the medical journal.One study leader, Dr. Schuyler Jones of Duke University, said the study still provides valuable guidance. If patients are taking low-dose aspirin now, “staying on that dose instead of switching is the right choice,” he said. People doing well on 325 milligrams now may want to continue on that and should talk with their doctors if they have any concerns.For new patients, “in general, we’re going to recommend starting the low dose,” Jones said.Virani said people must remember that aspirin is a medicine and that even though it’s sold over the counter, patients shouldn’t make decisions on its use by themselves.“Don’t change the dose or stop without talking to someone,” he warned. “This is important, especially for a therapy like aspirin.”___The Associated Press Health and Science Department receives support from the Howard Hughes Medical Institute’s Department of Science Education. The AP is solely responsible for all content.







Read All

Categories
Genel

Racist attacks revive demand for Asian American Studies From “Yahoo News – Latest News & Headlines”



As Dartmouth College sophomore Nicholas Sugiarto flipped through the course catalog last semester, two words caught his eye: “Asian American.”The 19-year-old Chinese Indonesian American didn’t know Asian American-focused classes were even an option at the Hanover, New Hampshire, campus. The biomedical-engineering major ended up enrolling in “Gender and Sexuality in Asian American Literature” and now wishes he could minor in Asian American Studies.“I never realized how long and storied the history of Asians in America has been,” Sugiarto said. “You also hear about stories that just never made the news or never made it into the standard AP U.S. history textbooks.”That feeling of being seen resonates now more than ever for Asian American and Pacific Islander students and faculty at college campuses around the country. For all the “Stop AAPI Hate” hashtagging, accounts keep emerging of new incidents of Asian Americans being coronavirus scapegoats or made to feel like foreigners in their own country.Ongoing anti-Asian attacks along with the March massage business shootings in Georgia that left six Asian women dead have provoked national conversations about visibility.The debate has renewed an appetite at some colleges for Asian American Studies programs. As student diversity grows, so does the desire for representation in the syllabus. But qualified professors of color say such programs won’t last if they aren’t being offered permanent decision-making power.Inspired by his literature class, Sugiarto added his signature to the nearly 1,000 on a petition calling on Dartmouth to establish an Asian American Studies major, a challenge that’s been brought to the Ivy League school on and off for four decades.Sugiarto and his classmates hope this time will be different given recent events.Eng-Beng Lim, the Dartmouth professor who taught Sugiarto’s class, said the petition gained momentum after the massage business killings, and even fueled discussions with administrators.Story continuesThose talks recently stalled, though Lim still described it as a “promising and critical impasse.”“When U.S. universities refuse to support Asian American Studies that are framed in a way that we have framed it, it’s really a missed opportunity to think about how we might have a more nuanced understanding of American racism beyond binary terms of Black and white,” Lim said.Pawan Dhingra, a professor at Amherst College and the incoming president of the Association for Asian American Studies, said he is aware of a few other East Coast schools either considering Asian American Studies or renewing their commitment to it.“A lot of ethnic studies programs grew out of student demand during key inflection points in American history,” Dhingra said. “This is an inflection point. The push for ethnic studies — in this case Asian American Studies — fits the tradition of how these programs come to be. It’s rarely the brainchild of administrators or faculty.”The concept of ethnic studies is believed to have started in California, where it became state law in August that California State University students take one ethnic studies course to graduate.In 1968, students of color at San Francisco State University, which was named San Francisco State College at the time, joined Black classmates demanding a curriculum that wasn’t just Euro-centric. What followed was five months of protests — the longest student strike in U.S. history — and hundreds of arrests.In March 1969, after intense negotiations, the university officially launched a College of Ethnic Studies. Other schools also devised similar programs.Alumni who were on strike 53 years ago see parallels with today’s “Stop Asian Hate” rallies, said Mai-Nhung Le, chair of San Francisco State University’s Asian American Studies program. Young Asian Americans are again demanding classes relevant to them — not just history but everything from popular culture to environmental justice.But while the backdrop in the ’60s was the Vietnam War, today it’s “two concurrent pandemics”: COVID-19 and structural racism, Le said.Establishing an Asian American Studies department is one thing — nurturing it is another. Ethnic studies programs are on shaky ground if schools don’t recruit instructors who can plan courses and mentor students.Of more than 428,000 faculty who were tenured or on tenure-track at degree-granting institutions nationwide in 2019, 70% were white, 11% were Asian or Pacific Islander, 5% were Black, and 5% were Latino. Native Americans and Alaska Natives comprised just 0.4%, according to data gathered by the National Center for Education Statistics.A furor erupted at Dartmouth in 2016 when Aimee Bahng, an assistant English professor, was denied tenure. She had unanimous support from a departmental committee but not with higher-ranking campus officials. The rejection came as students were making another push for Asian American Studies. Bahng had even started planning potential classes.She recalls receiving hundreds of sympathetic messages from female academics in the U.S. and abroad.“I had an electronic folder of just women or women of color who had been denied tenure,” said Bahng, who now teaches at Pomona College. “It was amazing but also depressing. … I always know when it’s tenure-denial season because I still get a handful of emails.”Dartmouth freshman Anais Zhang, 18, never gave Asian American Studies much thought until she was assigned to write about it for the school newspaper after the Atlanta-area massage business shootings. In her research, Zhang learned of all the attempts to start a program that ultimately went nowhere. It left her frustrated.“I talked to a lot of my friends about the article and my shock at how we really don’t have an institutionalized program and just my reaction learning about how previous students had put so much effort in petitioning the college and hiring professors … only to have this support trickle away and have all this progress undone in the subsequent years,” Zhang said.A lot of times fledgling ethnic studies programs decline because junior professors who aren’t full time or permanent have to carry them, according to Dhingra.“It’s just creating extra labor for faculty that burns people out and it isn’t able to grow because it wasn’t created with enough infrastructure in the first place,” Dhingra said.At the University of Arizona in Tucson, an Asian Pacific American Studies minor launched last month. While it is an “example of the way the university is combating anti-Asian hate and ignorance,” it was a culmination of efforts that started several years before the pandemic, said Brett Esaki, an assistant professor who helped come up with the coursework.“The short- and long-term goals are definitely about stability,” said Esaki, who is not tenured. “We can’t just hope for another disaster to get people to say, ‘You’re important.’” ___Tang reported from Phoenix and is a member of The Associated Press’ Race and Ethnicity team. Follow her on Twitter at https://twitter.com/ttangAP







