US fuel pipeline ‘paid hackers $5m in ransom’

A major US fuel pipeline has reportedly paid cyber-criminal gang DarkSide nearly $5m (£3.6m) in ransom, following a cyber-attack.

Colonial Pipeline suffered a ransomware cyber-attack over the weekend and took its service down for five days, causing supplies to tighten across the US.

CNN, the New York Times, Bloomberg and the Wall Street Journal all reported a ransom was paid, citing sources.

Colonial said on Thursday that it would not comment on the issue.

On Friday, Japanese consumer tech giant Toshiba said its European division in France had been hit by the same cyber-criminal gang.

Price impact
Following the cyber-attack, Colonial announced it would resume operations on Wednesday evening, but warned that it could take several days for the delivery supply chain to return to normal.

The 5,500-mile (8,900km) pipeline usually carries 2.5 million barrels a day on the East Coast.

The closure saw supplies of diesel, petrol and jet fuel tighten across the US, with prices rising, an emergency waiver passed on Monday and a number of states declaring an emergency.

The average price per gallon hit $3.008 (£2.14) – the highest level seen since October 2014, according to the Automobile Association of America.

US President Joe Biden reassured motorists on Thursday that fuel supplies should start returning to normal this weekend, even as more filling stations ran out of gasoline across the Southeast.

According to reports, Colonial had said initially it would not be paying the ransom demanded by the hackers.

Toshiba cyber-attack
Toshiba Tec France Imaging System, which is part of Toshiba, said it was hit by a similar cyber-attack by DarkSide on 4 May.

However, the firm emphasised that no leaks of data had been detected and that only a minimal amount of work data was lost during the event.

It said it had put protective measures in place immediately after the attack.

In light of a sharp increase in ransomware cyber-attacks during the pandemic, on Thursday President Biden signed an executive order to improve US cyber-defences.

Earlier in the week, he said that although there was no evidence that the Kremlin was involved, there was evidence to suggest that the DarkSide gang of hackers was based in Russia.

The news that Colonial Pipeline paid these criminals is a major blow to President Biden.

Only this week he signed a long-awaited executive order to beef up federal cyber-security and, in turn, make the US more secure from future attacks.

These efforts have, in the view of some in the cyber-security world, been completely undermined.

How can the Biden administration encourage corporations to spend millions securing their computer networks from attack when they’ve just witnessed Colonial, under the glare of the public eye, cave in to criminal demands and pay their way out of trouble?

The news will swell the ranks of those in the security world who want ransomware payments banned.

But with companies, jobs and sometimes lives put at risk when ransomware hits, it is a tough call for policymakers.

The potential silver-lining in this case comes from reports that even after Colonial paid the hackers, the criminals were so slow to help the company that pipeline staff got to work on recovery themselves.

The DarkSide hacker crew can no longer claim that they can restore victims services quickly and this may make others question whether or not to give in to their demands.

2px presentational grey line
‘Our goal is to make money’
Cyber-security firms told the BBC that DarkSide operates by infiltrating an organisation’s computer network and stealing sensitive data.

Typically, a day later the hackers will make themselves known, announcing that they have encrypted all the data in the network and are prepared to leak it onto the internet and delete it, if they are not paid a ransom by a certain deadline.

DarkSide operates by making the software used to execute this attack and then training affiliates to use it, who then give the gang a cut of the ransoms they take.

Following concerns the Colonial cyber-attack was caused by nation-state hackers with a political motive, DarkSide posted on its website: “Our goal is to make money and not creating problems for society.”

The group also indicated it had not been aware that Colonial was being targeted by one of its affiliates and intended to “introduce moderation and check each company” its partners want to encrypt, “to avoid social consequences in the future”.

On Friday, Reuters reported that DarkSide’s website on the dark web was no longer accessible.

Colonial Pipeline’s website also continues to be offline.

Colonial hack: Biden orders tightening of cyber-defences

President Joe Biden has signed an executive order to improve US cyber-defences in light of recent attacks.

The detailed order issues strict deadlines for all government departments to tighten security.

It comes as the US deals with a hack on the country’s biggest pipeline that has seen fuel shortages and panic-buying across multiple states.

Colonial Pipeline says it has restarted its pumps but it will be “several days” until fuel supplies return to normal.

