Month: March 2022

Dyson has taken its first step into wearable technology, with an eye-catching pair of over-ear headphones that come with an air-purifying mouth visor.

Best known for vacuum cleaners, Dyson has diversified in recent years with products such as fans and a hairdryer.

The headphones – dubbed Dyson Zone – are designed to tackle the growing issue of air pollution.

One reviewer said they would definitely “turn heads in the street”.

Britta O’Boyle, deputy editor at gadget publication Pocket-lint, wrote: “Their design is certainly eye catching.”

The sound quality was “excellent”, she told the BBC News, and the headphones had a “lovely construction”.

But as she had been unable to test the product outdoors, she could not say how effectively it would purify air or “how silly you feel wearing it”.

The headphones go on sale in the autumn.

“We don’t expect them to be cheap,” O’Boyle added.

Global problem
The noise-cancelling headphones come with a motor, fan and air filters in each ear cup.

Air is sucked through the filters, capturing allergens and pollutants such as nitrogen and sulphur dioxide and brake dust.

And this purified air is then channelled to the nose and mouth via the visor, which is magnetically attached to the bottom of the headphones.

It is 97% effective at getting clean air to the lungs, the company says.

Track breathing
There are four purification modes, depending on whether the wearer is walking down a street or sitting down.

The headphones use sensors to track breathing and exertion and then toggle between modes.

They also come with:

an app that lets users specify their location and determines when the filter needs replacing
a face covering comes that slots into the visor
The product has four hours’ battery life in low-filtration mode, according to Pocket-lint, or 1.5 hours in high filtration.

‘Fresh air’
Chief engineer Jake Dyson said: “Air pollution is a global problem – it affects us everywhere we go.”

“The Dyson Zone purifies the air your breathe on the move.

“And unlike face masks, it delivers a plume of fresh air without touching your face, using high-performance filters and two miniaturised air pumps.”

The non-contact aspect was a “must” for the designers, to avoid discomfort and irritation.

It was also a first foray into audio for Dyson engineers.

The Dyson Zone has been six years – and 500 prototypes – in the making

Originally, a snorkel-like mouthpiece was paired with a backpack holding the motor and inner workings.

The Verge called the finished product “bizarre”, stressing it was not an early April Fool’s joke.

“While mask wearing has been normalised considerably over the past two years, we’ll have to see whether customers will be willing to embrace this extremely odd-looking product,” it wrote.

Gadget publication Stuff.tv called it “the wildest gadget we’ve ever tried”.

And tech website Cnet said it looked “like something you’d see in a dystopian sci-fi movie”.

The National Cyber Security Centre has said more organisations should reconsider the risk of using Russian technology, including anti-virus software.

But in a blog post published today, it said that for most individual users it is safe to use Kaspersky’s software.

Germany recently suggested replacing Kaspersky anti-virus.

The Russia-headquartered firm said the German warnings were “made on political grounds”.

Critical Infrastructure.
In 2017, The UK’s National Cyber Security Centre (NCSC) announced it would write to all government departments, warning against using Kaspersky products for systems related to national security.

But in today’s blog post, the NCSC’s Ian Levy wrote: “We have no evidence that the Russian state intends to suborn Russian commercial products and services to cause damage to UK interests, but the absence of evidence is not evidence of absence.”

The centre is now urging more groups to reconsider their use of Russian controlled technology including:

wider public sector organisations that weren’t covered by its 2017 guidance
organisations providing services to Ukraine
organisations that if compromised could represent a PR ‘win’ for Russia
organisations providing services related to critical infrastructure

“We’ve not seen – and don’t expect to see – the massive, global cyber-attacks that some had predicted,” the NCSC’s Ian Levy says in his blog.

But the Ukraine conflict has changed the balance of risks.

The UK already had advice from a few years back regarding use of products like Kaspersky anti-virus but this was confined to those involved in national security.

German authorities issued a new tougher warning calling for Kaspersky products to be removed after the Ukraine conflict began, raising questions about whether the UK would follow.

And the NCSC started to get phone calls from members of the public worried about turning their laptops on because they ran Kaspersky.

