Connect with us

Biz & IT

Europe’s antitrust chief, Margrethe Vestager, set for expanded role in next Commission

Published

on

As the antitrust investigations stack up on US tech giants’ home turf there’s no sign of pressure letting up across the pond.

European Commission president-elect Ursula von der Leyen today unveiled her picks for the next team of commissioners who will take up their mandates on November 1 — giving an expanded role to competition commissioner Margrethe Vestager. The pick suggests the next Commission is preparing to dial up its scrutiny of big tech’s data monopolies.

Under the draft list of commissioners-designate, which still needs to be approved in full by the European Parliament, Vestager has been named executive VP overseeing a new portfolio called ‘Europe fit for the digital age’.

But, crucially, she will also retain the competition portfolio — which implies attention on growing Europe’s digital economy will go hand in glove with scrutiny of fairness in ecommerce and ensuring a level playing field vs US platform giants.

“Executive vice-president Margrethe Vestager will lead our work on a Europe fit for the digital age,” said von der Leyen at a press conference to announce her picks. “Digitalization has a huge impact on the way we live, we work, we communicate. In some fields Europe has to catch up — for example in the field of business to consumer but in other fields we’re excellent. Europe is the frontrunner, for example in business to business, when we talk about digital twins of products and procedures.

“We have to make more out of the field of artificial intelligence. We have to make our single market a digital single market. We have to use way more the big data that is out there but we don’t make enough out of it. What innovation and startups are concerned. It’s not only need to know but it’s need to share big data. We have to improve on cyber security. We have to work hard on our technological sovereignty just to name a few issues in these broad topics.

“Margrethe Vestager will co-ordinate the whole agenda. And be the commissioner for competition. She will work together with the commissioner for internal market, innovation and youth, transport, energy, jobs, health and justice.”

If tech giants were hoping for Europe’s next Commission to pay a little less attention to question marks hanging over the fairness of their practices they’re likely to be disappointed as Vestager is set to gain expanded powers and a broader canvas to paint on. The new role clearly positions her to act on the review of competition policy she instigated towards the end of her current mandate — which focused on the challenges posed by digital markets.

Since taking over as Europe’s competition chief back in 2014, Vestager has made a name for herself by blowing the dust off the brief and driving forward on a series of regulatory interventions targeting tech giants including Amazon, Apple and Google . In the latter case this has included opening a series of fresh probes as well as nailing the very long running Google Shopping saga inherited from her predecessor.

The activity of the department under her mandate has clearly catalyzed complainants — creating a pipeline of cases for her to tackle. And just last month Reuters reported she had been preparing an “intensive” handover of work looking into complaints against Google’s job search product to her successor — a handover that won’t now be necessary, assuming the EU parliament gives its backing to von der Leyen’s team.

While the competition commissioner has thus far generated the biggest headlines for the size of antitrust fines she’s handed down — including a record-breaking $5BN fine for Google last year for illegal restrictions attached to Android — her attention on big data holdings as a competition risk is most likely to worry tech giants going forward.

See, for example, the formal investigation of Amazon’s use of merchant data announced this summer for a sign of the direction of travel.

Vestager has also talked publicly about regulating data flows as being a more savvy route to control big tech versus swinging a break up hammer. And while — on the surface — regulating data might sound less radical a remedy than breaking giants like Google and Facebook up, placing hard limits on how data can be used has the potential to effect structural separation via a sort of regulatory keyhole surgery that’s likely to be quicker and implies a precision that may also make it more politically palatable.

That’s important given the ongoing EU-US trade friction kicked up by the Trump administration which is never shy of lashing out, especially at European interventions that seek to address some of the inequalities generated by tech giants — most recently Trump gave France’s digital tax plans a tongue-lashing.

von der Leyen was asked during the press conference whether Vestager might not been seen as a controversial choice given Trump’s views of her activity to date (Europe’s “tax lady” is one of the nicer things he’s said about Vestager). The EU president-elect dismissed the point saying the only thing that matters in assigning Commission portfolios is “quality and excellence”, adding that competition and digital is the perfect combination to make the most of Vestager’s talents.

“Vestager has done an outstanding job as a commissioner for competition,” she went on. “At competition and the issues she’s tackling there are closely linked to the digital sector too. So having her as an executive vice-president for the digital in Europe is absolutely a perfect combination.

