Connect with us

Tech

US closer to curbing investments in China’s AI, tech sector

US closer to curbing investments in China’s AI, tech sector

Published

on

US closer to curbing investments in China's AI, tech sector

The United States on Friday issued draft rules for banning or requiring notification of certain investments in artificial intelligence and other technology sectors in China that could threaten U.S. national security.

The U.S. Treasury Department published the proposed rules, opens new tab and a raft of exceptions after an initial comment period following an executive order signed by President Joe Biden last August.

The rules put the onus on U.S. individuals and companies to determine which transactions will be restricted or banned. 

Biden’s executive order, which directed regulation of certain U.S. investments in semiconductors and microelectronics, quantum computing and artificial intelligence, is part of a broader push to prevent U.S. know-how from helping the Chinese to develop sophisticated technology and dominate global markets.

Advertisement

The U.S. is on track to implement regulations by the end of the year as anticipated. Public comments on the proposed rules will be accepted until Aug. 4.

“This proposed rule advances our national security by preventing the many benefits certain U.S. investments provide – beyond just capital – from supporting the development of sensitive technologies in countries that may use them to threaten our national security,” said Treasury Assistant Secretary for Investment Security Paul Rosen.

Treasury said the new rules were intended to implement “a narrow and targeted national security program” focused on certain outbound investments in countries of concern.

Treasury had mapped out the contours of the proposed rules in August. The Treasury Department on Friday included additional exceptions, such as for transactions deemed to be in the U.S. national interest.

The proposed rules would ban transactions in AI for certain end uses, and involving systems trained in using a specified quantity of computing power, but would also require notification of transactions related to the development of AI systems or semiconductors not otherwise prohibited.

Advertisement

FOCUS ON CHINA, MACAU AND HONG KONG

Other exceptions would apply to publicly traded securities, such as index funds or mutual funds; certain limited partnership investments; buyouts of country-of-concern ownership; transactions between a U.S. parent company and a majority-controlled subsidiary; binding commitments that pre-date the order; and certain syndicated debt financings.

Certain third-country transactions determined to be addressing national security concerns, or in which the third country adequately addressed the national security concerns, could also be exempted, Treasury said.

The order focuses initially on China, Macau and Hong Kong, but U.S. officials have said it could be widened later.
Former Treasury official Laura Black, a lawyer at Akin Gump in Washington, said Treasury was attempting to define the scope of the rule as narrowly as possible, but it would require increased vigilance by companies seeking to invest in China.

“U.S. investors will need to engage in more extensive due diligence when making investments in China or investments involving Chinese companies that operate in the covered sectors,” she said.

Advertisement

Black said Treasury’s proposed rules were keeping U.S.-managed private equity and venture capital funds in the cross-hairs, as well as some U.S. limited partners’ investments in foreign managed funds and convertible debt.

Certain Chinese subsidiaries and parents will be covered under the rule, which would also prohibit some investments by U.S. companies in third countries, she added.

Besides equity investments, joint ventures and greenfield projects, default debt also could be captured when it becomes equity.

The regulations track restrictions on exporting certain technology to China, such as those barring shipment of certain advanced semiconductors.

The goal is to prevent U.S. funds from helping China develop its own capabilities in those areas to modernize its military. Those who violate the rules could be subject to both criminal and civil penalties, and investments could be unwound.

Advertisement

Treasury said it had engaged with U.S. allies and partners about the goals of the investment restrictions, and noted that the European Commission and United Kingdom had begun to consider whether and how to address outbound investment risks.

Tech

Three ‘pro-Russian’ hackers arrested in Spain over cyberattacks

Three ‘pro-Russian’ hackers arrested in Spain over cyberattacks

Published

on

By

Three 'pro-Russian' hackers arrested in Spain over cyberattacks

Three pro-Russian hackers have been arrested for alleged cyberattacks against Spain and other NATO countries for terrorist purposes, Spanish police said on Saturday.

The suspects were detained for their alleged participation in distributed denial of service (DDoS) cyber attacks against public institutions and strategic sectors, the Civil Guard said.

It did not say if the three suspects, who have not been named, have been charged or detained.

