Rural Americans Struggle with Poor Broadband Access

Even in the country that invented the internet, access has remained painfully slow for many rural residents in places like the central state of Arkansas, far from the big cities of the East and West coasts. That may be about to change.

The Federal Communications Commission — a government agency — recently auctioned off almost $1.5 billion in subsidies to get broadband providers to serve an additional 700,000 American homes over the next 10 years. Additional such auctions are planned.

For rural residents in Arkansas — ranked as one of the worst connected states in the country — it cannot come too soon.

“Remember dial-up?” That’s how Ashley Vaughan responds when she’s asked to describe her internet speed at home. She’s a resident of Pangburn, Arkansas, a town of about 600 people. After leaving the area for a few years, she returned in 2015.

​”[Internet speed is] still as crappy as it ever was,” Vaughan said. “I was trying to watch Hulu [a streaming network], and my husband was trying to load a webpage at the same time, and neither of them worked.”​

Rural areas

The issue of poor broadband access — defined by the FCC as fewer than 25 megabits per second (Mbps) — is not uncommon. Almost 20 percent of the American population, or 60 million people, live in rural areas, which generally experience the least connectivity in the country. 

Of those, around 15 million Americans have access to less than 10 Mbps.

In Vaughan’s case, she says her internet speed is only 0.05 Mbps. She’s called her internet provider to complain, but was told her service was the best available where she lives.

To get around the problem, many communities have sidestepped big companies and created municipal networks. Individually, some people spend extra on portable broadband access for their phones.

That slow speed doesn’t just mean fewer shows watched or video games played. It also impacts Vaughan’s son’s schoolwork, which increasingly requires use of a computer. Vaughan describes an instance in which her son took hours to download a single textbook, preventing anyone else in the house from using the internet during that time.

Many households in the U.S. have been wired for DSL, or digital subscriber lines, permitting the transmission of high-speed internet data over telephone lines. Meanwhile, most suburban and urban areas have seen the installation of fiber and copper cables, providing faster service. But many rural areas have been left behind.

“Fiber lines are expensive to install, and older copper lines are expensive to maintain,” said Jameson Zimmer, a broadband analyst with BroadbandNow, a data aggregation company based in Los Angeles.

On average, Zimmer says, it can cost tens of thousands of dollars to run fiber lines, depending on the complexity of the terrain and the length of the line. This means there are fewer internet providers willing to take on that financial burden — giving consumers fewer options.

 “What to do about this is overwhelming,” Zimmer said.

Legislative push

It’s a problem that both Republican and Democratic party leaders are working to solve.

U.S. Senator John Boozman of Arkansas has been one of the leaders in the push for legislation broadening access to high-speed internet.

In an email to Voice of America, Boozman wrote that investing in affordable, high-speed internet would strengthen the American economy. He applauded President Donald Trump for signing an executive order earlier this year to expand broadband access into rural areas but said the issue needs attention from “all levels of government.”

“There is a sense of urgency in the need to close the rural broadband gap. Today, reliable connectivity is just as essential as traditional infrastructure like roads and bridges,” Boozman wrote. “I’ve seen students sitting in the back of pickup trucks outside of schools in order to access the internet to complete their homework.”

Alisha Summerville feels that urgency. She’s a co-owner of the online store ASK Apparel, which launched last year and is based in Pangburn. Even though she relies on her smartphone to do most of her work, the store earns $10,000 to $15,000 a month from online purchases and sells to customers in 18 states.

The store earns an additional $5,000 to $10,000 through a brick-and-mortar store in the neighboring town of Heber Springs, but Summerville says the company was set up to serve online shoppers and it encourages foot traffic to become online traffic.

“That’s where business is going,” Summerville said of internet sales.

Summerville says she takes her internet connection into consideration every single time she makes a decision — from marketing and design to the equipment she uses. Having better broadband access at home would mean she could accomplish a lot more.

“When your internet is down, so is your business,” Summerville said. “When I’m thinking about internet, and I’m thinking about sales, I’m thinking about how much further we could reach.”

Rural Americans Struggle with Poor Broadband Access

Even in the country that invented the internet, access has remained painfully slow for many rural residents in places like the central state of Arkansas, far from the big cities of the East and West coasts. That may be about to change.

