A submarine on a tourism expedition to explore the wreckage of the Titanic has gone missing off the coast of southeastern Canada, according to the private company that operates the vessel.

OceanGate Expeditions said in a brief statement on Monday that it was “mobilizing all options” to rescue those on board the vessel. It was not immediately clear how many people were missing.

The U.S. Coast Guard did not immediately respond to requests for comment. Media reports said the Coast Guard has launched search-and-rescue operations.

“We are deeply thankful for the extensive assistance we have received from several government agencies and deep sea companies in our efforts to reestablish contact with the submersible,” OceanGate said in a statement.

The company is currently operating its fifth Titanic “mission” of 2023, according to its website, which was scheduled to start last week and finish on Thursday.

The expedition, which costs $250,000 per person, starts in St. John’s, Newfoundland, before heading out approximately 400 miles into the Atlantic to the wreckage site, according to OceanGate’s website.

In order to visit the wreck, passengers climb inside Titan, a five-person submersible, which takes about two hours to descend to the Titanic.

The British passenger ship famously sunk in 1912 on its maiden voyage after striking an iceberg, killing more than 1,500 people. The story has been immortalized in non-fiction and fiction books as well as the 1997 blockbuster movie “Titanic.”

 
…

The Dutch government is soon to join the United States and Japan in rolling out new semiconductor export control measures aimed at keeping sensitive technology away from China due to concern for potential misuse, the country’s economic affairs minister told reporters on a visit to Washington.

The measures are likely to further restrict sales to China by Netherlands-based ASML, maker of the world’s most advanced chip-printing machines, which last year disclosed the “unauthorized misappropriation of data” by a now former employee in China.

The United States in October 2022 announced its own export control measures affecting advanced computing integrated circuits and certain semiconductor manufacturing items.

The U.S. said the measures were aimed at items that “could provide direct contributions to advancing military decision making” such as “designing and testing weapons of mass destruction (WMD), producing semiconductors for use in advanced military systems, and developing advanced surveillance systems that can be used for military applications and human rights abuses.”

The U.S. subsequently asked allies including Japan and the Netherlands, which play key roles in the semiconductor supply chain, to introduce similar measures.

“The main concern is [the chip-making technology] will be used in military products,” Micky Adriaansens, Netherlands’ minister of economic affairs and climate, told a group of journalists on June 8 at the Dutch Embassy in Washington.

Adriaansens acknowledged that the negotiations with Washington have not been easy.

“To be honest, the conversation has been intense, and is still intense,” she said. “But we agreed already upon the main issues, with a good [mutual] understanding of what is the right thing to do.”

Adriaansens said those understandings still have to be translated into regulations but that her country understands the importance of the measures.

“We realize that we, the U.S., the Netherlands, Japan and Korea, are very strong in the semicon[ductor] value chain, supply chain, and we have a responsibility there,” the minister said, echoing a statement made by Japan’s trade minister in March.

Japan also takes steps

Tokyo announced its own measures on March 31, saying that beginning in July, Japan will restrict 23 types of semiconductor manufacturing equipment from being exported to China. “We are fulfilling our responsibility as a technological nation to contribute to international peace and stability,” Minister of Economy, Trade and Industry Yasutoshi Nishimura told reporters.

At the center of the Netherlands’ semiconductor export control deliberations is ASML, a Dutch company with its headquarters in Veldhoven, about an hour and a half’s drive southeast of Amsterdam. The company was known as Advanced Semiconductor Materials Lithography in its early years but is now known as ASML.

Europe’s biggest high-tech firm by market capitalization, ASML is the world’s largest supplier of photolithography machines, which are used to produce computer chips.

Its flagship products are the EUV, or extreme ultraviolet, and DUV, or deep ultraviolet, lithography machines that use advanced light technology to shrink and then print tiny patterns down to the nanometer level on silicon wafers, a critical and essential component of the semiconductor manufacturing process.

Since 2019, ASML’s world-exclusive EUV machines have been on the Netherlands’ export control list, meaning they cannot be sold to China without government approval. In a statement issued in March, the company said it understood that the new export controls could be applied to its less-advanced DUV machines and other products as well.

While Taiwan is its top customer, ASML has more than 1,000 employees working in 12 office buildings in major Chinese cities including Beijing, Shanghai and Shenzhen. Last year, sales to China made up 14% of the company’s total net systems sales.