‘Plastic bags’
The company said: “Some markets served by Colonial Pipeline may experience, or continue to experience, intermittent service interruptions during the start-up period.

“Colonial will move as much gasoline, diesel, and jet fuel as is safely possible and will continue to do so until markets return to normal.”

The company was attacked by ransomware group Darkside, on Friday, and forced to take operations offline.

The 5,000-mile (8,000km) pipeline supplies 45% of the petrol and jet-fuel needs of the east coast of the US.

The ensuing panic-buying led the US Consumer Product Safety Commission to tweet: “Do not fill plastic bags with gasoline.”

Cyber-espionage campaign
President Biden’s order was not written specifically in response to the latest attack but it is understood to have been delayed to take it into account.

It was initially prompted by the so-called SolarWinds cyber-espionage campaign discovered in December 2020.

That was one of the worst in history, with cyber-spies able to access emails and networks across multiple US government departments.

It has been blamed by the US and UK authorities on the Russian government.

‘Zero trust’
The wide-ranging order requires all government departments to:

adopt multi-factor identification log-in systems within 180 days
accelerate moves to “cloud” and “zero trust” frameworks
designate which “unclassified data” is too sensitive to be kept in normal networks storage
conduct more thorough reviews of critical-software suppliers
It also puts an emphasis on private cyber-security companies improving their own defences and being more transparent about when they themselves are attacked.

And it states cyber-security vendors must report intrusions within 72 hours of discovery.

Chris Krebs, former leader of the US Cybersecurity and Infrastructure Security Agency (CISA), tweeted the order “lays out an ambitious and achievable work plan to dramatically improve the security of US government networks by using the power of the purse”.

“Kudos to the team for pulling this together,” he added.

If cyber-security wasn’t a hot topic for President Biden before, then the past four months has been a baptism of fire(walls) for him.

Since December, the US has been on the receiving end of three of the worst cyber-attacks in history.

Each one has been entirely different too, testing the administration in different ways.

Solarwinds was a long-running and targeting espionage campaign aimed at the heart of government reportedly by a foreign state – Russia.

The Microsoft Exchange Server attack, in March, was a mass smash-and-grab against tens of thousands of private company’s email systems, thought to have been by state-affiliated criminal gangs based in China.

And right now a criminal gang, thought to be based in Russia, is holding the country’s largest pipeline to ransom, causing chaos at petrol pumps.

Mr Biden can’t solve all these potential attacks with the sweep of his pen – but this executive order is clearly aimed at creating a trickle-down effect.

If he can improve government defences, it will set a standard for cyber security across the entire country.

Amazon has €250m ‘back taxes’ overturned in court

Amazon has won a court battle over €250m (£215m) in taxes it had been ordered to pay Luxembourg.

The European Commission had ordered the tech giant to repay the funds as back taxes, alleging that Amazon had been given unfair special treatment.

But the EU’s General Court overturned that order, finding it had been given “no selective advantage”.

Amazon said the decision was “in line with our long-standing position that we followed all applicable laws”.

“We’re pleased that the court has made this clear, and we can continue to focus on delivering for our customers across Europe,” the company said in a statement.

The contentious order dates back to 2017, when the European Competition Commissioner, Margrethe Vestager, had turned her attention to tech giants and their tax arrangements in some EU countries.

The European Commission had alleged that the tax deal amounted to state aid for the company – something which breaks the rules of the EU’s internal market.

Both Amazon and the country of Luxembourg went to court to have the decision overturned.

“None of the findings set out by the Commission in the contested decision are sufficient to demonstrate the existence of an advantage,” the court said in a statement.

“The contested decision must be annulled in its entirety.”

A much larger tax bill for a similar case with Apple in Ireland – involving €13bn (£11.6bn) – was also overturned last year. The Commission lodged an appeal in September.

Europe to fight Apple 13bn euro tax bill decision
Amazon charged with abusing EU competition rules
It is not yet clear if the EU will appeal against the latest Amazon ruling.

In a statement, Margrethe Vestager said: “All companies should pay their fair share of tax.”

She said the Amazon-Luxembourg deal meant “three-quarters of the profits made from all Amazon sales in the EU went untaxed until 2014”.