The Federal Communications Commission — a government agency — recently auctioned off almost $1.5 billion in subsidies to get broadband providers to serve an additional 700,000 American homes over the next 10 years. Additional such auctions are planned.

For rural residents in Arkansas — ranked as one of the worst connected states in the country — it cannot come too soon.

“Remember dial-up?” That’s how Ashley Vaughan responds when she’s asked to describe her internet speed at home. She’s a resident of Pangburn, Arkansas, a town of about 600 people. After leaving the area for a few years, she returned in 2015.

​”[Internet speed is] still as crappy as it ever was,” Vaughan said. “I was trying to watch Hulu [a streaming network], and my husband was trying to load a webpage at the same time, and neither of them worked.”​

Rural areas

The issue of poor broadband access — defined by the FCC as fewer than 25 megabits per second (Mbps) — is not uncommon. Almost 20 percent of the American population, or 60 million people, live in rural areas, which generally experience the least connectivity in the country. 

Of those, around 15 million Americans have access to less than 10 Mbps.

In Vaughan’s case, she says her internet speed is only 0.05 Mbps. She’s called her internet provider to complain, but was told her service was the best available where she lives.

To get around the problem, many communities have sidestepped big companies and created municipal networks. Individually, some people spend extra on portable broadband access for their phones.

That slow speed doesn’t just mean fewer shows watched or video games played. It also impacts Vaughan’s son’s schoolwork, which increasingly requires use of a computer. Vaughan describes an instance in which her son took hours to download a single textbook, preventing anyone else in the house from using the internet during that time.

Many households in the U.S. have been wired for DSL, or digital subscriber lines, permitting the transmission of high-speed internet data over telephone lines. Meanwhile, most suburban and urban areas have seen the installation of fiber and copper cables, providing faster service. But many rural areas have been left behind.

“Fiber lines are expensive to install, and older copper lines are expensive to maintain,” said Jameson Zimmer, a broadband analyst with BroadbandNow, a data aggregation company based in Los Angeles.

On average, Zimmer says, it can cost tens of thousands of dollars to run fiber lines, depending on the complexity of the terrain and the length of the line. This means there are fewer internet providers willing to take on that financial burden — giving consumers fewer options.

 “What to do about this is overwhelming,” Zimmer said.

Legislative push

It’s a problem that both Republican and Democratic party leaders are working to solve.

U.S. Senator John Boozman of Arkansas has been one of the leaders in the push for legislation broadening access to high-speed internet.

In an email to Voice of America, Boozman wrote that investing in affordable, high-speed internet would strengthen the American economy. He applauded President Donald Trump for signing an executive order earlier this year to expand broadband access into rural areas but said the issue needs attention from “all levels of government.”

“There is a sense of urgency in the need to close the rural broadband gap. Today, reliable connectivity is just as essential as traditional infrastructure like roads and bridges,” Boozman wrote. “I’ve seen students sitting in the back of pickup trucks outside of schools in order to access the internet to complete their homework.”

Alisha Summerville feels that urgency. She’s a co-owner of the online store ASK Apparel, which launched last year and is based in Pangburn. Even though she relies on her smartphone to do most of her work, the store earns $10,000 to $15,000 a month from online purchases and sells to customers in 18 states.

The store earns an additional $5,000 to $10,000 through a brick-and-mortar store in the neighboring town of Heber Springs, but Summerville says the company was set up to serve online shoppers and it encourages foot traffic to become online traffic.

“That’s where business is going,” Summerville said of internet sales.

Summerville says she takes her internet connection into consideration every single time she makes a decision — from marketing and design to the equipment she uses. Having better broadband access at home would mean she could accomplish a lot more.

“When your internet is down, so is your business,” Summerville said. “When I’m thinking about internet, and I’m thinking about sales, I’m thinking about how much further we could reach.”

Facebook’s Election ‘War Room’ Takes Aim at Fake Information

In an otherwise innocuous part of Facebook’s expansive Silicon Valley campus, a locked door bears a taped-on sign that reads “War Room.” Behind the door lies a nerve center the social network has set up to combat fake accounts and bogus news stories ahead of upcoming elections.