That has now led to a broader warning that a wider range of institutions – like those in critical infrastructure or who might be the targets of Russian retaliation – should think carefully about using any Russian products.

But this new advice still does not apply to the general public – who are not thought to be at direct risk.

2px presentational grey line
German warnings
Earlier in March, Germany’s Federal Office for Information Security (BSI) said that against the backdrop of the invasion of Ukraine and threats against Nato and the EU, Russian IT manufacturers could be forced against their will “to attack target systems, or be spied on as a victim of a cyber-operation without its knowledge or as a tool for attacks against its own customers,”

The BSI found no evidence of current problems with Kaspersky products but recommended its anti-virus products were replaced with alternatives – but carefully, to avoid weakening defences.

In response, the firm said the BSI decision was “not based on a technical assessment of Kaspersky products”, and as a private global cyber-security company it “does not have any ties to the Russian or any other government”.

It added: “The security and integrity of our data services and engineering practices have been confirmed by independent third-party assessments.”

But the German warning raised the level of public concern, which the NCSC has sought to address.

“It almost certainly remains the case that nearly all individuals in the UK (and many enterprises) are not going to be targeted by Russian cyber-attack, regardless of whether they use Russian products and services” Mr Levy wrote.

“If your personal laptop uses Kaspersky AV (or other products) it’s highly unlikely to be directly targeted…it’s safe to turn on and use at the moment.”

Ukraine’s national telecoms operator Ukrtelecom is restoring internet services after driving back a major cyber-attack.

The company said it restricted customer access to protect military users and critical infrastructure.

Global internet monitor Netblocks said it was the most severe disruption to affect Ukrtelecom since Russia’s invasion of Ukraine started last month.

Netblocks said it saw a collapse in connectivity to 13% of pre-war levels.

However, Ukrainian users on different internet providers, who spoke to the BBC, reported no problems.

Ukrtelecom says it is the country’s biggest provider of fixed internet in terms of geographical coverage, but second after Kyivstar in terms of number of clients.

It told the BBC it had been operating at about 80% of its full coverage because of damage caused by the Russian invasion.

In a statement Ukrtelecom chief executive Yuriy Kurmaz wrote that a powerful enemy cyber attack was carried out on Ukrtelecom’s IT infrastructure.

“In order to protect the critical network infrastructure and not interrupt services to the Armed Forces, other military bodies and users of critical infrastructure, we were forced to temporarily restrict internet access to most private users and business customers,” he added.

Mr Kurmaz said the attack had been successfully repulsed and the provision of services was being gradually resumed.

Yuriy Shchyhol head of Ukraine’s State Service for Special Communication and Information Protection said that its specialists had responded quickly to the situation, and had driven-back the attack.

Before the company revealed details of the incident, Alp Toker, director of Netblocks, told the BBC they had observed users, “falling offline progressively over the course of the day, which indicates that the issue lies not with cabling or interconnections, but rather with central infrastructure at the operator’s data centre. This can indicate a cyber-attack”.

The BBC is not responsible for the content of external sites.
View original tweet on Twitter
“This also means that the incident has nation-scale impact, reaching beyond the most heated conflict zones which have so far taken the brunt of Ukraine’s network disruptions and outages.”

However, Mr Toker said connectivity had remained available through other mobile networks and providers.

Russia is believed to have hacked US satellite communications provider Viasat on the day of its invasion of Ukraine.

Western intelligence agencies have been investigating the incident and while they have not yet made a public accusation, they believe Russia was behind it.

It appears to be the most significant cyber-attack linked to the conflict so far, affecting military, as well as government, communications.

Overall though, Western officials say Ukraine has proved more resilient to cyber-attacks than many had expected.

Western intelligence agencies are investigating the hacking of Viasat, which provides communications through a network of satellites.

It appears to have been hit by a sophisticated cyber-attack that wiped devices on the day the invasion began.

It also affected other countries in Europe, although not the UK.

Viasat told the BBC that it was replacing some customers’ modems but its core network infrastructure and the satellite itself were not damaged.

“Viasat is actively working with distributors to restore service for those fixed broadband users in Europe impacted by this event,” it said in a statement.