Read All

Categories
Genel

US climate envoy Kerry meets with pope on climate crisis From “Yahoo News – Latest News & Headlines”



VATICAN CITY (AP) — John Kerry, President Joe Biden’s climate envoy, met privately with Pope Francis on Saturday, afterward calling the pope a “compelling moral authority on the subject of the climate crisis” who has been “ahead of the curve.”The former U.S. Secretary of State told Vatican News that the pope’s embrace of climate issues “hopefully can push people to greater ambition to get the job done.”Kerry is visiting European capitals to strengthen cooperation on climate change ahead of the next round of U.N. climate talks in Glasgow this November.Kerry said United States, the second-largest emitter of greenhouse gases after China, must take a lead in cutting emissions and be joined by other big emitting countries.“Everybody shares an obligation here. No one country can get this job done. If the United States was at zero emissions tomorrow, we’d still have crisis,” Kerry said.The United States, which is responsible for 11% of the world’s greenhouse gas emissions, has set a target under Biden of reducing emissions over the next decade by 50% to 52%, Kerry said.Another 20 developed countries are responsible for 73.75% of emissions, he added.“We need other big emitting countries to step up and also offer some reductions. You can’t just keep going along with a coal-fired power plant or with more coal coming online and really be the part of the solution that we need,’’ Kerry said.___Follow all AP stories on climate change at https://apnews.com/hub/climate.







Read All

Categories
Genel

Palestinian march in Paris defies ban, is met by tear gas From “Yahoo News – Latest News & Headlines”



Palestinian march in Paris defies ban, is met by tear gas







Read All

Categories
Genel

Ethiopia again delays national election amid deadly tensions From “Yahoo News – Latest News & Headlines”