Inside the room are dozens of employees staring intently at their monitors while data streams across giant dashboards. On the walls are posters of the sort Facebook frequently uses to caution or exhort its employees. One reads, “Nothing at Facebook is somebody else’s problem.”

That motto might strike some as ironic, given that the war room was created to counter threats that almost no one at the company, least of all CEO Mark Zuckerberg, took seriously just two years ago — and which the company’s critics now believe pose a threat to democracy.

Days after President Donald Trump’s surprise victory, Zuckerberg brushed off assertions that the outcome had been influenced by fictional news stories on Facebook, calling the idea ”pretty crazy .”

But Facebook’s blase attitude shifted as criticism of the company mounted in Congress and elsewhere. Later that year, it acknowledged having run thousands of ads promoting false information placed by Russian agents. Zuckerberg eventually made fixing Facebook his personal challenge for 2018.

The war room is a major part of Facebook’s ongoing repairs. Its technology draws upon the artificial-intelligence system Facebook has been using to help identify “inauthentic” posts and user behavior. Facebook provided a tightly controlled glimpse at its war room to The Associated Press and other media ahead of the second round of presidential elections in Brazil on Oct. 28 and the U.S. midterm elections on Nov. 6.

“There is no substitute for physical, real-world interaction,” said Samidh Chakrabarti, Facebook’s director of elections and civic engagement. “The primary thing we have learned is just how effective it is to have people in the same room all together.”

More than 20 different teams now coordinate the efforts of more than 20,000 people — mostly contractors — devoted to blocking fake accounts and fictional news and stopping other abuses on Facebook and its other services. As part of the crackdown, Facebook also has hired fact checkers, including The Associated Press, to vet new stories posted on its social network.

Facebook credits its war room and other stepped-up patrolling efforts for booting 1.3 billion fake accounts over the past year and jettisoning hundreds of pages set up by foreign governments and other agents looking to create mischief.

But it remains unclear whether Facebook is doing enough, said Angelo Carusone, president of Media Matters For America, a liberal group that monitors misinformation. He noted that the sensational themes distributed in fictional news stories can be highly effective at keeping people “engaged” on Facebook — which in turn makes it possible to sell more of the ads that generate most of Facebook’s revenue.

“What they are doing so far seems to be more about trying to prevent another public relations disaster and less so about putting in meaningful solutions to the problem,” Carusone said. “On balance, I would say they that are still way off.”

Facebook disagrees with that assessment, although its efforts are still a work in progress. Chakrabarti, for instance, acknowledged that some “bugs” prevented Facebook from taking some unspecified actions to prevent manipulation efforts in the first round of Brazil’s presidential election earlier this month. He declined to elaborate.

The war room is currently focused on Brazil’s next round of elections and upcoming U.S. midterms. Large U.S. and Brazilian flags hang on opposing walls and clocks show the time in both countries.

Facebook declined to let the media scrutinize the computer screens in front of the employees, and required reporters to refrain from mentioning some of the equipment inside the war room, calling it “proprietary information.” While on duty, war-room workers are only allowed to leave the room for short bathroom breaks or to grab food to eat at their desks.

Although no final decisions have been made, the war room is likely to become a permanent fixture at Facebook, said Katie Harbath, Facebook’s director of global politics and government outreach.

“It is a constant arms race,” she said. “This is our new normal.”

Facebook’s Election ‘War Room’ Takes Aim at Fake Information

In an otherwise innocuous part of Facebook’s expansive Silicon Valley campus, a locked door bears a taped-on sign that reads “War Room.” Behind the door lies a nerve center the social network has set up to combat fake accounts and bogus news stories ahead of upcoming elections.

Inside the room are dozens of employees staring intently at their monitors while data streams across giant dashboards. On the walls are posters of the sort Facebook frequently uses to caution or exhort its employees. One reads, “Nothing at Facebook is somebody else’s problem.”

That motto might strike some as ironic, given that the war room was created to counter threats that almost no one at the company, least of all CEO Mark Zuckerberg, took seriously just two years ago — and which the company’s critics now believe pose a threat to democracy.