“We will carefully study the judgment and reflect on possible next steps.”

The court also ruled separately on French energy firm Engie, which had been ordered to pay €120m (£103m) back to Luxembourg. The court upheld that decision.

Despite the setbacks, the Commission’s pressure on tech giants to pay more tax has indirectly led to changes in tax systems used by some EU members.

An international effort involving the Organisation for Economic Cooperation and Development (OECD) is also aiming to establish a set of common international rules on how multinational corporations should be taxed.

That could apply to the major tech giants, and has led to friction between some European countries and the United States, where many of the companies are based.

In January, both France and the UK decided to delay the introduction of a planned “tech tax” while the OECD negotiations continue.

Tesla crash: Autopilot was off, says preliminary report

The autopilot function on a Tesla car involved in a fatal crash in Texas in April was “not available” at the time, according to a preliminary report.

Police said one victim was found in the front passenger seat, the other in the back after it crashed and caught fire.

The early findings suggest the car’s autopilot was “not available” on the road where the accident happened.

But cruise-control could have been in operation, the National Transportation Safety Board said.

Police said there was nobody in the driving seat when the vehicle, which struck a tree and caught fire, was found.

The 2019 Tesla Model S had been travelling at high speed when it failed to negotiate a curve on a winding road.

The car firm’s founder, Elon Musk, had previously tweeted that the vehicle’s logs suggested that its autopilot feature had not been enabled at the time of the crash. “Moreover, standard autopilot would require lane lines to turn on, which this street did not have,” he wrote at the time.

The BBC is not responsible for the content of external sites.
View original tweet on Twitter
Neither the NTSB nor the police has yet reached a final conclusion about the cause of the accident.

Mark Herman, Harris County Precinct 4 constable, said last month that “no-one was driving the vehicle at the time of impact”.

But footage from the owner’s home-security camera showed the driver getting into the driver’s seat, and the passenger into the front passenger seat, the NTSB said.

Clubhouse launches on Android as app downloads collapse

Live-audio app Clubhouse is launching on Google’s Android, more than a year after its initial launch.

The invitation-only platform has previously been available on only Apple’s App Store, where downloads have significantly fallen.

The app spiked in popularity this year, with celebrities using the service and invitations being sold online.

But many are questioning its long-term viability, after competitors Facebook and Twitter launched copycat features.

Clubhouse said it was testing the app for users in the US initially, with UK and other English-speaking countries to follow “in the coming days”.

Is Clubhouse really worth $4bn?
Clubhouse: What is it and how do you get invited?
“Our plan over the next few weeks is to collect feedback from the community, fix any issues we see and work to add a few final features like payments and club creation before rolling it out more broadly,” the technology company blogged .

It thanked Android users for their patience and said the app would be rolled out to the rest of the world during the next few weeks and users outside the US could register to receive a notification when it was available in their area.

‘Compelling-content creators’
Clubhouse had about 13.4 million users in late March, according to research company App Annie.

But after peaking in February, with 9.6 million downloads, it had had just 2.7 million in March and 900,000 in April, mobile-app-store analysts Sensor Tower said.

Enders Analysis technology head Joseph Evans said: “Clubhouse is still invite-only, so they are not judging success by how many people are using it.

“They are much more focused on getting compelling-content creators and then hoping that the users will follow at some point in the future.”

But “deep-pocketed” rivals could steal users from Clubhouse by creating a more polished product.

Facebook is testing a web-based app of its own called Hotline, which lets hosts chat to their audience via audio and text and will be available to both Android and Apple users.

And Twitter has launched Spaces, an audio-streaming feature inside the existing Twitter app, which will soon allow users to charge for admission to its audio chat rooms.

‘Increasingly irrelevant’
“People can now have the best of both worlds on the platforms they know and trust, rather than jumping between multiple social networks,” South Coast Social social-media agency founder Clare Groombridge said.

All In content-creator agency founder Kevin Tewe said Clubhouse’s initial success had been due to people staying at home during the pandemic.

“Users soon realised it is always the same topics by the same people, who are selling themselves or getting deals for their agencies,” he said.

And the platform would become increasingly irrelevant as people were allowed to interact in person more.