The cyberattacks were allegedly carried out against web pages of public and private organizations in the government sectors, critical infrastructures and essential services in countries which support Ukraine in the conflict with Russia, it said.

Advertisement

Police released a video on social media platform X of a raid at the home of one of the suspects in which a Soviet-era hammer and sickle flag was mounted on a wall.

“These computer attacks have been organized by the hacktivist group NoName057(16), (which started) after the invasion of Ukraine by Russia and (which has been) one of the most active,” the Civil Guard said in a statement.

“In their own founding manifesto, this group acknowledges that they ‘will respond proportionately in response to the hostile and openly anti-Russian actions of Western Russophobes’.”

The arrests took place in Manacor on Spain’s Balearic Island of Mallorca, and in Huelva and Seville, in southern Spain, police said. Police said the investigation was ongoing.

Advertisement
Continue Reading

Tech

Microsoft says about 8.5 million of its devices affected by CrowdStrike-related outage

Microsoft says about 8.5 million of its devices affected by CrowdStrike-related outage

Published

on

By

Microsoft says about 8.5 million of its devices affected by CrowdStrike-related outage

A global tech outage that was related to a software update by cybersecurity firm CrowdStrike affected nearly 8.5 million Microsoft devices, Microsoft said in a blog post on Saturday.

“We currently estimate that CrowdStrike’s update affected 8.5 million Windows devices, or less than one percent of all Windows machines,” it said in the blog.

A software update by global cybersecurity firm CrowdStrike, one of the largest operators in the industry, triggered systems problems that grounded flights, forced broadcasters off air and left customers without access to services such as healthcare or banking. 

“While the percentage was small, the broad economic and societal impacts reflect the use of CrowdStrike by enterprises that run many critical services,” Microsoft said in its blog post.

Advertisement

CrowdStrike has helped develop a solution that will help Microsoft’s Azure infrastructure accelerate a fix, Microsoft said, adding that it was working with Amazon Web Services and Google Cloud Platform, sharing information about the effects Microsoft was seeing across the industry.

The air travel industry was recovering on Saturday from the outage that caused thousands of flights to be cancelled, leaving passengers stranded or grappling with hours of delays as airports and airlines were caught up in the IT outage.

Delta Air Lines, one of the hardest-hit airlines, said that as of 10 a.m EDT (1400 GMT) on Saturday, more than 600 flights had been canceled, adding that additional cancellations were expected.

Advertisement
Continue Reading

Tech

Malicious actors trying to exploit global tech outage for their own gain

Malicious actors trying to exploit global tech outage for their own gain

Published

on

By

Malicious actors trying to exploit global tech outage for their own gain

As the world continues to recover from massive business and travel disruptions caused by a faulty software update from cybersecurity firm CrowdStrike, malicious actors are trying to exploit the situation for their own gain.

Government cybersecurity agencies across the globe and CrowdStrike CEO George Kurtz are warning businesses and individuals about new phishing schemes that involve malicious actors posing as CrowdStrike employees or other tech specialists offering to assist those recovering from the outage.

“We know that adversaries and bad actors will try to exploit events like this,” Kurtz said in a statement. “I encourage everyone to remain vigilant and ensure that you’re engaging with official CrowdStrike representatives.”

The UK Cyber Security Center said they have noticed an increase in phishing attempts around this event.

Advertisement

Microsoft said 8.5 million devices running its Windows operating system were affected by the faulty cybersecurity update Friday that led to worldwide disruptions.

That’s less than 1% of all Windows-based machines, Microsoft cybersecurity executive David Weston said in a blog post on Saturday.

He also said such a significant disturbance is rare but “demonstrates the interconnected nature of our broad ecosystem.” 

What’s happening with air travel?

With their tightly timed, interwoven schedules and complex technology systems, many big airlines struggle to stay on time when everything goes well. It perhaps was not surprising that the industry was among the hardest hit by the outage, with crews and planes caught out of position.

Advertisement

By mid-afternoon Saturday on the U.S. East Coast, airlines around the world had canceled more than 2,000 flights, according to tracking service FlightAware. That was down from 5,100-plus cancellations on Friday.

About 1,600 of Saturday’s canceled flights occurred in the United States, where carriers scrambled to get planes and crews back into position after massive disruptions the day before. According to travel data provider Cirium, U.S. carriers canceled about 3.5% of their scheduled flights for Saturday. Only Australia was hit harder.