“She’ll have this topic as a cross-cutting topic. She’ll have to work on the Digital Single Market. She will work on the fact that we want to use in a better way big data that is out there, that we collect every day — non-personalized data. That we should use way better, in the need for example to share with others for innovation, for startups, for new ideas.

“She will work on the whole topic of cyber security. Which is the more we’re digitalized, the more we’re vulnerable. So there’s a huge field in front of her. And as she’s shown excellence in the Commission portfolio she’ll keep that — the executive vice-presidents have with the DGs muscles to deal with their vast portfolios’ subject they have to deal with.”

In other choices announced today, the current commissioner for Digital Economy and Society, Mariya Gabriel, will be taking up a new portfolio called ‘Innovation and Youth’. And Sylvie Goulard was named as ‘Internal Market’ commissioner, leading on industrial policy and promoting the Digital Single Market, as well as getting responsibility for Defence Industry and Space.

Another executive VP choice, Valdis Dombrovskis, looks likely to be tackling thorny digital taxation issues — with responsibility for co-ordinating the Commission’s work on what’s been dubbed an “Economy that Works for People”, as well as also being commissioner for financial services. 

In prepared remarks on that role, von der Leyen said: We have a unique social market economy. It is the source of our prosperity and social fairness. This is all the more important when we face a twin transition: climate and digital. Valdis Dombrovskis will lead our work to bring together the social and the market in our economy.”

Frans Timmermans, who was previously in the running as a possible candidate for Commission president but lost out to von der Leyen, is another exec VP pick. He’s set to be focused on delivering a European Green Deal and managing climate action policy.

Another familiar face — current justice, consumer and gender affairs commissioner, Věra Jourová — has also been named as an exec VP, gaining responsibility for “Values and Transparency”, a portfolio title which suggests she’ll continue to be involved in EU efforts to combat online disinformation on platforms.

The rest of the Commission portfolio appointments can be found here.

There are 26 picks in all — 27 counting von der Leyen who has already been confirmed as president; one per EU country. The UK has no representation in the next Commission given it is due to leave the bloc on October 31, the day before the new Commission takes up its mandate.

von der Leyen touted the team she presented today as balanced and diverse, including on gender lines as well as geographically to take account of the full span of European Union members.

“It draws on all the strength and talents, men and women, experienced and young, east and west, south and north, a team that is well balanced, a team that brings together diversity of experience and competence,” she said. “I want a Commission that is led with determination, that is clearly focused on the issues at hand — and that provides answers.”

“There’s one fundamental that connects this team: We want to bring new impetus to Europe’s democracy,” she added. “This is our joint responsibility. And democracy is more than voting in elections in every five years; it is about having your voice heard. It’s about having been able to participate in the way our society’s built. We gave to address some of the deeper issues in our society that have led to a loss of faith in democracy.”

In a signal of her intention that the new Commission should “walk the talk” on making Europe fit for the digital age she announced that college meetings will be paperless and digital.

On lawmaking, she added that there will be a one-in, one-out policy — with any new laws and regulation supplanting an existing rule in a bid to cut red tape.

The shape of the next Commission remains in draft pending approval by the European Parliament to all the picks. The parliament must vote to accept the entire college of commissioners — a process that’s preceded by hearings of the commissioners-designate in relevant parliamentary committees.

Source link



Source link

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published.

Biz & IT

Cyberattack on Albanian government suggests new Iranian aggression

Published

on

Enlarge / Tirane, Albania.

Pawel Toczynski | Getty Images

In mid-July, a cyberattack on the Albanian government knocked out state websites and public services for hours. With Russia’s war raging in Ukraine, the Kremlin might seem like the likeliest suspect. But research published on Thursday by the threat intelligence firm Mandiant attributes the attack to Iran. And while Tehran’s espionage operations and digital meddling have shown up all over the world, Mandiant researchers say that a disruptive attack from Iran on a NATO member is a noteworthy escalation.

The digital attacks targeting Albania on July 17 came ahead of the “World Summit of Free Iran,” a conference scheduled to convene in the town of Manëz in western Albania on July 23 and 24. The summit was affiliated with the Iranian opposition group Mujahadeen-e-Khalq, or the People’s Mojahedin Organization of Iran (often abbreviated MEK, PMOI, or MKO). The conference was postponed the day before it was set to begin because of reported, unspecified “terrorist” threats.