In its 2022 annual report, released on February 15 this year, the company disclosed that it had experienced “unauthorized misappropriation of data relating to proprietary technology by a (now) former employee in China.” The incident may have led to the violation of certain export control regulations, the report said.

The company said a comprehensive internal review has since been launched, but the nature and extent of the data that was misappropriated has not been publicly disclosed.

Report mentions possible leak

Another possible leak of the company’s proprietary information that happened in China was disclosed in the previous year’s annual report.

“Early in 2021, we became aware of reports that a company associated with XTAL, Inc., against which ASML had obtained a damage award for trade secret misappropriation in 2019 in the USA, was actively marketing products in China that could potentially infringe on ASML’s IP rights,” said the 2021 report.

The second company was identified as Beijing-based DongFang JingYuan Electron, which was established in 2014 at about the same time as XTAL and controlled by the same people.

ASML’s annual report said the company had shared its concerns with the Chinese authorities and was monitoring the situation closely.

In its case against XTAL, ASML told the court that a former Chinese employee working at an ASML subsidiary in the United States had stolen 2 million lines of source code for critical software. It said the theft was conducted on behalf of both XTAL and DongFang.

ASML’s representatives told the court that it took XTAL only two years to replicate a technology that ASML had spent $100 million and a decade developing, as first reported by Bloomberg. XTAL, which ASML’s attorneys described in court proceedings as essentially the same as DongFang JingYuan, then tried to sell the technology to South Korea-based Samsung, a longtime client of ASML.

In late March, ASML CEO Peter Wennink met with China’s newly installed minister of commerce in Beijing. China is “firmly committed to high-level openness, willing to create favorable conditions for multinationals such as ASML to do business in China,” Wang Wentao, the newly minted commerce minister, told the visiting CEO.

“We hope ASML will affirm and strengthen its confidence in trading and investing in China and make proactive contributions to Sino-Dutch collaboration in trade and economics,” Wang continued.

It isn’t clear whether the two sides discussed the intellectual property infringement issues described in ASML’s 2021 and 2022 annual reports or if they did, what remedies Beijing may have proposed.

‘Relentless pursuit’

Asked how the company plans to fend off future attempts to steal its trade secrets, a company spokesperson told VOA that ASML is committed to “relentless pursuit of individuals or entities that violate or threaten to violate our [intellectual property] in any way.”

While less well known for semiconductor manufacturing than Taiwan Semiconductor Manufacturing Corp. or U.S.-based Intel, ASML is often viewed as Europe’s most valuable high-tech company, likely key to the Netherlands’ winning the bid to be the seat of NATO’s newly established Innovation Fund.
…

In early June, sporadic but serious service disruptions plagued Microsoft’s flagship office suite — including the Outlook email and OneDrive file-sharing apps — and cloud computing platform. A shadowy hacktivist group claimed responsibility, saying it flooded the sites with junk traffic in distributed denial-of-service attacks.

Initially reticent to name the cause, Microsoft has now disclosed that DDoS attacks by the murky upstart were indeed to blame.

But the software giant has offered few details — and did not immediately comment on how many customers were affected and whether the impact was global. A spokeswoman confirmed that the group that calls itself Anonymous Sudan was behind the attacks. It claimed responsibility on its Telegram social media channel at the time. Some security researchers believe the group to be Russian.

Microsoft’s explanation in a blog post Friday evening followed a request by The Associated Press two days earlier. Slim on details, the post said the attacks “temporarily impacted availability” of some services. It said the attackers were focused on “disruption and publicity” and likely used rented cloud infrastructure and virtual private networks to bombard Microsoft servers from so-called botnets of zombie computers around the globe.

Microsoft said there was no evidence any customer data was accessed or compromised.

While DDoS attacks are mainly a nuisance — making websites unreachable without penetrating them — security experts say they can disrupt the work of millions if they successfully interrupt the services of a software service giant like Microsoft on which so much global commerce depends.

It’s not clear if that’s what happened here.

“We really have no way to measure the impact if Microsoft doesn’t provide that info,” said Jake Williams, a prominent cybersecurity researcher and a former National Security Agency offensive hacker. Williams said he was not aware of Outlook previously being attacked at this scale.