TripAdvisor sorry for Auschwitz review error

Review platform TripAdvisor has apologised after initially opting to leave up an offensive review of the Auschwitz Museum in Poland.

The review has now been deleted and the poster banned, it said, blaming a screening “failure”.

The museum complained about the post, in which the reviewer joked about bringing a baby to the gas chambers of the death camp.

The post also flippantly described the experience as “fun for the family”.

The Auschwitz Museum said that when it contacted TripAdvisor, it was initially informed that the posting fell within the site’s submission guidelines.

At least 1.1 million men, women and children were murdered at the Auschwitz concentration camp, run by Nazi Germany in occupied Poland, during World War Two. The majority were killed in its large complex of gas chambers.

The site now functions as a museum and memorial.

In a statement, TripAdvisor said it used “a blend of technology and people” in reviewing posts, and that in this case “our initial screening failed to identify this review as promoting intolerance”. It did not say whether human or machines had been involved in the original decision.

“Through our escalation process, this review was removed,” it said.

“We always aim to get it right the first time and we apologize to the Auschwitz Memorial and Museum, the Jewish community at large, and all communities and individuals affected by this initial miss.”

The Auschwitz Museum had tweeted about the original error, and followed up by thanking TripAdvisor for its later action.

Virgin Media customers left waiting longest on phone

Virgin Media and Virgin Mobile customers face the longest wait to speak to customer service operators by phone, the regulator Ofcom has found.

Virgin Media customers waited seven minutes and 40 seconds on average, while Virgin Mobile took six minutes and 44 seconds to answer calls in 2020.

EE had the shortest average wait time with one minute and 15 seconds, followed by TalkTalk.

Virgin Media said customer service was a “top priority”.

Overall, 52% of all UK broadband customers were happy with how their complaints were dealt with.

That compared with 57% of mobile users.

Virgin Media said it had been forced to change the set-up of its contact centres during the pandemic.

“We’re proud of how we rose to this challenge,” it said.

“However, we recognise there’s room for improvement, which is why we have already increased our investments in digital and customer service, including creating more than 1,000 customer care roles in the UK last year, and will be making further improvements later this year.”

Better deals
It is Ofcom’s fifth annual report exploring how well the major providers support customers and provide information about what they offer.

The regulator said while many companies were now offering better deals, customer service was still facing issues.

Other findings included:

Broadband and landline customers waited four minutes and nine seconds on average to speak to someone in 2020
Mobile customers waited two minutes and seven seconds
26% of broadband customers had “a reason to complain” about their provider or service
Only 3% of mobile customers were unhappy with their service
Most people were only without services for a maximum of two days due to faults
Soaring demand
Lindsey Fussell, Ofcom’s network and communications group director, said on the whole broadband and mobile companies had “adapted well” to soaring demand for connectivity during the pandemic.

“Some have struggled with customer service problems,” she added.

“We’re challenging them to act now, so the telecoms industry becomes the gold standard for customer service.”

Rocio Concha, Director of Policy and Advocacy at Which? said it was important for the sector to uphold the commitments they had made in 2019.

“In a time where being connected is more important than ever, providers need to take their commitments seriously and do more to meet consumers’ expectations – particularly on customer service, pricing and ease of changing contracts,” she said.

Facebook’s Trump ban upheld by Oversight Board for now

Donald Trump’s ban from Facebook and Instagram has been upheld by Facebook’s Oversight Board.

But it criticised the indefinite nature of the ban as beyond the scope of Facebook’s normal penalties.

It has ordered Facebook to review the decision and “justify a proportionate response” that is applied to everyone, including ordinary users.

The former president was banned from both sites in January following the Capitol Hill riots.

The Oversight Board said the initial decision to permanently suspend Mr Trump was “indeterminate and standardless”, and that the correct response should be “consistent with the rules that are applied to other users of its platform”.

Facebook must respond within six months, it said.

At a press conference, co-chair Helle Thorning-Schmidt admitted: “We did not have an easy answer.”

She added that she felt Facebook would “appreciate the decision”.

“We are telling Facebook to go back and be more transparent about how it assesses these things. Treat all users the same and don’t give arbitrary penalties.”

In response, Facebook said it would “consider the board’s decision and determine an action that is clear and proportionate”.