Mandiant researchers say that attackers deployed ransomware from the Roadsweep family and may have also utilized a previously unknown backdoor, dubbed Chimneysweep, as well as a new strain of the Zeroclear wiper. Past use of similar malware, the timing of the attacks, other clues from the Roadsweep ransomware note, and activity from actors claiming responsibility for the attacks on Telegram all point to Iran, Mandiant says.

“This is an aggressive escalatory step that we have to recognize,” says John Hultquist, Mandiant’s vice president of intelligence. “Iranian espionage happens all the time all over the world. The difference here is this isn’t espionage. These are disruptive attacks, which affect the lives of everyday Albanians who live within the NATO alliance. And it was essentially a coercive attack to force the hand of the government.”

Iran has conducted aggressive hacking campaigns in the Middle East and particularly in Israel, and its state-backed hackers have penetrated and probed manufacturing, supply, and critical infrastructure organizations. In November 2021, the US and Australian governments warned that Iranian hackers were actively working to gain access to an array of networks related to transportation, health care, and public health entities, among others. “These Iranian government-sponsored APT actors can leverage this access for follow-on operations, such as data exfiltration or encryption, ransomware, and extortion,” the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency wrote at the time.

Tehran has limited how far its attacks have gone, though, largely keeping to data exfiltration and reconnaissance on the global stage. The country has, however, participated in influence operations, disinformation campaigns, and efforts to meddle in foreign elections, including targeting the US.

“We’ve become used to seeing Iran being aggressive in the Middle East where that activity just has never stopped, but outside of the Middle East they’ve been far more restrained,” Hultquist says. “I’m concerned that they may be more willing to leverage their capability outside of the region. And they clearly have no qualms about targeting NATO states, which suggests to me that whatever deterrents we believe exist between us and them may not exist at all.”

With Iran claiming that it now has the ability to produce nuclear warheads, and representatives from the country meeting with US officials in Vienna about a possible revival of the 2015 nuclear deal between the countries, any signal about Iran’s possible intentions and risk tolerance when it comes to dealing with NATO are significant.

This story originally appeared on wired.com.

Continue Reading

Biz & IT

“Huge flaw” threatens US emergency alert system, DHS researcher warns

Published

on

Enlarge / Obstruction light with bokeh city background

The US Department of Homeland Security is warning of vulnerabilities in the nation’s emergency broadcast network that makes it possible for hackers to issue bogus warnings over radio and TV stations.

“We recently became aware of certain vulnerabilities in EAS encoder/decoder devices that, if not updated to most recent software versions, could allow an actor to issue EAS alerts over the host infrastructure (TV, radio, cable network),” the DHS’s Federal Emergency Management Agency (FEMA) warned. “This exploit was successfully demonstrated by Ken Pyle, a security researcher at CYBIR.com, and may be presented as a proof of concept at the upcoming DEFCON 2022 conference in Las Vegas, August 11-14.”

Pyle told reporters at CNN and Bleeping Computer that the vulnerabilities reside in the Monroe Electronics R189 One-Net DASDEC EAS, an Emergency Alert System encoder and decoder. TV and radio stations use the equipment to transmit emergency alerts. The researcher told Bleeping Computer that “multiple vulnerabilities and issues (confirmed by other researchers) haven’t been patched for several years and snowballed into a huge flaw.”

“When asked what can be done after successful exploitation, Pyle said: ‘I can easily obtain access to the credentials, certs, devices, exploit the web server, send fake alerts via crafts message, have them valid / pre-empting signals at will. I can also lock legitimate users out when I do, neutralizing or disabling a response,’” Bleeping Computer added.

This isn’t the first time federal officials have warned of vulnerabilities in the emergency alert system.

Continue Reading

Biz & IT

North Korea-backed hackers have a clever way to read your Gmail

Published

on

Getty Images

Researchers have unearthed never-before-seen malware that hackers from North Korea have been using to surreptitiously read and download email and attachments from infected users’ Gmail and AOL accounts.

The malware, dubbed SHARPEXT by researchers from security firm Volexity, uses clever means to install a browser extension for the Chrome and Edge browsers, Volexity reported in a blog post. The extension can’t be detected by the email services, and since the browser has already been authenticated using any multifactor authentication protections in place, this increasingly popular security measure plays no role in reining in the account compromise.