The New York TimesPipeline Attack Yields Urgent Lessons About U.S. CybersecurityFor years, government officials and industry executives have run elaborate simulations of a targeted cyberattack on the power grid or gas pipelines in the United States, imagining how the country would respond. But when the real, this-is-not-a-drill moment arrived, it didn’t look anything like the war games. Sign up for The Morning newsletter from the New York Times The attacker was not a terror group or a hostile state like Russia, China or Iran, as had been assumed in the simulations. It was a criminal extortion ring. The goal was not to disrupt the economy by taking a pipeline offline but to hold corporate data for ransom. The most visible effects — long lines of nervous motorists at gas stations — stemmed not from a government response but from a decision by the victim, Colonial Pipeline, which controls nearly half the gasoline, jet fuel and diesel flowing along the East Coast, to turn off the spigot. It did so out of concern that the malware that had infected its back-office functions could make it difficult to bill for fuel delivered along the pipeline or even spread into the pipeline’s operating system. What happened next was a vivid example of the difference between tabletop simulations and the cascade of consequences that can follow even a relatively unsophisticated attack. The aftereffects of the episode are still playing out, but some of the lessons are already clear, and they demonstrate how far the government and private industry have to go in preventing and dealing with cyberattacks and in creating rapid backup systems for when critical infrastructure goes down. In this case, the long-held belief that the pipeline’s operations were totally isolated from the data systems that were locked up by DarkSide, a ransomware gang believed to be operating out of Russia, turned out to be false. And the company’s decision to turn off the pipeline touched off a series of dominoes including panic buying at the pumps and a quiet fear inside the government that the damage could spread quickly. A confidential assessment prepared by the Energy and Homeland Security Departments found that the country could only afford another three to five days with the Colonial pipeline shut down before buses and other mass transit would have to limit operations because of a lack of diesel fuel. Chemical factories and refinery operations would also shut down, because there would be no way to distribute what they produced, the report said. And while President Joe Biden’s aides announced efforts to find alternative ways to haul gasoline and jet fuel up the East Coast, none were immediately in place. There was a shortage of truck drivers and of tanker cars for trains. “Every fragility was exposed,” said Dmitri Alperovitch, who co-founded CrowdStrike, a cybersecurity firm, and chairs the think tank Silverado Policy Accelerator. “We learned a lot about what could go wrong. Unfortunately, so did our adversaries.” The list of lessons is long. Colonial, a private company, may have thought it had an impermeable wall of protections, but it was easily breached. Even after it paid the extortionists nearly $5 million in digital currency to recover its data, the company found that the process of decrypting its data and turning the pipeline back on was agonizingly slow, meaning it will still be days before the East Coast gets back to normal. “This is not like flicking on a light switch,” Biden said Thursday, noting that the 5,500-mile pipeline had never before been shut down. For the administration, the event proved a perilous week in crisis management. Biden told aides, one recalled, that nothing could wreak political damage faster than television images of gas lines and rising prices, with the inevitable comparison to Jimmy Carter’s worse moments as president. Biden feared that, unless the pipeline resumed operations, panic receded and price gouging was nipped in the bud, the situation would feed concerns that the economic recovery is still fragile and that inflation is rising. Beyond the flurry of actions to get oil moving on trucks, trains and ships, Biden published a long-gestating executive order that, for the first time, seeks to mandate changes in cybersecurity. And he suggested that he was willing to take steps that the Obama administration hesitated to take during the 2016 election hacks — direct action to strike back at the attackers. “We’re also going to pursue a measure to disrupt their ability to operate,” Biden said, a line that seemed to hint that U.S. Cyber Command, the military’s cyberwarfare force, was being authorized to kick DarkSide offline, much as it did to another ransomware group in the fall before the presidential election. Hours later, the group’s internet sites went dark. By early Friday, DarkSide and several other ransomware groups, including Babuk, which has hacked Washington D.C.’s police department, announced they were getting out of the game. DarkSide alluded to disruptive action by an unspecified law enforcement agency, though it was not clear if that was the result of U.S. action or pressure from Russia before Biden’s expected summit with President Vladimir Putin. And going quiet might simply have reflected a decision by the ransomware gang to frustrate retaliation efforts by shutting down its operations, perhaps temporarily. The Pentagon’s Cyber Command referred questions to the National Security Council, which declined to comment. The episode underscored the emergence of a new “blended threat,” one that may come from cybercriminals, but is often tolerated, and sometimes encouraged, by a nation that sees the attacks as serving its interests.That is why Biden singled out Russia — not as the culprit, but as the nation that harbors more ransomware groups than any other country. “We do not believe the Russian government was involved in this attack, but we do have strong reason to believe the criminals who did this attack are living in Russia,” Biden said. “We have been in direct communication with Moscow about the imperative for responsible countries to take action against these ransomware networks.” With DarkSide’s systems down, it is unclear how Biden’s administration would retaliate further, beyond possible indictments and sanctions, which have not deterred Russian cybercriminals before. Striking back with a cyberattack also carries its own risks of escalation. The administration also has to reckon with the fact that so much of America’s critical infrastructure is owned and operated by the private sector and remains ripe for attack. “This attack has exposed just how poor our resilience is,” said Kiersten E. Todt, managing director of the nonprofit Cyber Readiness Institute. “We are overthinking the threat, when we’re still not doing the bare basics to secure our critical infrastructure.” The good news, some officials said, was that Americans got a wake-up call. Congress came face-to-face with the reality that the federal government lacks the authority to require the companies that control more than 80% of the nation’s critical infrastructure to adopt minimal levels of cybersecurity. The bad news, they said, was that U.S. adversaries — not only superpowers but terrorists and cybercriminals — learned just how little it takes to incite chaos across a large part of the country, even if they do not break into the core of the electric grid, or the operational control systems that move gasoline, water and propane around the country. Something as basic as a well-designed ransomware attack may easily do the trick, while offering plausible deniability to states like Russia, China and Iran that often tap outsiders for sensitive cyberoperations. It remains a mystery how DarkSide first broke into Colonial’s business network. The privately held company has said virtually nothing about how the attack unfolded, at least in public. It waited four days before having any substantive discussions with the administration, an eternity during a cyberattack. Cybersecurity experts also note that Colonial Pipeline would never have had to shut down its pipeline if it had more confidence in the separation between its business network and pipeline operations. “There should absolutely be separation between data management and the actual operational technology,” Todt said. “Not doing the basics is frankly inexcusable for a company that carries 45% of gas to the East Coast.” Other pipeline operators in the United States deploy advanced firewalls between their data and their operations that only allow data to flow one direction, out of the pipeline, and would prevent a ransomware attack from spreading in. Colonial Pipeline has not said whether it deployed that level of security on its pipeline. Industry analysts say many critical infrastructure operators say installing such unidirectional gateways along a 5,500-mile pipeline can be complicated or prohibitively expensive. Others say the cost to deploy those safeguards are still cheaper than the losses from potential downtime. Deterring ransomware criminals, which have been growing in number and brazenness over the past few years, will certainly be more difficult than deterring nations. But this week made the urgency clear. “It’s all fun and games when we are stealing each other’s money,” said Sue Gordon, a former principal deputy director of national intelligence, and a longtime CIA analyst with a specialty in cyberissues, said at a conference held by The Cipher Brief, an online intelligence newsletter. “When we are messing with a society’s ability to operate, we can’t tolerate it.” This article originally appeared in The New York Times. © 2021 The New York Times Company