Days after President Donald Trump’s surprise victory, Zuckerberg brushed off assertions that the outcome had been influenced by fictional news stories on Facebook, calling the idea ”pretty crazy .”

But Facebook’s blase attitude shifted as criticism of the company mounted in Congress and elsewhere. Later that year, it acknowledged having run thousands of ads promoting false information placed by Russian agents. Zuckerberg eventually made fixing Facebook his personal challenge for 2018.

The war room is a major part of Facebook’s ongoing repairs. Its technology draws upon the artificial-intelligence system Facebook has been using to help identify “inauthentic” posts and user behavior. Facebook provided a tightly controlled glimpse at its war room to The Associated Press and other media ahead of the second round of presidential elections in Brazil on Oct. 28 and the U.S. midterm elections on Nov. 6.

“There is no substitute for physical, real-world interaction,” said Samidh Chakrabarti, Facebook’s director of elections and civic engagement. “The primary thing we have learned is just how effective it is to have people in the same room all together.”

More than 20 different teams now coordinate the efforts of more than 20,000 people — mostly contractors — devoted to blocking fake accounts and fictional news and stopping other abuses on Facebook and its other services. As part of the crackdown, Facebook also has hired fact checkers, including The Associated Press, to vet new stories posted on its social network.

Facebook credits its war room and other stepped-up patrolling efforts for booting 1.3 billion fake accounts over the past year and jettisoning hundreds of pages set up by foreign governments and other agents looking to create mischief.

But it remains unclear whether Facebook is doing enough, said Angelo Carusone, president of Media Matters For America, a liberal group that monitors misinformation. He noted that the sensational themes distributed in fictional news stories can be highly effective at keeping people “engaged” on Facebook — which in turn makes it possible to sell more of the ads that generate most of Facebook’s revenue.

“What they are doing so far seems to be more about trying to prevent another public relations disaster and less so about putting in meaningful solutions to the problem,” Carusone said. “On balance, I would say they that are still way off.”

Facebook disagrees with that assessment, although its efforts are still a work in progress. Chakrabarti, for instance, acknowledged that some “bugs” prevented Facebook from taking some unspecified actions to prevent manipulation efforts in the first round of Brazil’s presidential election earlier this month. He declined to elaborate.

The war room is currently focused on Brazil’s next round of elections and upcoming U.S. midterms. Large U.S. and Brazilian flags hang on opposing walls and clocks show the time in both countries.

Facebook declined to let the media scrutinize the computer screens in front of the employees, and required reporters to refrain from mentioning some of the equipment inside the war room, calling it “proprietary information.” While on duty, war-room workers are only allowed to leave the room for short bathroom breaks or to grab food to eat at their desks.

Although no final decisions have been made, the war room is likely to become a permanent fixture at Facebook, said Katie Harbath, Facebook’s director of global politics and government outreach.

“It is a constant arms race,” she said. “This is our new normal.”

Twitter Releases Tweets Showing Russian, Iranian Attempts to Influence US Politics

On Wednesday, Twitter released a collection of more than 10 million tweets related to thousands of accounts affiliated with Russia’s Internet Research Agency propaganda organization, as well as hundreds more troll accounts, including many based in Iran.

The data, analyzed and released in a report by The Atlantic Council’s Digital Forensic Research Lab, are made up of 3,841 accounts affiliated with the Russia-based Internet Research Agency, 770 other accounts potentially based in Iran as well as 10 million tweets and more than 2 million images, videos and other media.

Russian trolls targeting U.S. politics took on personas from both the left and the right. Their primary goal appears to have been to sow discord, rather than promote any particular side, presumably with a goal of weakening the United States, the report said.

DFRlab says the Russian trolls were often effective, drawing tens of thousands of retweets on certain posts including from celebrity commentators like conservative Ann Coulter.

​Some of the tweets posted:

“Judgement Day is here. Please vote #TrumpPence16 to save our great nation from destruction! #draintheswamp #TrumpForPresident,” said a fake Election Day tweet in 2016.

“Daily reminder: Trump still hasn’t imposed sanctions on Russia that were passed 4,193 in the House and 982 in the Senate. Shouldn’t that be grounds for impeachment?” said another tweet in March of this year.