“We know some resources were inaccessible for some, but not others. This often happens with DDoS of globally distributed systems,” Williams added. He said Microsoft’s apparent unwillingness to provide an objective measure of customer impact “probably speaks to the magnitude.”

Microsoft dubbed the attackers Storm-1359, using a designator it assigns to groups whose affiliation it has not yet established. Cybersecurity sleuthing tends to take time — and even then can be a challenge if the adversary is skilled.

Pro-Russian hacking groups including Killnet — which the cybersecurity firm Mandiant says is Kremlin-affiliated — have been bombarding government and other websites of Ukraine’s allies with DDoS attacks. In October, some U.S. airport sites were hit. Analyst Alexander Leslie of the cybersecurity firm Recorded Future said it’s unlikely Anonymous Sudan is located as it claims in Sudan, an African country. The group works closely with Killnet and other pro-Kremlin groups to spread pro-Russian propaganda and disinformation, he said.

Edward Amoroso, NYU professor and CEO of TAG Cyber, said the Microsoft incident highlights how DDoS attacks remain “a significant risk that we all just agree to avoid talking about. It’s not controversial to call this an unsolved problem.”

He said Microsoft’s difficulties fending of this particular attack suggest “a single point of failure.” The best defense against these attacks is to distribute a service massively, on a content distribution network for example.

Indeed, the techniques the attackers used are not old, said U.K. security researcher Kevin Beaumont. “One dates back to 2009,” he said.

Serious impacts from the Microsoft 365 office suite interruptions were reported on Monday June 5, peaking at 18,000 outage and problem reports on the tracker Downdetector shortly after 11 a.m. Eastern time.

On Twitter that day, Microsoft said Outlook, Microsoft Teams, SharePoint Online and OneDrive for Business were affected.

Attacks continued through the week, with Microsoft confirming on June 9 that its Azure cloud computing platform had been affected.

On June 8, the computer security news site BleepingComputer.com reported that cloud-based OneDrive file-hosting was down globally for a time.

Microsoft said at the time that desktop OneDrive clients were not affected, BleepingComputer reported.
…

The first large-scale battery to be built at an Australian coal site has been switched on in Victoria’s Latrobe Valley, east of Melbourne.

The 150-megawatt battery is at the site of the former Hazelwood power station in the southern Australian state of Victoria. The station was built in the 1960s and closed in 2017.

The new battery was officially opened Wednesday and has the ability to power about 75,000 homes for an hour during the evening peak. The decommissioned coal plant produced 10 times more electricity, but the battery’s operators aim to increase its generating capacity over time.

The Latrobe Valley has been the center of Victoria’s coal-fired power industry for decades, but the region is changing.

The new battery will store power generated by offshore wind farms and is run by the French energy giant Engie, and its partners Eku Energy and Fluence.

Engie chief executive Rik De Buyserie told reporters it is an important part of Australia’s green energy future.

“The commissioning of this battery represents a key milestone in this journey and marks an important step in the transition of the La Trobe Valley from a thermal energy power to a clean energy power provider,” he said.

The state of Victoria aims to have at least 2.6 gigawatts of battery storage connected to the electricity grid by 2030 and 6.3 gigawatts by 2035.

Lily D’Ambrosio, Victoria’s minister for climate action, energy and resources, told reporters that the state government is committed to boosting its renewable energy sector.

“It is important that we just do not sit around waiting for old technology to disappear, close down, but we actually get in front of it and make sure that we have more than sufficient supply to meet our needs,” she said. “That is what keeps downward pressure on prices.”

Australia has legislated a target to cut carbon emissions by 43% from 2005 levels by 2030 and to achieve net zero emissions by 2050.

Electricity generation in Australia is still dominated by coal and gas but there is a distinct shift to renewable sources of power.

In April the Clean Energy Council, an industry association, said that clean energy accounted for 35.9% of Australia’s total electricity generation in 2022, up from 32.5% in 2021.
…

U.S. security officials say the U.S. Energy Department and several other federal agencies have been hacked by a Russian cyber-extortion gang.

Homeland Security officials said Thursday the agencies were caught up in the hacking of MOVEit  Transfer, a file-transfer program that is popular with governments and corporations.

The Energy Department said two of its entities were “compromised” in the hack.