The company did not say who it thought was behind the cyber-attack and said the US government would provide attribution in due course.

Military doctrine
“It looks like the clearest example of spill-over,” said one official.

Western officials believe this was almost certainly the work of Russia but have not yet assembled the evidence to make a public accusation.

“Were it to be ultimately attributed to Russia, it would very much fit with what we expect them to do, which is use their cyber-capability to support their military campaign,” said one Western official.

They believe it fits closely into Russian military doctrine, in which cyber-attacks are used to support specific military objectives – in this case trying to sow confusion by disrupting Ukrainian command and control.

In recent days, US cyber-authorities have warned that they are “aware of possible threats to US and international satellite communication networks”, and America’s FBI and Cybersecurity and Infrastructure Security Agency (Cisa) have urged providers to improve their security because of the continuing potential risks.

Russia’s military intelligence agency, the GRU, is thought to have been behind the Viasat hack, according to a report in the Washington Post.

Other officials also say that the GRU has led in operations against Ukraine.

Limited tech damage
In the initial phases of the Russian invasion, many had predicted large-scale destructive cyber-activity from Moscow.

Russian state hackers linked to the GRU in the past have managed to turn off the power for hundreds of thousands of Ukrainians. But nothing on this scale was seen.

Western analysts believe there are several reasons for the absence of significant destructive attacks.

Russia believed the government in Kyiv would be toppled quickly and a new pro-Moscow replacement would be put in place.

In this scenario, destroying infrastructure would serve little purpose.

Destructive cyber-attacks take time to prepare and Moscow’s state hackers may also not have had sufficient notice since, like much of the military, they may not have known an invasion was being planned until the last minute.

Another reason is that when it comes to a full military conflict, hard military power can be more reliable in destroying targets such as TV towers than cyber-attacks, which are not always guaranteed to work.

But Western officials caution against the idea that there have not been cyber-attacks. They say that the Ukrainians may simply have been resilient to the attacks that did come their way.

Ukraine resilience
“We have seen broad targeting of Ukrainian networks and systems,” one official said.

“There was a significant amount of intent on the part of Russia to disrupt Ukrainian systems before the invasion,” an official also noted.

So-called “wiper” software was used to target government systems in January and February, just days before the invasion.

But officials say they believe Ukrainian defences held up well against attacks, which came from several Russian state-linked groups.

The experience of previous attacks may also have helped.

“The Russians perhaps helped the Ukrainians get match fit,” an official said.

“Ukraine has done an incredible job of being resilient,” said the official, adding that the country had received extensive support from the West, in terms of both government and private sector.

Both US and UK cyber-intelligence officials have been working closely for a long period with Ukrainian counterparts, including in specific areas such as telecoms.

“That’s an area that they put a significant amount of effort into, and was supported by allies,” officials said.

There has been continued cyber-espionage in the conflict by both sides, officials say, particularly around intercepting communications and trying to locate and target individuals and military formations.

‘Possible activity’
So far, there have also not been major cyber-attacks against the West from Moscow.

One concern had been that Russia could retaliate for Western sanctions by launching cyber-attacks against the West, perhaps unleashing criminal gangs who use ransomware to lock businesses and organisations out of their systems.

The White House did warn this week that it has seen intelligence of possible activity.

However, it is not clear yet whether this is above the normal level of Russian cyber-activity that is happening all the time or whether it is an indication that Russia is preparing for something more serious.

On Thursday, the US Department of Justice and UK Foreign Office also accused Russia’s Security Service, the FSB, of hacking into energy providers between 2012 and 2018.

A loophole allowing drivers to escape punishment for handheld phone use if they are taking a photo or playing a game has closed in Great Britain.

People can now be fined up to £1,000 and receive six points on their licence for scrolling through playlists or taking pictures on a handheld device.

Transport Secretary Grant Shapps said the government was taking a “zero-tolerance approach”.

Devices can still be used hands-free while driving if secured in a cradle.

The law change, which does not apply in Northern Ireland, is an extension of an existing offence which includes making phone calls or sending text messages.

In July 2019, a man overturned a conviction for filming a crash saying he was not using his phone “to communicate”.