Multiple goals

The Russian operation had multiple goals, including interfering in the U.S. presidential election, polarizing online communities, and weakening trust in American institutions, according to the DFRLab.

“The thing to understand is that the Russians were equal opportunity partisans,” Graham Brookie, one of the researchers behind the analysis, told VOA News. “There was a very specific focus on specific ideological communities and specific demographics.”

Following an initial push to prevent Hillary Clinton from being elected in 2016, the analysis identified a “second wave” of fake accounts, many of which were focused on infiltrating anti-Trump groups, especially those identified with the “Resistance” movement, exploiting sensitive issues such as race relations and gun violence. These often achieved greater impact than their conservative counterparts.

“Don’t ever tell me kneeling for the flag is disrespectful to our troops when Trump calls a sitting Senator “Pocahontas” in front of Native American war heroes,” tweeted an account posing as an African-American woman named “Luisa Haynes” under the handle @wokeluisa in November 2017. The tweet garnered more than 32,000 retweets and over 89,000 likes.

“They tried to inflame everybody, regardless of race, creed, politics or sexual orientation,” the Lab noted in its analysis. “On many occasions, they pushed both sides of divisive issues.”

Iran trolling

Iran’s trolling was primarily focused on promoting its own interests, including attacking regional rivals like Israel and Saudi Arabia.

However, Iran’s trolling was less effective than the Russian posts, with most tweets getting limited responses.

This was partially because of posting styles that were less inflammatory, according to the report.

“Few of the accounts showed distinctive personalities: They largely shared online articles,” according to the report. “As such, they were a poor fit for Twitter, where personal comment tends to resonate more strongly than website shares.” Generally, many troll posts were ineffective, and “their operations were washed away in the firehose of Twitter.”

All of the accounts linked to the massive trove of tweets released by Twitter have been suspended or deleted, and the analysis notes that overall activity from suspected Russian trolls fell this year after Twitter clampdowns in September and June 2017.

But, that does not mean political trolls do not still pose a threat.

“Identifying future foreign influence operations, and reducing their impact, will demand awareness and resilience from the activist communities targeted, not just the platforms and the open source community,” according to the report.

Twitter Releases Tweets Showing Russian, Iranian Attempts to Influence US Politics

On Wednesday, Twitter released a collection of more than 10 million tweets related to thousands of accounts affiliated with Russia’s Internet Research Agency propaganda organization, as well as hundreds more troll accounts, including many based in Iran.

The data, analyzed and released in a report by The Atlantic Council’s Digital Forensic Research Lab, are made up of 3,841 accounts affiliated with the Russia-based Internet Research Agency, 770 other accounts potentially based in Iran as well as 10 million tweets and more than 2 million images, videos and other media.

Russian trolls targeting U.S. politics took on personas from both the left and the right. Their primary goal appears to have been to sow discord, rather than promote any particular side, presumably with a goal of weakening the United States, the report said.

DFRlab says the Russian trolls were often effective, drawing tens of thousands of retweets on certain posts including from celebrity commentators like conservative Ann Coulter.

​Some of the tweets posted:

“Judgement Day is here. Please vote #TrumpPence16 to save our great nation from destruction! #draintheswamp #TrumpForPresident,” said a fake Election Day tweet in 2016.

“Daily reminder: Trump still hasn’t imposed sanctions on Russia that were passed 4,193 in the House and 982 in the Senate. Shouldn’t that be grounds for impeachment?” said another tweet in March of this year.

Multiple goals

The Russian operation had multiple goals, including interfering in the U.S. presidential election, polarizing online communities, and weakening trust in American institutions, according to the DFRLab.

“The thing to understand is that the Russians were equal opportunity partisans,” Graham Brookie, one of the researchers behind the analysis, told VOA News. “There was a very specific focus on specific ideological communities and specific demographics.”

Following an initial push to prevent Hillary Clinton from being elected in 2016, the analysis identified a “second wave” of fake accounts, many of which were focused on infiltrating anti-Trump groups, especially those identified with the “Resistance” movement, exploiting sensitive issues such as race relations and gun violence. These often achieved greater impact than their conservative counterparts.