The board also made a number of recommendations about how Facebook should improve its policies and the social network promised to “carefully review” these.

The Board was due to announce its decision last month but delayed the ruling in order to review more than 9,000 public responses to cases, it said.

In the meantime, Mr Trump, who is also banned from Twitter, launched a new website on Tuesday to update supporters with his thoughts.

Following the ruling, Mr Trump wrote that “what Facebook, Twitter, and Google have done is a total disgrace”.

“Free speech has been taken away from the President of the United States because the radical left lunatics are afraid of the truth,” he said, referring to himself as president.

“The people of our country will not stand for it! These corrupt social media companies must pay a political price, and must never again be allowed to destroy and decimate our electoral process,” he said.

The administration of Mr Trump’s successor, Democratic President Joe Biden, declined to comment on Facebook’s ruling on Wednesday.

But White House Press Secretary Jen Psaki said it was President Biden’s view that “major platforms have a responsibility related to the health and safety of all Americans to stop amplifying untrustworthy content, disinformation and misinformation”.

What did the Board say?
The ruling means that Mr Trump’s suspension remains in place for now.

The Oversight Board decided that Mr Trump had broken Facebook’s community standards, and upheld the ban.

But it is the “indefinite” part of the ban that it took issue with because that is not within its own rules.

“It is not permissible for Facebook to keep a user off the platform for an undefined period, with no criteria for when or whether the account will be restored,” it said in a statement.

Applying that type of ban to Mr Trump was not following any clear procedure, it said.

The BBC is not responsible for the content of external sites.
View original tweet on Twitter
The Board argued that Facebook had essentially issued “a vague, standardless penalty and then [referred] this case to the Board to resolve”.

It said doing so meant “Facebook seeks to avoid its responsibilities” – and sent the decision back to Facebook.

Co-chair Michael McConnell justified the timeframe saying that it was a decision “not to be rushed” and admitted that the firm may decide to throw it back to the Oversight Board yet again.

Setting up a “Supreme Court” to rule on tricky issues seemed like a smart move by Mark Zuckerberg. Whatever the Oversight Board decided, Facebook’s boss could say “not my fault, blame the judges”.

But that’s unlikely to wash here. There can be no more divisive issue than President Trump’s presence on a platform credited or blamed by many for his electoral success in 2016 and probably crucial if he decides to run again in 2024.

Now, the Oversight Board has thrown the hot potato right back into Mr Zuckerberg’s lap.

He and his team have been told to go away and have a long hard think about how they handle tricky cases like this one. They will have to decide the meaning of the term “newsworthy” and conduct a proper inquest into the platform’s role in the events of 6 January.

And at the end of it all, Facebook will still have to decide what to do about Donald Trump.

Mark Zuckerberg could be forgiven for wondering whether setting up this body was such a good idea after all – and why he is paying the generous salaries of the board’s members.

Presentational grey line
What is the Oversight Board?
Often referred to as “Facebook’s Supreme Court”, it was set up to rule on difficult or controversial moderation decisions made by Facebook.

It was established by Facebook boss Mark Zuckerberg but operates as an independent entity, although its wages and other costs are covered by Facebook. It is made up of journalists, human rights activists, lawyers and academics.

Facebook faces delay over Trump ban decision
Facebook Oversight Board reveals its first cases
The committee has already ruled on nine cases including a comment that seemed derogatory to Muslims. The post from a user in Myanmar, removed for breaking hate-speech rules, was found by the board not to be Islamophobic when taken in context.

What happened to Trump’s account?
Following the Capitol Hill riots on 6 January, Facebook announced it was banning Mr Trump for breaking its “glorification of violence” rules.

Hundreds of his supporters entered the complex as the US Congress attempted to certify Joe Biden’s victory in last year’s presidential election.

Mr Trump was acquitted of a charge of inciting insurrection at the US Capitol in his second impeachment trial in February, after being accused of encouraging the violence in which five people lost their lives.

The social network had originally imposed a 24-hour ban after the attack which was then extended “indefinitely”.

Mr Zuckerberg announced that the risks of allowing Mr Trump to post were “simply too great”.

The former president has also been banned from Twitter and YouTube.

Apple puts more adverts in App Store after ad-tracking ban

Apple has added extra paid-for advertisements to its App Store, a week after its new operating system limited tracking for ads from other companies.