Read All

Categories
Genel

10 things you need to know today: May 15, 2021 From “Yahoo News – Latest News & Headlines”



1.Despite Israeli officials and Hamas signaling openness to a cease-fire on Friday, violence continued early Saturday when an Israeli air raid in Gaza City killed at least 10 Palestinians, reportedly mostly children, in a refugee camp. It appears to be the deadliest individual strike since the latest phase of the conflict broke out last week, The Associated Press reports. Later, an airstrike flattened a tower in Gaza, which housed both Al Jazeera and AP’s offices. People were reportedly notified to evacuate beforehand. Hamas said it was firing rockets at Tel Aviv in return. More than 130 people have been killed in Gaza, as well as eight people in Israel, since the violence began. Hady Amr, an envoy from the United States, arrived in Israel on Friday and is scheduled to join Israeli and Palestinians officials for de-escalation talks in Jerusalem on Saturday. [The Associated Press, BBC]2.State and local officials across the country are “scrambling” to adjust masking and social distancing guidelines and messaging, after the Centers for Disease Control and Prevention said that it was safe for people who have been fully vaccinated against COVID-19 to go without a mask or practicing social distancing in most situations, indoors or outdoors. Though existing mask policies vary greatly by city and state, officials spent much of Friday determining how to implement the CDC’s new guidelines, or whether they should continue to advise masking. As of Friday, 36 percent of adults in the U.S. are fully vaccinated against COVID-19, while 64 percent are not. One of the major points of confusion for local officials in implementing the new guideline is how to determine who is vaccinated. [The New York Times]3.Rep. Elise Stefanik (R-N.Y.) has officially replaced Rep. Liz Cheney (R-Wyo.) as the new chair of the House Republican Conference. Republicans on Friday voted to elect Stefanik to Cheney’s former post after Cheney was ousted from that position this week for criticizing former President Donald Trump over his false claims of widespread voter fraud in the 2020 presidential election. Stefanik, meanwhile, is a Trump ally who has backed numerous false election claims he has made, and the former president endorsed her for the leadership position. She thanked Trump for his support after the vote, calling him a “critical part of our Republican team.” Cheney has vowed to continue her fight against Trump and ensure he doesn’t serve another term as president. [C-SPAN, Axios]Story continues4.Joel Greenberg, Rep. Matt Gaetz’s (R-Fla.) former confidant, has agreed to cooperate with prosecutors and admitted to sex trafficking a minor, The New York Times reports. Greenberg, a former Florida tax collector, reached a deal with prosecutors to plead guilty to six federal charges against him, including sex trafficking of a child. He admitted that he and others paid a 17-year-old girl for sex, saying that he “introduced the minor to other adult men, who engaged in commercial sex acts” with her. Prosecutors reportedly say they have evidence corroborating Greenberg’s admissions. Gaetz has been facing an investigation into whether he had sex with a 17-year-old girl and violated sex trafficking laws. Though Greenberg didn’t implicate Gaetz by name in the new filings, according to the Times, he “has told investigators that Mr. Gaetz had sex with the girl and knew that she was being paid.” [ The New York Times, CNN]5.The China National Space Administration successfully landed its Zhurong rover on Mars on Saturday, state media reports, making China the third country after the United States and Soviet Union to touch down on the Red Planet (the 1971 Soviet mission failed shortly after landing.) Zhurong will eventually be deployed from the lander for a three-month mission in search of evidence of ancient life on Mars’ surface, much like the multiple NASA rovers that have scoured the planet over the years, including Perseverance, which made its way to Earth’s neighbor earlier this year. The landing is considered a major advancement for China’s space program. [CNN, The South China Morning Post]6.Walmart, Sam’s Club, Costco, Trader Joe’s, and Publix on Friday were among the first major retailers to announce that shoppers fully vaccinated