“Don’t ever tell me kneeling for the flag is disrespectful to our troops when Trump calls a sitting Senator “Pocahontas” in front of Native American war heroes,” tweeted an account posing as an African-American woman named “Luisa Haynes” under the handle @wokeluisa in November 2017. The tweet garnered more than 32,000 retweets and over 89,000 likes.

“They tried to inflame everybody, regardless of race, creed, politics or sexual orientation,” the Lab noted in its analysis. “On many occasions, they pushed both sides of divisive issues.”

Iran trolling

Iran’s trolling was primarily focused on promoting its own interests, including attacking regional rivals like Israel and Saudi Arabia.

However, Iran’s trolling was less effective than the Russian posts, with most tweets getting limited responses.

This was partially because of posting styles that were less inflammatory, according to the report.

“Few of the accounts showed distinctive personalities: They largely shared online articles,” according to the report. “As such, they were a poor fit for Twitter, where personal comment tends to resonate more strongly than website shares.” Generally, many troll posts were ineffective, and “their operations were washed away in the firehose of Twitter.”

All of the accounts linked to the massive trove of tweets released by Twitter have been suspended or deleted, and the analysis notes that overall activity from suspected Russian trolls fell this year after Twitter clampdowns in September and June 2017.

But, that does not mean political trolls do not still pose a threat.

“Identifying future foreign influence operations, and reducing their impact, will demand awareness and resilience from the activist communities targeted, not just the platforms and the open source community,” according to the report.

Twitter Releases Tweets Showing Foreign Attempts to Influence US Politics

Twitter has released a collection of more than 10 million tweets it says are related to foreign efforts to influence U.S. elections going back a decade, including many tied to Russia’s digital efforts to sow chaos and sway the 2016 election in favor of Donald Trump.

Twitter says it made the cache, which includes tweets from Iran and Russia’s state-sponsored troll farm, Internet Research Agency, available so researchers around the world could conduct their own analyses.

The non-partisan Atlantic Council’s Digital Forensic Research Lab has been looking through the collection since last week.  In a preliminary analysis posted on Medium, the online publishing platform, the Lab noted operators from Iran and Russia appeared to have targeted politically polarized groups in order to maximize divisiveness in the United States’ political scene.  

“The Russian trolls were non-partisan: they tried to inflame everybody, regardless of race, creed, politics, or sexual orientation,” the Lab noted, “On many occasions, they pushed both sides of divisive issues.”

Sifting through the collection is no small task.  The entire set, available for public download on Twitter’s news blog, encompasses spreadsheets and archived tweets from 3,841 Russian-linked accounts and 770 Iran-linked accounts.  The downloads add up to more than 450 gigabytes of data.

The micro-blogging company said in its post, “They include more than 10 million tweets and more than two million images, GIFs, videos, and Periscope broadcasts, including the earliest Twitter activity from accounts connected with these campaigns, dating back to 2009….”

Twitter has taken increasing steps to generate public goodwill over its perceived connection to Russian attempts to sway the 2016 election and its role in the spread of fake news.  In January, the company notified about 1.4 million users that they had interacted with Russia-linked accounts during the election or had followed those accounts at the time they were suspended.

 

Twitter Releases Tweets Showing Foreign Attempts to Influence US Politics

Twitter has released a collection of more than 10 million tweets it says are related to foreign efforts to influence U.S. elections going back a decade, including many tied to Russia’s digital efforts to sow chaos and sway the 2016 election in favor of Donald Trump.

Twitter says it made the cache, which includes tweets from Iran and Russia’s state-sponsored troll farm, Internet Research Agency, available so researchers around the world could conduct their own analyses.

The non-partisan Atlantic Council’s Digital Forensic Research Lab has been looking through the collection since last week.  In a preliminary analysis posted on Medium, the online publishing platform, the Lab noted operators from Iran and Russia appeared to have targeted politically polarized groups in order to maximize divisiveness in the United States’ political scene.  

“The Russian trolls were non-partisan: they tried to inflame everybody, regardless of race, creed, politics, or sexual orientation,” the Lab noted, “On many occasions, they pushed both sides of divisive issues.”