The malware has been in use for “well over a year,” Volexity said, and is the work of a hacking group the company tracks as SharpTongue. The group is sponsored by North Korea’s government and overlaps with a group tracked as Kimsuky by other researchers. SHARPEXT is targeting organizations in the US, Europe, and South Korea that work on nuclear weapons and other issues North Korea deems important to its national security.

Volexity President Steven Adair said in an email that the extension gets installed “by way of spear phishing and social engineering where the victim is fooled into opening a malicious document. Previously we have seen DPRK threat actors launch spear phishing attacks where the entire objective was to get the victim to install a browser extension vs it being a post exploitation mechanism for persistence and data theft.” In its current incarnation, the malware works only on Windows, but Adair said there’s no reason it couldn’t be broadened to infect browsers running on macOS or Linux, too.

The blog post added: “Volexity’s own visibility shows the extension has been quite successful, as logs obtained by Volexity show the attacker was able to successfully steal thousands of emails from multiple victims through the malware’s deployment.”

Installing a browser extension during a phishing operation without the end-user noticing isn’t easy. SHARPEXT developers have clearly paid attention to research like what’s published here, here, and here, which shows how a security mechanism in the Chromium browser engine prevents malware from making changes to sensitive user settings. Each time a legitimate change is made, the browser takes a cryptographic hash of some of the code. At startup, the browser verifies the hashes, and if any of them don’t match, the browser requests the old settings be restored.

For attackers to work around this protection, they must first extract the following from the computer they’re compromising:

  • A copy of the resources.pak file from the browser (which contains the HMAC seed used by Chrome)
  • The user’s S-ID value
  • The original Preferences and Secure Preferences files from the user’s system

After modifying the preference files, SHARPEXT automatically loads the extension and executes a PowerShell script that enables DevTools, a setting that allows the browser to run customized code and settings.

“The script runs in an infinite loop checking for processes associated with the targeted browsers,” Volexity explained. “If any targeted browsers are found running, the script checks the title of the tab for a specific keyword (for example’ 05101190,’ or ‘Tab+’ depending on the SHARPEXT version). The specific keyword is inserted into the title by the malicious extension when an active tab changes or when a page is loaded.”

Volexity

The post continued:

The keystrokes sent are equivalent to Control+Shift+J, the shortcut to enable the DevTools panel. Lastly, the PowerShell script hides the newly opened DevTools window by using the ShowWindow() API and the SW_HIDE flag. At the end of this process, DevTools is enabled on the active tab, but the window is hidden.

In addition, this script is used to hide any windows that could alert the victim. Microsoft Edge, for example, periodically displays a warning message to the user (Figure 5) if extensions are running in developer mode. The script constantly checks if this window appears and hides it by using the ShowWindow() and the SW_HIDE flag.

Volexity

Once installed, the extension can perform the following requests:

HTTP POST Data Description
mode=list List previously collected email from the victim to ensure duplicates are not uploaded. This list is continuously updated as SHARPEXT executes.
mode=domain List email domains with which the victim has previously communicated. This list is continuously updated as SHARPEXT executes.
mode=black Collect a blacklist of email senders that should be ignored when collecting email from the victim.
mode=newD&d=[data] Add a domain to the list of all domains viewed by the victim.
mode=attach&name=[data]&idx=[data]&body=[data] Upload a new attachment to the remote server.
mode=new&mid=[data]&mbody=[data] Upload Gmail data to the remote server.
mode=attlist Commented by the attacker; receive an attachments list to be exfiltrated.
mode=new_aol&mid=[data]&mbody=[data] Upload AOL data to the remote server.

SHARPEXT allows the hackers to create lists of email addresses to ignore and to keep track of email or attachments that have already been stolen.

Volexity created the following summary of the orchestration of the various SHARPEXT components it analyzed:

Volexity

The blog post provides images, file names, and other indicators that trained people can use to determine if they have been targeted or infected by this malware. The company warned that the threat it poses has grown over time and isn’t likely to go away anytime soon.

“When Volexity first encountered SHARPEXT, it seemed to be a tool in early development containing numerous bugs, an indication the tool was immature,” the company said. “The latest updates and ongoing maintenance demonstrate the attacker is achieving its goals, finding value in continuing to refine it.”

Continue Reading

Trending