Following that ruling two High Court judges criticised the law on using phones while driving, saying it had failed to evolve with the rise of technology.

The Department for Transport (DfT) figures show 17 people were killed and a further 114 were seriously injured in crashes on roads in which a driver using a mobile was a contributory factor.

The DfT said drivers can use their phone to make contactless payments at a drive-through restaurant if the vehicle is stationary.

Mr Shapps said: “I will do everything in my power to keep road users safe, which is why I am taking a zero-tolerance approach to those who decide to risk lives by using their phone behind the wheel.

“I’m ensuring anyone who chooses to break this vital law can face punishment for doing so, and we’ll continue our efforts to ensure our roads remain among the safest in the world.”

line
Phones behind the wheel: the law
Using a hand-held mobile phone or sat-nav while driving is illegal
Any hands-free devices should be fully set up before you drive
Police still have the power to stop you if they think you have been distracted
The law still applies if you’re stopped in traffic or queuing at lights
You could get penalty points, a fine and/or a driving ban if you break the law
Source: UK government – read more

line
AA president Edmund King said the organisation warmly welcomed the new law and said it wanted using a handheld phone while driving to be “as socially unacceptable as drink driving”.

“This is a much needed toughening of the rules to help make our roads safer,” he said.

He added that “playing” with a phone in cradle would still leave drivers open to prosecutions for careless or dangerous driving.

The government said the change in the law had been introduced after a public consultation found 81% of respondents supported such a move.

European lawmakers have agreed on new rules which they hope will curb the dominance of Big Tech companies.

Under the Digital Markets Act (DMA), giants such as Google and Apple will be forced to open up their services and platforms to other businesses.

Major technology firms have long faced criticism that they use their market dominance to squeeze out competition.

“What we want is simple: fair markets…in digital,” said EU antitrust chief Margrethe Vestager.

“Large gatekeeper platforms have prevented businesses and consumers from the benefit of competitive digital markets,” she said.

The announcement is the biggest regulatory move yet from the EU to act against what it defines as “anti-trust” or anti-competitive behaviour from mainly US technology businesses.

“The agreement ushers in a new era of tech regulation worldwide,” said German MEP Andreas Schwab, who led the negotiations for the European Parliament.

Under the proposed Digital Markets Act, Apple would be forced to open up its App Store to third-party payment options instead of users being forced to use Apple’s own payment system.

It is something Apple has been fighting in the US during a high-profile court battle with Epic Games, the maker of Fortnite.

Google will be asked to offer people who use smartphones which run on the company’s Android operating system alternatives to its search engine, the Google Maps app or its Chrome browser.

Apple would also be forced to loosen its grip on the iPhone, with users allowed to uninstall its Safari web browser and other company-imposed apps that users cannot currently delete.

The targets of the law include WhatsApp, Facebook Messenger, iMessage, the App Store, Google Play and many other services belonging to large tech firms.

The EU wants to give users more choice over how people send messages. The new rules would require that technology make their messaging services interoperable with smaller competitors.

However, Apple said it was “concerned that some provisions of the DMA will create unnecessary privacy and security vulnerabilities for our users”.

Meanwhile, Google said: “While we support many of the DMA’s ambitions around consumer choice and interoperability, we’re worried that some of these rules could reduce innovation and the choice available to Europeans.”

The law will only affect companies with a value of more than €75bn (£63bn), annual sales of €7.5bn and at least 45 million monthly users.

Legislation was originally proposed by Ms Vestager just over a year ago in reaction to what she felt was monopolistic behaviour from Big Tech. She was known to be frustrated by how mainly large, US tech companies had managed to delay and even thwart EU attempts to fine them.

“The gatekeepers – they now have to take responsibility,” Ms Vestager said on Thursday.

Once implemented, the law will give Brussels unprecedented authority in regulating major tech companies.

Many major US tech companies have huge lobbying operations in Washington, and have been emphasising that such laws punish successful American companies.

However many US politicians are also keen to clip the wings of Big Tech, with bills currently going through Congress that would also rein in their power.