Sifting through the collection is no small task.  The entire set, available for public download on Twitter’s news blog, encompasses spreadsheets and archived tweets from 3,841 Russian-linked accounts and 770 Iran-linked accounts.  The downloads add up to more than 450 gigabytes of data.

The micro-blogging company said in its post, “They include more than 10 million tweets and more than two million images, GIFs, videos, and Periscope broadcasts, including the earliest Twitter activity from accounts connected with these campaigns, dating back to 2009….”

Twitter has taken increasing steps to generate public goodwill over its perceived connection to Russian attempts to sway the 2016 election and its role in the spread of fake news.  In January, the company notified about 1.4 million users that they had interacted with Russia-linked accounts during the election or had followed those accounts at the time they were suspended.

 

Hackers Accused of Ties to Russia Hit 3 E. European Companies: Cybersecurity Firm

Hackers have infected three energy and transport companies in Ukraine and Poland with sophisticated new malware and may be planning destructive cyber attacks, a software security firm said on Wednesday.

A report by researchers at Slovakia-based ESET did not attribute the hacking activity, recorded between 2015 and mid-2018, to any specific country but blamed it on a group that has been accused by Britain of having links to Russian military intelligence.

The report is the latest to raise suspicions in the West about Russia’s GRU spy agency, accused by London of conducting a “reckless campaign” of global cyber attacks and trying to kill a former Russian spy in England. Moscow denies the charges.

Investigators at ESET said the group responsible for a series of earlier attacks against the Ukrainian energy sector, which used malicious software known as BlackEnergy, had now developed and used a new malware suite called GreyEnergy.

ESET has helped investigate a series of high-profile cyber attacks on Ukraine in recent years, including those on the Ukrainian energy grid which led to power outages in late 2015.

Kiev has accused Moscow of orchestrating those attacks, while U.S. cybersecurity firm FireEye says a group known as Sandworm is thought to be responsible. Britain’s GCHQ spy agency said this month that BlackEnergy Actors and Sandworm are both names associated with the GRU.

“The important thing is that they are still active,” ESET researcher Robert Lipovsky told Reuters. “This shows that this very dangerous and persistent ‘threat actor’ is still active.”

Kremlin spokesman Dmitry Peskov said there was no evidence to support the allegations against the GRU and that Russia does not use cyber attacks against other countries.

“These are just more accusations. We are tired of denying them, because no one is listening,” he said.

After infection via emails laced with malicious weblinks or documents – a tactic known as “spear phishing” – or by compromising servers exposed to the internet, GreyEnergy allowed the attackers to map out their victim’s networks and gather confidential information such as passwords and login credentials, ESET said.

Lipovsky said his team then saw the hackers seek out critical parts of the companies’ systems, including computers which ran industrial control processes.

“It is my understanding that this was the reconnaissance and espionage phase, potentially leading up to cyber sabotage,” he said.

Global hacking campaign

The ESET report did not name the three companies infected in Ukraine and Poland, and Reuters was unable to identify them.

Ukraine’s Cyber Police confirmed the attacks on two Ukrainian companies but declined to give any further details. Polish authorities did not respond to requests for comment.

Ben Read, a senior manager on FireEye’s espionage analysis team, said his own work corroborated ESET’s report and that the Sandworm group was probably responsible.

The activity “is similar to the group we track as Sandworm,” he said. “And activity that we attribute to Sandworm has been named by the U.S. Department of Justice as being the GRU.”

Western countries including Britain and the United States issued a coordinated denunciation of Russia as a “pariah state” this month for what they described as a global hacking campaign run by the GRU.

GRU hackers have targeted institutions ranging from sports anti-doping bodies to a nuclear power company and the world chemical weapons watchdog, they said, as well as releasing the devastating “NotPetya” cyber worm which caused billions of dollars of damage worldwide in 2017.

The GRU, now formally known in Russia by a shorter acronym GU, is also accused by Britain of carrying out a nerve agent attack in England on former GRU officer Sergei Skripal. Moscow’s relations with the West have hit a post-Cold War low over Russia’s role in the conflicts in Ukraine and Syria.