against COVID-19 would no longer have to wear masks in their stores, unless required by state or local law. The change in company policies comes after the Centers for Disease Control and Prevention updated its guidelines earlier this week to say that it’s safe for vaccinated people to go maskless indoors in most cases. People who have not received their shots will still need to wear face coverings, though it’s not clear how the stores will verify who has been vaccinated. Several other major retailers, including Apple and Target, are keeping their mask requirements in place for now, but said they could update the policies soon. [CNBC, USA Today]7.South Carolina officials on Friday released hours of police body-camera footage, which shows a Charleston County sheriff’s deputy repeatedly tasing Jamal Sutherland, a 31-year-old Black man, before he died in custody in January. Sutherland was arrested after a fight broke out at the psychiatric facility were he was receiving mental health treatment, and the next morning two deputies were trying to remove him from his cell for a bond hearing when one deployed a taser. Sutherland was pronounced dead over an hour later, and the county coroner’s office said the cause of death was an “excited state with adverse pharmacotherapeutic effect during subdual process.” Charleston County Sheriff Kristin Graziano said she has implemented changes to bond hearing protocol, including allowing detainees to waive their appearances at hearings and adding technology to allow for remote hearings. She also promised to improve the department’s response to mental health needs. [CNN, NBC News]8.Rep. Alexandria Ocasio-Cortez (D-N.Y.) described Rep. Marjorie Taylor Greene (R-Ga.) as a “deeply unwell” person who “clearly needs some help” as video of Greene harassing her office in 2019 resurfaced. CNN on Friday reported on a since-deleted Facebook Live video showing Greene outside of Ocasio-Cortez’s locked office door taunting her staff through a mailbox slot during a Capitol Hill visit in Feb. 2019, before she was elected to Congress. Earlier this week, Greene “aggressively confronted” Ocasio-Cortez as she exited the House chamber, shouting at her in an incident House Speaker Nancy Pelosi (D-Calif.) described as a “verbal assault” that should “probably” be investigated by the House Ethics Committee. “Her fixation has lasted for several years now,” Ocasio-Cortez said Friday. “At this point, I think the depth of that unwellness has raised concerns for other members as well.” [CNN, The Washington Post]9.Ebrahim Raisi, Iran’s judiciary chief, registered Saturday as a candidate in the country’s upcoming presidential election. The cleric is considered a hard-liner, as opposed to the more moderate incumbent President Hassan Rouhani, and a close ally of Supreme Leader Ayatollah Ali Khamenei. His ties with Khamenei, his role in a televised anti-corruption campaign, and the fact that Iran’s hard-liners are considered to hold an edge, may make Raisi the favorite going into the race, The Associated Press reports. In a statement Saturday, Raisi said he would fight “poverty and corruption, humiliation and discrimination” and run a “popular administration for a powerful Iran” if elected. Raisi has never publicly acknowledged his role on a panel involved in the mass execution of thousands of prisoners at the end of the Iran-Iraq War in 1988. [The Associated Press]10.Medina Spirit, the winner of the Kentucky Derby, has been cleared to run in the Preakness Stakes, the second leg of horse racing’s Triple Crown, on Saturday after passing three prerace drug tests. Medina Spirit, trained by Bob Baffert, failed a post-Derby drug test, which led to Baffert’s suspension from Churchill Downs and skepticism about whether the horse would run at Pimlico Race Course in Baltimore this weekend. Medina Spirit’s stablemate and fellow Baffert trainee, Concert Tour, also passed the three tests agreed upon by Baffert and Maryland racing officials. The race will begin at 6:47 p.m. ET on Saturday. As of Friday night, Midnight Bourbon had supplanted Medina Spirit as the betting favorite. [ESPN]More stories from theweek.com7 scathingly funny cartoons about Liz Cheney’s ousterThere’s growing speculation that Meghan Markle and Prince Harry will name their daughter ‘Philippa’Republicans’ dishonest war against ‘critical race theory’