Canceled flights were running at about 1% in the United Kingdom, France and Brazil and about 2% in Canada, Italy and India among major air-travel markets.

Robert Mann, a former airline executive and now a consultant in the New York area, said it was unclear exactly why U.S. airlines were suffering disproportionate cancellations, but possible causes include a greater degree of outsourcing of technology and more exposure to Microsoft operating systems that received the faulty upgrade from CrowdStrike.

Which airlines are getting hit the hardest?

Advertisement

Delta Air Lines canceled more than 800 flights, or one-fourth of its schedule for Saturday, and that number did not include Delta Connection regional flights. It was followed by United Airlines, which dropped nearly 400 flights.

The worst airport to be, for a second straight day, was Hartsfield–Jackson Atlanta International Airport, where Delta is the dominant carrier. The Atlanta Journal-Constitution reported that thousands of people spent the night at the airport, many sleeping on the floors.

European airlines and airports appeared to be recovering slowly, although Lufthansa and its affiliates canceled dozens of flights. Its Eurowings budget subsidiary said check-in, boarding, booking and rebooking flights were all available again, although “isolated disruptions” were possible.

London’s Heathrow Airport said it was busy but operating normally on Saturday and that “all systems are back up and running.” Flights at Berlin’s main airport were departing on or close to schedule, German Press Agency dpa reported, citing an airport spokesman.

How are healthcare systems holding up?

Advertisement

Health care systems affected by the outage faced clinic closures, canceled surgeries and appointments and restricted access to patient records.

Cedars-Sinai Medical Center in Los Angeles, Calif., said “steady progress has been made” to bring its servers back online and thanked its patients for being flexible during the crisis.

“Our teams will be working actively through the weekend as we continue to resolve remaining issues in preparation for the start of the work week,” the hospital wrote in a statement.

In Austria, a leading organization of doctors said the outage exposed the vulnerability of relying on digital systems. Harald Mayer, vice president of the Austrian Chamber of Doctors, said the outage showed that hospitals need analog backups to protect patient care.

The organization also called on governments to impose high standards in patient data protection and security, and on health providers to train staff and put systems in place to manage crises.

Advertisement

“Happily, where there were problems, these were kept small and short-lived and many areas of care were unaffected” in Austria, Mayer said.

The Schleswig-Holstein University Hospital in northern Germany, which canceled all elective procedures Friday, said Saturday that systems were gradually being restored and that elective surgery could resume by Monday.

Will the tech industry face a reckoning?

“I wasn’t that surprised that an accident caused severe global digital disruption. I was a little surprised that the cause of it was a software update from a very well-respected cybersecurity company,” said Oxford University management professor Ciaran Martin, a former chief executive of the U.K.’s National Cyber Security Center.

“There are some very hard questions for CrowdStrike. How on earth did this update get through quality control?” he said. “Clearly the testing regime, whatever it is, failed.”

Advertisement

Martin said governments in the U.K. and the European Union will be powerless to take steps to prevent such breakdowns “because we have become dependent on a very American version of technology, and the power to do anything about that doesn’t rest in this continent.”

Other analysts doubted that the outage would lead Washington or any other government to propose new mandates on tech companies.

“I don’t know what the mandate would be. Do better QA?” said Gartner analyst Eric Grenier, using an acronym for quality assurance.

What did scam artists learn from the outage?

Grenier expects that a majority of affected machines will be fixed in about a week, with more time needed to reach laptops used by far-flung workers because the work can’t be done remotely – it’s a hands-on operation.

Advertisement

In the meantime, there will be scammers trying to take advantage of businesses that have indicated they were affected by the outage.

“The threat is very real,” Grenier said. “Bad actors have the information to send targeted phishing emails and calls. They know what endpoint-protection tools you use. They know you use CrowdStrike.”

Grenier said affected businesses need to make sure they use a fix supplied by CrowdStrike. “Don’t accept the help of somebody coming out of the blue and saying, ‘I’ll fix that for you,’” he said.

Advertisement
Continue Reading

Trending

Copyright © GLOBAL TIMES PAKISTAN