The Russia-linked extortion group CI0p, which claimed responsibility for the hacking, said last week on the dark web site that its victims had until Wednesday to negotiate a ransom or risk having sensitive information dumped online.  It added that it would delete any data stolen from governments, cities and police departments.

Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, said while the intrusion was “largely an opportunistic one” that was superficial and caught quickly, her agency was “very concerned about this campaign and working on it with urgency.”

Reuters reports that the Britain’s Shell Oil Company, the University of Georgia, Johns Hopkins University and the Johns Hopkins Health System were also among those targeted in the hacking campaign. The Associated Press quoted a senior CISA official as saying U.S. military and intelligence agencies were not affected.

MOVEit said it is working with the federal agencies and its other customers to help fix their systems.

Information for this report was provided by The Associated Press and Reuters.  
…

An announcement by YouTube that it will no longer remove content containing misinformation on the U.S. 2020 presidential election has some experts divided.

In a June blog post, YouTube said it was ending its policy — enforced since December 2020 — that removed tens of thousands of videos that falsely claimed the 2020 election was impaired by “widespread fraud, errors or glitches.”

“We find that while removing this content does curb some misinformation, it could also have the unintended effect of curtailing political speech without meaningfully reducing the risk of violence or other real-world harm,” the post said.

The Google-owned platform says the move is to support free speech, but some experts in tech and disinformation say it could allow harmful content to again be easily shared.

“The message that YouTube is sending is that the election denial crowd is now welcome again on YouTube and can resume its campaign of undermining trust in American elections and democratic institutions,” said Paul Barrett, deputy director at New York University’s Stern Center for Business and Human Rights.

But others say the policy caused “legitimate” content to be removed and that the core issue is a wider societal problem, not something confined to YouTube.

YouTube’s other election misinformation policies remain unchanged, the platform said.

These include prohibiting content aimed at misleading people about the time and place for voting and claims that could significantly discourage voting.

Google spokesperson Ivy Choi told VOA in an email that the company has “nothing to add beyond what we shared in our blog post.”

Still, some U.S. lawmakers and experts are concerned about how harmful content circulates on YouTube.

Representative Zoe Lofgren, who sat on the House January 6 committee, said the idea that election denial disinformation is “no longer harmful — including that they do not increase the risk of violence — is simply wrong.”

“The lies continue to have a dramatic impact on our democracy and on the drastic increase in threats faced by elected officials at all levels of government,” Lofgren told VOA in an emailed statement.

Lofgren, a Democrat from California, added that YouTube’s parent company Alphabet should reconsider its decision.

Justin Hendrix, founder and editor of the nonprofit website Tech Policy Press, questioned whether YouTube’s policy had even been successful.

“There is, to me, a bigger question about whether YouTube was ever really effectively removing information that promoted false claims about the 2020 election,” Hendrix told VOA. “I wonder whether this is a capitulation to the reality that the company was never able to effectively take action against false claims in the 2020 election.”

YouTube is one of the most popular social media platforms in the United States, and it has over 2 billion users around the world.

But despite the platform’s popularity, it has escaped the level of scrutiny given to Twitter and Facebook, according to Barrett. The main reason: the difficulty in analyzing videos in bulk.

YouTube is the main place people go for videos on innocuous things like how to fix your car or do your makeup, said Barrett. “But it’s also the go-to place for video for people with extreme political ideas,” he added.

Videos on YouTube amplified the false narratives that the 2020 election was rigged and that the entire American election system is corrupt, according to a 2022 report Barrett and Hendrix co-authored, A Platform ‘Weaponized’: How YouTube Spreads Harmful Content – And What Can Be Done About It.

Election misinformation was also cited by the January 6 committee as it investigated the circumstances that resulted in a mob of former President Donald Trump’s supporters storming the U.S. Capitol on the day the election results were due to be certified.

In a report on the insurrection, the committee said the platform “included efforts to boost authoritative content” and that it “labeled election fraud claims — but did so anemically.”

Some free-speech experts like Jennifer Stisa Granick, the surveillance and cybersecurity counsel at the American Civil Liberties Union, believe the policy change is good.

“There have been some legitimate discussions about voting and the legitimacy of the election that have been adversely impacted” under the former policy, Granick said.

“Election disinformation was not spread by YouTube or other online platforms, but by [Trump] himself. And the misinformation that circulates online is a drop in the bucket compared to what the [former] president of the United States says,” Granick said.