Read All

Categories
Genel

Pipeline Attack Yields Urgent Lessons About U.S. Cybersecurity From “Yahoo News – Latest News & Headlines”



President Joe Biden speaks about the Colonial Pipeline hack from the White House in Washington, May 13, 2021. (T.J. Kirkpatrick/The New York Times)For years, government officials and industry executives have run elaborate simulations of a targeted cyberattack on the power grid or gas pipelines in the United States, imagining how the country would respond.But when the real, this-is-not-a-drill moment arrived, it didn’t look anything like the war games.Sign up for The Morning newsletter from the New York TimesThe attacker was not a terror group or a hostile state like Russia, China or Iran, as had been assumed in the simulations. It was a criminal extortion ring. The goal was not to disrupt the economy by taking a pipeline offline but to hold corporate data for ransom.The most visible effects — long lines of nervous motorists at gas stations — stemmed not from a government response but from a decision by the victim, Colonial Pipeline, which controls nearly half the gasoline, jet fuel and diesel flowing along the East Coast, to turn off the spigot. It did so out of concern that the malware that had infected its back-office functions could make it difficult to bill for fuel delivered along the pipeline or even spread into the pipeline’s operating system.What happened next was a vivid example of the difference between tabletop simulations and the cascade of consequences that can follow even a relatively unsophisticated attack. The aftereffects of the episode are still playing out, but some of the lessons are already clear, and they demonstrate how far the government and private industry have to go in preventing and dealing with cyberattacks and in creating rapid backup systems for when critical infrastructure goes down.In this case, the long-held belief that the pipeline’s operations were totally isolated from the data systems that were locked up by DarkSide, a ransomware gang believed to be operating out of Russia, turned out to be false. And the company’s decision to turn off the pipeline touched off a series of dominoes including panic buying at the pumps and a quiet fear inside the government that the damage could spread quickly.Story continuesA confidential assessment prepared by the Energy and Homeland Security Departments found that the country could only afford another three to five days with the Colonial pipeline shut down before buses and other mass transit would have to limit operations because of a lack of diesel fuel. Chemical factories and refinery operations would also shut down, because there would be no way to distribute what they produced, the report said.And while President Joe Biden’s aides announced efforts to find alternative ways to haul gasoline and jet fuel up the East Coast, none were immediately in place. There was a shortage of truck drivers and of tanker cars for trains.“Every fragility was exposed,” said Dmitri Alperovitch, who co-founded CrowdStrike, a cybersecurity firm, and chairs the think tank Silverado Policy Accelerator. “We learned a lot about what could go wrong. Unfortunately, so did our adversaries.”The list of lessons is long. Colonial, a private company, may have thought it had an impermeable wall of protections, but it was easily breached. Even after it paid the extortionists nearly $5 million in digital currency to recover its data, the company found that the process of decrypting its data and turning the pipeline back on was agonizingly slow, meaning it will still be days before the East Coast gets back to normal.“This is not like flicking on a light switch,” Biden said Thursday, noting that the 5,500-mile pipeline had never before been shut down.For the administration, the event proved a perilous week in crisis management. Biden told aides, one recalled, that nothing could wreak political damage faster than television images of gas lines and rising prices, with the inevitable comparison to Jimmy Carter’s worse moments as president.Biden feared that, unless the pipeline resumed operations, panic receded and price gouging was nipped in the bud, the situation would feed concerns that the economic recovery is still fragile and that inflation is rising.Beyond the flurry of actions to get oil moving on trucks, trains and ships, Biden published a long-gestating executive order that, for the first time, seeks to mandate changes in cybersecurity.And he suggested that he was willing to take steps that the Obama administration hesitated to take during the 2016 election hacks — direct action to strike back at the attackers.