The new ad space lets app-makers advertise on the App Store search tab, rather than just in the search results.

Last week’s release of iOS 14.5 placed strict limits on tracking on iPhones – including tracking for advertising.

And Facebook fiercely opposed the change, warning it would favour Apple’s own advertising system.

Apple’s App Tracking Transparency feature requires apps on iPhones to ask for permission to track the user for advertising.

During a long-running row between the two, Facebook had warned Apple’s “privacy” features would hurt advertisers – including app makers – and benefit Apple.

“Apple’s policies leave very limited options for app developers to find customers through effective advertising – and, conveniently, Apple’s own advertising products is one of them,” Facebook had said.

‘Increased demand’
Previously, Apple sold adverts to appear at the top of search results only. The new slot effectively doubles the advertising space for sale.

Enders Analysis senior media analyst Jamie MacEwan said: “The timing makes sense.

“Apple probably anticipates increased demand for exposure on the App Store. That’s because Apple’s iOS privacy changes have made other options less attractive.”

Facebook v Apple: The ad tracking row heats up
Google promises to drop personalised ad tracking
Ad campaigns on other sites had less reliable measurements of success, he said.

And app developers ran ads only if they were sure the cost of winning new customers was lower than the amount they would spend on the app.

“As its ads business grows, Apple will have to make sure its execution on consent and privacy is impeccable” to avoid accusations of putting itself first, Mr MacEwan added.

Some reports suggest Apple’s ad sales could be worth more than $2bn and are growing.

Apple has not responded to a request for comment on the timing of the new advertising product launch.

Legal battle
The new feature also comes as internal Apple emails reveal a tension in the company over its advertising business.

The emails, between Apple employees in 2015, discussed the possibility of adding adverts to the App Store, after Google launched them for its own Android store.

The documents emerged as part of Apple’s continuing legal battle with Epic Games and were first reported on by Apple news site 9to5Mac.

Apple anti-fraud unit head Eric Friedman was discussing the idea of ads with engineer David Neumann, the documents reveal, and how they could work better for app discovery than a “top apps” chart.

“The dev[eloper]s would love it,” Mr Friedman wrote.

“The problem is that [Apple chief executive Tim Cook] is telling the world that we make great products without monetising users.

“Ads would be weirdly at odds with that.”

Mr Cook has long criticised big technology companies for monetising users’ data, whereas Apple makes most of its money through selling high-end devices.

Apple ended up introducing its first App Store ads in mid-2016, more than a year after those emails.

But the number of ads it displays remains low compared with rival Google Play, or most social networks.

Judge declines to dismiss Amazon’s Trump allegation

A US judge has refused to dismiss Amazon’s allegations that political interference cost the company a $10bn (£7bn) Pentagon contract.

The 10-year JEDI contract is aimed at making the US defence department more technologically agile.

Amazon had been considered the favourite to win. However, the contract was eventually awarded to Microsoft.

The tech giant alleges Mr Trump’s dislike of its founder Jeff Bezos influenced the final decision.

Amazon ‘must let workers join unions without fear’
Amazon ‘illegally retaliated’ against climate activists
The ruling on Wednesday means that Mr Trump could be among those Amazon asks to appear in court as part of any future proceedings.

“The record of improper influence by former President Trump is disturbing, and we are pleased the Court will review the remarkable impact it had on the JEDI contract award,” an Amazon spokesman said in a statement.

“AWS continues to be the superior technical choice, the less expensive choice, and would provide the best value to the DOD and the American taxpayer.”

However, a spokesman for Microsoft insisted that the new ruling “changes little”.

“Not once, but twice, professional procurement staff at the DoD chose Microsoft after a thorough review. Many other large and sophisticated customers make the same choice every week.

“We’ve continued for more than a year to do the internal work necessary to move forward on JEDI quickly, and we continue to work with DoD, as we have for more than 40 years, on mission-critical initiatives.”

Four companies had initially been in the running for the deal when the process was launched in 2017.

IBM was eliminated, as was Oracle, which lodged an unsuccessful legal challenge alleging conflict of interest stemming from Amazon’s hiring of two former defence department employees. Both were said to have been involved in the JEDI selection process.