The bigger problem, she said, is that for some political candidates, “election denial is a fundamental part of their campaigns.”

People who complain that YouTube is evading its responsibility are “looking to the platform to solve a social and political problem that the United States has,” Granick said.

Roy Gutterman, director of the Tully Center for Free Speech at Syracuse University, believes any policy that openly fosters free speech is worthwhile.

“But calls to violence, which may accompany some of this discourse, would still not be protected,” Gutterman told VOA.

Barrett, however, is concerned that the reversal creates the potential for YouTube to be exploited.

The broader effect, Barrett said, “is the erosion of trust more generally” — not just in American elections.

Studies have shown that exposure to misinformation and disinformation is tied to lower trust in the media.

The YouTube policy change is hardly the main cause of that process, Barrett said, but it’s a contributing factor.

The policy change comes as several major social media companies face criticism for failing to quell election misinformation and disinformation on their platforms. The recent development with YouTube is part of a broader trend in the tech industry, according to Hendrix.

“I’m concerned that we’re seeing across the board almost a kind of throwing up the hands around some of these issues,” he said, pointing to staff layoffs, including those in trust and safety departments.

All of these factors contribute to “an erosion of even more than democracy,” Barrett said. “That’s an erosion of the social connections that hold society together.”
…

Suspected state-backed Chinese hackers used a security hole in a popular email security appliance to break into the networks of hundreds of public and private sector organizations globally, nearly a third of them government agencies including foreign ministries, the U.S. cybersecurity firm Mandiant said Thursday.

“This is the broadest cyber espionage campaign known to be conducted by a China-nexus threat actor since the mass exploitation of Microsoft Exchange in early 2021,” Charles Carmakal, Mandiant’s chief technical officer, said in an emailed statement. That hack compromised tens of thousands of computers globally.

In a blog post Thursday, Google-owned Mandiant expressed “high confidence” that the group exploiting a software vulnerability in Barracuda Networks’ Email Security Gateway was engaged in “espionage activity in support of the People’s Republic of China.” It said the activity began as early as October.

The hackers sent emails containing malicious file attachments to gain access to targeted organizations’ devices and data, Mandiant said. Of those organizations, 55% were from the Americas, 22% from the Asia Pacific region and 24% from Europe, the Middle East and Africa, and they included foreign ministries in Southeast Asia and foreign trade offices and academic organizations in Taiwan and Hong Kong. the company said.

Mandiant said the majority impact in the Americas may partially reflect the geography of Barracuda’s customer base.

Barracuda announced on June 6 that some of its email security appliances had been hacked as early as October, giving the intruders a back door into compromised networks. The hack was so severe that the California company recommended fully replacing the appliances.

After discovering it in mid-May, Barracuda released containment and remediation patches, but the hacking group, which Mandiant identifies as UNC4841, altered its malware to try to maintain access, Mandiant said. The group then “countered with high-frequency operations targeting a number of victims located in at least 16 different countries.”

Blinken trip

Word of the breach comes as U.S. Secretary of State Antony Blinken departs for China this weekend as part of the Biden administration’s push to repair deteriorating ties between Washington and Beijing.

His visit had initially been planned for early this year but was postponed indefinitely after the discovery and shootdown of what the U.S. said was a Chinese spy balloon over the United States.

Mandiant said the targeting at both the organizational and individual account levels focused on issues that are high policy priorities for China, particularly in the Asia Pacific region. It said the hackers searched for email accounts of people working for governments of political or strategic interest to China at the time they were participating in diplomatic meetings with other countries.

In an emailed statement Thursday, Barracuda said about 5% of its active Email Security Gateway appliances worldwide showed evidence of potential compromise. It said it was providing replacement appliances to affected customers at no cost.

The U.S. government has accused Beijing of being its principal cyber espionage threat, with state-backed Chinese hackers stealing data from both the private and public sector.

In terms of raw intelligence affecting the U.S., China’s largest electronic infiltrations have targeted OPM, Anthem, Equifax and Marriott.

Earlier this year, Microsoft said state-backed Chinese hackers have been targeting U.S. critical infrastructure and could be laying the technical groundwork for the potential disruption of critical communications between the U.S. and Asia during future crises.

China says the U.S. also engages in cyber espionage against it, hacking into computers of its universities and companies.
…