With the deal reached by negotiators, the DMA now faces final votes in the European Parliament as well as by ministers from the EU’s 27 member states.

Hundreds of organisations that rely on Okta to provide access to their networks may have been affected by a cyber-attack on the company.

Okta said the “worst case” was 366 of its clients had been affected and their “data may have been viewed or acted upon” – its shares fell 9% on the news.

It says it has more than 15,000 clients – from big companies, including FedEx, to smaller organisations, such as Thanet District Council, in Kent.

Cyber-gang Lapsus$ is behind the hack.

The ransomware group “is a South American threat actor that has recently been linked to cyber-attacks on some high-profile targets”, according to Ekram Ahmed, of cyber-security company Checkpoint .

“The cyber-gang is known for extortion, threatening the release of sensitive information, if demands by its victims are not made” he said.

The group has previously claimed to have broken into some high-profile companies, including Microsoft.

In a blog post, Microsoft said Lapsus$ had gained only limited access, after compromising a single account, but no customer code or data was involved.

Concern mounted
Okta initially said the attack, in January, involved a third-party contractor, a “sub-processor”, and “the matter was investigated and contained”.

“There is no evidence of ongoing malicious activity beyond the activity detected in January,” it said.

But as concern mounted, Okta published a series of updated blog posts providing more detail.

Chief security officer David Bradbury revealed the hackers had accessed the computer of a customer-support engineer working for the sub-processor, over a five-day period in mid-January.

The attack had been “analogous to walking away from your computer at a coffee shop, whereby a stranger has – virtually, in this case – sat down at your machine and is using the mouse and keyboard”, he said.

But the engineer’s computer had not provided “god-like access”, the hackers had been constrained in what they could do, Okta itself had not been breached and remained fully operational.

“There are no corrective actions that need to be taken by our customers,” Mr Bradbury added.

‘Extreme vigilance’
The contractor employing the engineer, Sykes, part of the Sitel Group, said it was “confident there is no longer a security risk”.

But in collaboration with external cyber-security experts, it would “continue to investigate and assess potential security risks to both our infrastructure and to the brands we support around the globe”.

Lapsus$ said, in online posts, it had not stolen “any databases from Okta” and was focused only on its customers.

None of Okta’s clients has reported any issues – but Mr Ahmed urged “extreme vigilance and cyber-safety practices”.

“The full extent of the cyber-gang’s resources should reveal itself in the coming days,” he added.

Multiple applications
One of Okta’s clients, Cloudflare, said, in a blog post, it did not believe it had been compromised.

FedEx told the Reuters news agency it had “no indication that our environment has been accessed or compromised”.

Thanet, which uses Okta to simplify the way staff manage and sign on to multiple applications, told BBC News the hack “has not compromised the security of the council’s data” but it “will continue to monitor the situation”.

Britain’s National Cyber Security Centre said it had “not seen any evidence of impact in the UK”.

A number of Apple services experienced outages on Monday, Apple’s support page has confirmed.

The areas affected included the App Store, iMessage, Maps, Apple Arcade, the iTunes store, podcasts and Apple TV+.

Apple’s system status page now shows that all of its services are back up and running.

Some of Apple’s network was down for three hours.

A number of iCloud services had been affected, including calendar and mail.

Apple confirmed to the BBC its systems had faced outages but has not commented on the reason for the issue.

According to outage tracking website Downdetector.com, more than 4,000 users had reported issues with accessing Apple Music, while nearly 4,000 reported problems with iCloud.

Apple iMessage was also down for a short period.

People aged 75 and over, residents in care homes and those with weakened immune systems can now book an extra booster jab against Covid in England.

It comes as official figures show infection rates are rising in all age groups – including the over-70s.

The roll out follows recommendations from the UK’s vaccine advisors who say additional jabs will help boost protection for the most vulnerable.

Spring boosters are already being rolled out in Wales and Scotland.

A wider booster programme – involving more people – is expected this autumn.

While vaccines have been shown to provide good protection against severe disease, protection wanes over time.

And as many of the oldest received their last jab in autumn 2021, their immunity may now be declining, experts say.