Lipovsky and fellow ESET researcher Anton Cherepanov said the BlackEnergy attackers’ decision to upgrade to the new GreyEnergy malware may have been motivated by a need to cover their tracks and deflect attention from their activities.

The power outages triggered by the BlackEnergy attacks in Ukraine in December 2015 drew international attention and are recognised as the first blackout caused by a cyber attack.

“Threat actors need to switch up their arsenal from time to time,” Lipovsky said.

 

 

Hackers Accused of Ties to Russia Hit 3 E. European Companies: Cybersecurity Firm

Hackers have infected three energy and transport companies in Ukraine and Poland with sophisticated new malware and may be planning destructive cyber attacks, a software security firm said on Wednesday.

A report by researchers at Slovakia-based ESET did not attribute the hacking activity, recorded between 2015 and mid-2018, to any specific country but blamed it on a group that has been accused by Britain of having links to Russian military intelligence.

The report is the latest to raise suspicions in the West about Russia’s GRU spy agency, accused by London of conducting a “reckless campaign” of global cyber attacks and trying to kill a former Russian spy in England. Moscow denies the charges.

Investigators at ESET said the group responsible for a series of earlier attacks against the Ukrainian energy sector, which used malicious software known as BlackEnergy, had now developed and used a new malware suite called GreyEnergy.

ESET has helped investigate a series of high-profile cyber attacks on Ukraine in recent years, including those on the Ukrainian energy grid which led to power outages in late 2015.

Kiev has accused Moscow of orchestrating those attacks, while U.S. cybersecurity firm FireEye says a group known as Sandworm is thought to be responsible. Britain’s GCHQ spy agency said this month that BlackEnergy Actors and Sandworm are both names associated with the GRU.

“The important thing is that they are still active,” ESET researcher Robert Lipovsky told Reuters. “This shows that this very dangerous and persistent ‘threat actor’ is still active.”

Kremlin spokesman Dmitry Peskov said there was no evidence to support the allegations against the GRU and that Russia does not use cyber attacks against other countries.

“These are just more accusations. We are tired of denying them, because no one is listening,” he said.

After infection via emails laced with malicious weblinks or documents – a tactic known as “spear phishing” – or by compromising servers exposed to the internet, GreyEnergy allowed the attackers to map out their victim’s networks and gather confidential information such as passwords and login credentials, ESET said.

Lipovsky said his team then saw the hackers seek out critical parts of the companies’ systems, including computers which ran industrial control processes.

“It is my understanding that this was the reconnaissance and espionage phase, potentially leading up to cyber sabotage,” he said.

Global hacking campaign

The ESET report did not name the three companies infected in Ukraine and Poland, and Reuters was unable to identify them.

Ukraine’s Cyber Police confirmed the attacks on two Ukrainian companies but declined to give any further details. Polish authorities did not respond to requests for comment.

Ben Read, a senior manager on FireEye’s espionage analysis team, said his own work corroborated ESET’s report and that the Sandworm group was probably responsible.

The activity “is similar to the group we track as Sandworm,” he said. “And activity that we attribute to Sandworm has been named by the U.S. Department of Justice as being the GRU.”

Western countries including Britain and the United States issued a coordinated denunciation of Russia as a “pariah state” this month for what they described as a global hacking campaign run by the GRU.

GRU hackers have targeted institutions ranging from sports anti-doping bodies to a nuclear power company and the world chemical weapons watchdog, they said, as well as releasing the devastating “NotPetya” cyber worm which caused billions of dollars of damage worldwide in 2017.

The GRU, now formally known in Russia by a shorter acronym GU, is also accused by Britain of carrying out a nerve agent attack in England on former GRU officer Sergei Skripal. Moscow’s relations with the West have hit a post-Cold War low over Russia’s role in the conflicts in Ukraine and Syria.

Lipovsky and fellow ESET researcher Anton Cherepanov said the BlackEnergy attackers’ decision to upgrade to the new GreyEnergy malware may have been motivated by a need to cover their tracks and deflect attention from their activities.

The power outages triggered by the BlackEnergy attacks in Ukraine in December 2015 drew international attention and are recognised as the first blackout caused by a cyber attack.

“Threat actors need to switch up their arsenal from time to time,” Lipovsky said.