Connect with us

Social

As advertisers revolt, Facebook commits to flagging ‘newsworthy’ political speech that violates policy – TechCrunch

Published

on

As advertisers pull away from Facebook to protest the social networking giant’s hands-off approach to misinformation and hate speech, the company is instituting a number of stronger policies to woo them back.

In a livestreamed segment of the company’s weekly all-hands meeting, CEO Mark Zuckerberg recapped some of the steps Facebook is already taking, and announced new measures to fight voter suppression and misinformation — although they amount to things that other social media platforms like Twitter have already enacted and enforced in more aggressive ways.

At the heart of the policy changes is an admission that the company will continue to allow politicians and public figures to disseminate hate speech that does, in fact, violate the Facebook’s own guidelines — butit will add a label to denote they’re remaining on the platform because of their “newsworthy” nature.

It’s a watered down version of the more muscular stance that Twitter has taken to limit the ability of its network to amplify hate speech or statements that incite violence.

Zuckerberg said:

A handful of times a year, we leave up content that would otherwise violate our policies if the public interest value outweighs the risk of harm. Often, seeing speech from politicians is in the public interest, and in the same way that news outlets will report what a politician says, we think people should generally be able to see it for themselves on our platforms.

We will soon start labeling some of the content we leave up because it is deemed newsworthy, so people can know when this is the case. We’ll allow people to share this content to condemn it, just like we do with other problematic content, because this is an important part of how we discuss what’s acceptable in our society — but we’ll add a prompt to tell people that the content they’re sharing may violate our policies.

The problems with this approach are legion. Ultimately, it’s another example of Facebook’s insistence that with hate speech and other types of rhetoric and propaganda, the onus of responsibility is on the user.

Zuckerberg did emphasize that threats of violence or voter suppression are not allowed to be distributed on the platform whether or not they’re deemed newsworthy, adding that “there are no exceptions for politicians in any of the policies I’m announcing here today.”

But it remains to be seen how Facebook will define the nature of those threats — and balance that against the “newsworthiness” of the statement.

The steps around election year violence supplement other efforts that the company has taken to combat the spread of misinformation around voting rights on the platform.

 

The new measures that Zuckerberg announced also include partnerships with local election authorities to determine the accuracy of information and what is potentially dangerous. Zuckerberg also said that Facebook would ban posts that make false claims (like saying ICE agents will be checking immigration papers at polling places) or threats of voter interference (like “My friends and I will be doing our own monitoring of the polls”).

Facebook is also going to take additional steps to restrict hate speech in advertising.

“Specifically, we’re expanding our ads policy to prohibit claims that people from a specific race, ethnicity, national origin, religious affiliation, caste, sexual orientation, gender identity or immigration status are a threat to the physical safety, health or survival of others,” Zuckerberg said. “We’re also expanding our policies to better protect immigrants, migrants, refugees and asylum seekers from ads suggesting these groups are inferior or expressing contempt, dismissal or disgust directed at them.”

Zuckerberg’s remarks came days of advertisers— most recently Unilever and Verizon — announced that they’re going to pull their money from Facebook as part the #StopHateforProfit campaign organized by civil rights groups.

These some small, good steps from the head of a social network that has been recalcitrant in the face of criticism from all corners (except, until now. from the advertisers that matter most to Facebook). But they don’t do anything at about the teeming mass of misinformation that exists in the private channels that simmer below the surface of Facebook’s public facing messages, memes and commentary.

Continue Reading

Social

US government says North Korean hackers are targeting American healthcare organizations with ransomware – TechCrunch

Published

on

The FBI, CISA, and the U.S. Treasury Department are warning that North Korean state-sponsored hackers are using ransomware to target healthcare and public health sector organizations across the United States.

In a joint advisory published Wednesday, the U.S. government agencies said they had observed North Korean-backed hackers deploying Maui ransomware since at least May 2021 to encrypt servers responsible for healthcare services, including electronic health records, medical imaging, and entire intranets.

“The FBI assesses North Korean state-sponsored cyber actors have deployed Maui ransomware against Healthcare and Public Health Sector organizations,” the advisory reads. “The North Korean state-sponsored cyber actors likely assume healthcare organizations are willing to pay ransoms because these organizations provide services that are critical to human life and health. Because of this assumption, the FBI, CISA, and Treasury assess North Korean state-sponsored actors are likely to continue targeting [healthcare] organizations.”

The advisory notes that in many of the incidents observed and responded to by the FBI, the Maui ransomware caused disruption to healthcare services “for prolonged periods.”