Dr Nikki Kanani, GP and deputy lead for the NHS’s vaccination programme, urged everyone eligible to book their boosters as soon as possible.

She said: “With infections rising this is a really important opportunity for people who are eligible to come forward and get booked and get their spring booster.”

Adults eligible for the jab will be offered the Moderna or Pfizer/BionNTech vaccine
Young people aged 12 to 18 will be offered the Pfizer/BioNTech jab
The extra jabs will be given around six months after the last dose of vaccine.

Across the UK more than two-thirds of people aged over 12 have had two Covid vaccines plus a single booster jab.

A first booster dose is currently available for everyone aged 16 and over, and at-risk children aged 12 to 15.

But up until now only people with severely weakened immune systems had been eligible for a fourth dose – three doses plus a booster.

The Joint Committee on Vaccination and Immunization has suggested further boosters will be offered to a wider group of people in autumn.

Experts believe winter is likely to be the season when the threat from Covid is greatest – for individuals, the NHS and care homes.

Olena Kurilo became the face of Russia’s invasion of Ukraine. Bloodied and bandaged, the 53-year-old teacher said she couldn’t believe what had happened to her and her town of Chuhuiv.

Her picture was on the front pages of newspapers across the world.

Over the next few days, Russia’s government social media accounts began to post a video claiming that Olena hadn’t been injured at all.

“Great photos by the way, they were all over the news,” the Russian narrator says.

The video then claims Olena was photographed two days later, uninjured.

“A couple of days later, good for her, not a scratch.”

This claim is baseless, the BBC has verified the photo as genuine, as has Reuters. Wild conspiracy theories like these are not uncommon on social media.

But what makes this conspiracy theory so odd is that it was shared by an official Russian government Twitter account – the Russian Mission in Geneva. Two weeks on, the tweet is still live.

The Russian Government has a huge network of official Twitter accounts – the BBC found more than 100 of them. They range from accounts that represent foreign missions or embassies, with a few thousand followers, to accounts with more than a million followers. President Putin has his own account. Many of the accounts are labelled as Russian Government organisations by Twitter.

Yet, while many of these accounts have spread disinformation, Twitter deals with them differently to Russian state media – like RT or Sputnik.

On 28 February, Twitter announced it would prevent tweets from Russian state-affiliated media outlets from being eligible for “amplification” – meaning they wouldn’t be recommended in the Home timeline, notifications, and other places on Twitter. But Twitter has confirmed to the BBC that this policy does not include Russian government accounts.

Tim Graham, a social media analyst at QUT Digital Media Research Centre in Australia, describes this as a “loophole” in Twitter’s moderation policies which lets the Russian government pump out misinformation.

“It’s certainly a blind spot in Twitter’s defences against disinformation,” he says.

Intrigued by this spider web of Russian government accounts, Mr Graham – who specialises in analysing coordinated activity on social media – decided to investigate further. He analysed 75 Russian government Twitter profiles which, in total, have more than 7 million followers. The accounts have received 30 million likes, been retweeted 36 million times and been replied to 4 million times.

He looked at how many times each Twitter account retweeted one of the other 74 profiles within an hour. He discovered that the Kremlin’s network of Twitter accounts work together to retweet and drive up traffic. This practice is sometimes called “astroturfing” – when the owner of several accounts uses the profiles they control to retweet content and amplify reach.

“It’s a coordinated retweet network,” Mr Graham says.

“If these accounts weren’t retweeting stuff at the same time, the network would just be a bunch of disconnected dots. So what the network shows, very clearly, is that there’s a very dense amount of connections to the way these accounts are retweeting.

“They are using this as an engine to drive their preferred narrative onto Twitter, and they’re getting away with it,” he says.

Coordinated activity, using multiple accounts, is against Twitter’s rules.

“You can’t artificially amplify conversations through the use of multiple accounts,” Twitter’s rules state.

But Twitter doesn’t treat all accounts equally. Tweets from government and elected officials can be given more leeway when it comes to moderation. The company says on its website that there may be a public interest in seeing tweets that would otherwise violate its rules.

However, the company doesn’t treat official accounts differently when it comes to coordinated behaviour – there is no exemption.