“We’re also going to pursue a measure to disrupt their ability to operate,” Biden said, a line that seemed to hint that U.S. Cyber Command, the military’s cyberwarfare force, was being authorized to kick DarkSide offline, much as it did to another ransomware group in the fall before the presidential election.Hours later, the group’s internet sites went dark. By early Friday, DarkSide and several other ransomware groups, including Babuk, which has hacked Washington D.C.’s police department, announced they were getting out of the game.DarkSide alluded to disruptive action by an unspecified law enforcement agency, though it was not clear if that was the result of U.S. action or pressure from Russia before Biden’s expected summit with President Vladimir Putin. And going quiet might simply have reflected a decision by the ransomware gang to frustrate retaliation efforts by shutting down its operations, perhaps temporarily.The Pentagon’s Cyber Command referred questions to the National Security Council, which declined to comment.The episode underscored the emergence of a new “blended threat,” one that may come from cybercriminals, but is often tolerated, and sometimes encouraged, by a nation that sees the attacks as serving its interests.That is why Biden singled out Russia — not as the culprit, but as the nation that harbors more ransomware groups than any other country.“We do not believe the Russian government was involved in this attack, but we do have strong reason to believe the criminals who did this attack are living in Russia,” Biden said. “We have been in direct communication with Moscow about the imperative for responsible countries to take action against these ransomware networks.”With DarkSide’s systems down, it is unclear how Biden’s administration would retaliate further, beyond possible indictments and sanctions, which have not deterred Russian cybercriminals before. Striking back with a cyberattack also carries its own risks of escalation.The administration also has to reckon with the fact that so much of America’s critical infrastructure is owned and operated by the private sector and remains ripe for attack.“This attack has exposed just how poor our resilience is,” said Kiersten E. Todt, managing director of the nonprofit Cyber Readiness Institute. “We are overthinking the threat, when we’re still not doing the bare basics to secure our critical infrastructure.”The good news, some officials said, was that Americans got a wake-up call. Congress came face-to-face with the reality that the federal government lacks the authority to require the companies that control more than 80% of the nation’s critical infrastructure to adopt minimal levels of cybersecurity.The bad news, they said, was that U.S. adversaries — not only superpowers but terrorists and cybercriminals — learned just how little it takes to incite chaos across a large part of the country, even if they do not break into the core of the electric grid, or the operational control systems that move gasoline, water and propane around the country.Something as basic as a well-designed ransomware attack may easily do the trick, while offering plausible deniability to states like Russia, China and Iran that often tap outsiders for sensitive cyberoperations.It remains a mystery how DarkSide first broke into Colonial’s business network. The privately held company has said virtually nothing about how the attack unfolded, at least in public. It waited four days before having any substantive discussions with the administration, an eternity during a cyberattack.Cybersecurity experts also note that Colonial Pipeline would never have had to shut down its pipeline if it had more confidence in the separation between its business network and pipeline operations.“There should absolutely be separation between data management and the actual operational technology,” Todt said. “Not doing the basics is frankly inexcusable for a company that carries 45% of gas to the East Coast.”Other pipeline operators in the United States deploy advanced firewalls between their data and their operations that only allow data to flow one direction, out of the pipeline, and would prevent a ransomware attack from spreading in.Colonial Pipeline has not said whether it deployed that level of security on its pipeline. Industry analysts say many critical infrastructure operators say installing such unidirectional gateways along a 5,500-mile pipeline can be complicated or prohibitively expensive. Others say the cost to deploy those safeguards are still cheaper than the losses from potential downtime.Deterring ransomware criminals, which have been growing in number and brazenness over the past few years, will certainly be more difficult than deterring nations. But this week made the urgency clear.“It’s all fun and games when we are stealing each other’s money,” said Sue Gordon, a former principal deputy director of national intelligence, and a longtime CIA analyst with a specialty in cyberissues, said at a conference held by The Cipher Brief, an online intelligence newsletter. “When we are messing with a society’s ability to operate, we can’t tolerate it.”This article originally appeared in The New York Times.© 2021 The New York Times Company