Maui was first identified by Stairwell, a threat-hunting startup that aims to help organizations determine if they have been compromised, in early-April 2022. In an analysis of the ransomware, Stairwell principal reverse engineer Silas Cutler notes that Maui lacks many of the features commonly seen with tooling from ransomware-as-a-service (RaaS) providers, such as an embedded ransom note or automated means of transmitting encryption keys to attackers. Rather, Stairwell concludes that Maui is likely manually deployed across victims’ networks, with remote operators targeting specific files they want to encrypt.

North Korea has long used cryptocurrency-stealing operations to fund its nuclear weapons program. In an email, John Hultquist, vice president of Mandiant Intelligence, said that as a result “ransomware is a no-brainer” for the North Korean regime.

“Ransomware attacks against healthcare are an interesting development, in light of the focus these actors have made on this sector since the emergence of COVID-19. It is not unusual for an actor to monetize access which may have been initially garnered as part of a cyber espionage campaign,” said Hultquist. “We have noted recently that North Korean actors have shifted focus away from healthcare targets to other traditional diplomatic and military organizations. Unfortunately, healthcare organizations are also extraordinarily vulnerable to extortion of this type because of the serious consequences of a disruption,” he added.

The advisory, which also includes indicators of compromise (IOCs) and information on tactics, techniques and procedures (TTPs) employed in these attacks to help network defenders, urges organizations in the healthcare industries to strengthen their defenses by limiting access to data, turning off network device management interfaces, and by using monitoring tools to observe whether Internet of Things devices have become compromised.

“The FBI, along with our federal partners, remains vigilant in the fight against North Korea’s malicious cyber threats to our healthcare sector,” said FBI Cyber Division assistant director Bryan Vorndran. “We are committed to sharing information and mitigation tactics with our private sector partners to assist them in shoring up their defenses and protecting their systems.”

The U.S. government’s latest warning follows a spate of high-profile cyberattacks targeting healthcare organizations; University Medical Center Southern Nevada was hit by a ransomware attack in August 2021 that compromised files containing protected health information and personally identifiable information, and Eskenazi Health said in October that cybercriminals had access to their network for almost three months. Last month, Kaiser Permanente confirmed a breach of an employee’s email account led to the theft of 70,000 patient records.

Continue Reading

Social

Hotel giant Marriott confirms yet another data breach – TechCrunch

Published

on

Hotel group Marriott International has confirmed another data breach, with hackers claiming to have stolen 20 gigabytes of sensitive data including guests’ credit card information.

The incident, first reported by Databreaches.net Tuesday, is said to have happened in June when an unnamed hacking group claimed they used social engineering to trick an employee at a Marriott hotel Maryland into giving them access to their computer.

“Marriott International is aware of a threat actor who used social engineering to trick one associate at a single Marriott hotel into providing access to the associate’s computer,” Marriott spokesperson Melissa Froehlich Flood told TechCrunch in a statement. “The threat actor did not gain access to Marriott’s core network.”

Marriott said the hotel chain identified, and was investigating, the incident before the threat actor contacted the company in an extortion attempt, which Marriott said it did not pay.

The group claiming responsibility for the attack say the stolen data includes guests’ credit card information and confidential information about both guests and employees. Samples of the data provided to Databreaches.net purport to show reservation logs for airline crew members from January 2022 and names and other details of guests, as well as credit card information used to make bookings.

However, Marriott told TechCrunch that its investigation determined that the data accessed “primarily contained non-sensitive internal business files regarding the operation of the property.”

The company said that it is preparing to notify 300-400 individuals regarding the incident, and has already notified relevant law enforcement agencies.

This isn’t the first time Marriott has suffered a significant data breach. Hackers breached the hotel chain in 2014 to access almost 340 million guest records worldwide – an incident that went undetected until September 2018 and led to a £14.4 million ($24M) fine from the U.K’s Information Commissioner’s Office. In January 2020, Marriott was hacked again in a separate incident that affected around 5.2 million guests.

TechCrunch asked Marriott what cybersecurity protections it has in place to prevent such incidents from happening, but the company declined to answer.

Continue Reading

Social

Rivian says it’s on track to deliver 25,000 vehicles this year – TechCrunch

Published

on

Rivian said Wednesday the company produced 4,401 vehicles at its manufacturing facility in Normal, Illinois, and delivered 4,467 vehicles for the quarter ended June 30.

“These figures remain in line with the company’s expectations, and it believes it is on track to deliver on the 25,000 annual production guidance previously provided,” Rivian said in a statement.

In the first quarter of 2022, Rivian produced 2,553 vehicles and delivered 1,227 vehicles.

The production figures include a mix of the Rivian R1T pickup truck, R1S SUV and the commercial vans it is making for Amazon.

Developing...

Continue Reading

Trending