Read All

Categories
Genel

Back-to-back tornadoes kill 12 in China; over 300 injured From “Yahoo News – Latest News & Headlines”



BEIJING (AP) — Back-to-back tornadoes killed 12 people in central and eastern China and left more than 300 others injured, authorities said Saturday.Eight people died in the inland city of Wuhan on Friday night and four others in the town of Shengze, about 400 kilometers (250 miles) east in Jiangsu province, local governments said.The first tornado struck Shengze about 7 p.m., damaging homes and factories and knocking out power, the official Xinhua News Agency reported. The Suzhou city government, which oversees the town, said in a social media post that four people had died and 149 others had minor injuries. Shengze is near Shanghai on China’s east coast.Another tornado hit Wuhan at about 8:40 p.m. with winds of 86 kilometers (53 miles) per hour, destroying more than two dozen homes and triggering a power outage affecting 26,600 households, Xinhua said. Officials in Wuhan said at a news conference Saturday that eight had died and 230 were injured.They said that 28 homes collapsed in Wuhan, another 130 were damaged and put economic losses at 37 million yuan ($5.7 million), the Hubei Daily newspaper said. Construction site sheds and two cranes were also damaged, while downed power lines knocked out electricity, Xinhua said.Photos showed a swarm of rescuers searching through building debris in Wuhan after midnight Friday and workers clearing metallic debris at a factory in Shengze in the morning.Wuhan is the city where COVID-19 was first detected in late 2019.Tornados are rare in China. In July 2019, a tornado killed six people in the northeastern Liaoning province, and another tornado the following month killed eight on the southern resort island of Hainan.In 2016, a tornado and accompanying hailstorm killed 98 people in the eastern Jiangsu province.







Read All

Categories
Genel

Court hands down death sentences From “Yahoo News – Latest News & Headlines”



Police vehicles were also destroyed in the clashes outside Martyrs’ StadiumTwenty-nine people have been sentenced to death in the Democratic Republic of Congo in connection with Eid violence that erupted in the capital, Kinshasa.One police officer was killed and dozens of others were injured in clashes between rival Muslim groups.They had gathered to mark the end of the fasting month of Ramadan, but fell out over who should lead the event.The death penalty is no longer applied in DR Congo and those found guilty will serve life sentences instead.Trial broadcast liveThe police had used tear gas and rubber bullets to disperse thousands of people who gathered outside the Martyrs’ Stadium in Kinshasa on Thursday for the Islamic holiday of Eid al-Fitr.Some of the officers injured in the violence are still in a critical condition, the authorities say.One of the officers wounded in the clashes pictured in a vehicle outside the stadium on ThursdayThe clashes were fuelled by a leadership dispute between two camps within the Muslim community.Forty-one people were arrested at the scene and were put on trial on Friday.The court session was broadcast live on television and went on all night.The Eid al-Fitr prayers usually pass off peacefully – this was the scene at Martyrs’ Stadium in 2017There were 31 convictions – 29 people were given the death sentence and two received five-year jail terms.Given the speed with which the sentences were passed there are bound to be concerns over the fairness of the trial, says BBC World Service Africa editor Will Ross.







Read All