“Big-Tech” Giant Meta Gets Hit with Massive Fine for Data Violations

Written by Julio Rivera on . Posted in Guest Articles

Most people can attest to performing a web search and seeing ads for the same product or service when they open apps like Twitter, Facebook, or TikTok. It seems that everywhere you look, there are advertisements tailored to your searches appearing on social media platforms.

The incredible amount of data that technology giants possess can be a cause for concern for many. Nowadays, the applications, websites, and devices we use on a daily basis all serve as instruments of surveillance, almost as if they were an extension of ourselves. In this digital age, our every move is being tracked and monitored.

The idea of data being collected and stored by app makers and websites can be concerning for those who prioritize their privacy. Thus, the issue arises: How do we differentiate between the necessary data collection to optimize user experience and what is considered irresponsible exploitation?

For individuals living in Europe, the General Data Protection Regulation (GDPR) is a highly important piece of legislation that ensures data security and privacy. Despite some high profile tech companies struggling to adhere to its requirements, it remains an essential framework for establishing responsible practices when handling personal data.

The European Union recently imposed a massive penalty of 390 million euros on tech giant Meta for not adhering to the General Data Protection Regulation (GDPR). This sanction was determined after France's competition authority conducted an extensive investigation into how the company utilized customer data.

The Ireland Data Protection Commission (IDPC) levied two substantial fines on Meta totaling €390 million (approximately $414 million) in connection with their targeted advertising practices based on user online behaviors. While Meta intends to dispute the penalties, a ruling is expected soon concerning its WhatsApp messaging service in India that could significantly alter the company's business model. It remains to be seen what consequences this will have.

Meta has been heavily scrutinized due to its lack of protection for user privacy and the collection of substantial amounts of personal information that it obtains without asking users for consent. This enabled Meta to get access to sensitive details like age, gender, and political views which would be nearly impossible to attain through conventional means. These actions have generated questions about the legality of their operations and raised doubts regarding the safety of their customers' data. Such practices have brought up moral concerns concerning tailored advertising and its effects on consumer privacy.

The landmark fine imposed on Meta was a clear warning to other companies that any violations of data protection laws and regulations will not be tolerated. It serves as an important reminder for businesses to prioritize user privacy and ensure responsible handling of customer information. This penalty sets a precedent for authorities to take action against any companies found in breach of data protection protocols, demonstrating the seriousness with which GDPR is taken by regulators. 

Despite initially denying any wrong-doing, Meta eventually agreed to pay the fine and has since put measures in place to ensure that user data is only collected with permission from the user. This sends a strong message to firms that attempting to gain an advantage over competitors through unethical means such as collecting personal data without permission will not be accepted.  

In response to the rampant exploitation of user data by "Big-Tech" companies, an advocacy group known as AppEsteem has created a set of standards - which they have termed "Ad Pollution Indicators" –intended to help detect when these companies have gone too far with their data collection.  According to Dennis Batchelder, President of AppEsteem, such practices are not acceptable and should not be tolerated in any business. He asserted: “Facebook’s advertisements are personalized without first obtaining explicit, informed user consent. AppEsteem believes that explicitly crosses the boundaries of what should be considered acceptable business practices. Sure, everyone wants to make money, but not at the price of sacrificing privacy regarding consumer data.” 

Personalized advertisements can be a breach of privacy, as companies may track an individual's online behavior and collect data from their device. This can lead to ads tailored to the person's interests or browsing history, which may appear useful but also intrusive and unwanted. Additionally, some services will collect personal details such as name, address, phone number and email address that could be misused or sold to third parties. Companies may also use this data to create detailed profiles for targeted advertisements and services in an effort to increase profits - known as surveillance capitalism.

The hefty fines imposed on Meta demonstrate an impending shift in the stance of "Big-Tech" towards protecting user privacy and creating a more comfortable atmosphere for social media. With a steadily increasing portion of people worldwide relying on these services for communication, one can anticipate that by 2023 this aggressive data collecting approach will be eliminated and users can have greater assurance while browsing the web. This would result in a noteworthy enhancement to the usability and security of using social media for all people.

 

Julio Rivera is a business and political strategist, Editorial Director for Reactionary Timesand a political commentator and columnist. His writing, which is focused on cybersecurity and politics, has been published by many of the most heavily trafficked websites in the world.

 

"Tik Tok", The Cyber Clock is Ticking...

Written by Julio Rivera on . Posted in Guest Articles

Publisher’s note:  Once again Julio Rivera has put a high level issue in easy to understand terms for the rest of us in a very brief read.

Julio Rivera:  Leftist American Leaders Using TikTok Are Endangering American Cyber and Data Security. 

The new legislative session began a little later than expected this year, as an anti-establishment resistance looked to block what was initially expected an easy and predestined anointing of Rep. Kevin McCarthy (R-CA) as House Speaker. 

Once the session began, several new bills, some of which really do not have any realistic chance of passing through the Democrat-controlled Senate, began to be reported by news outlets as evidence that conservative hardliners that opposed the eventual House Speaker had gained some concessions from the mainstream or “establishment” GOP as a result of their calculated early year theatrics. 

There should be no expectation that the Democrat-controlled Senate will actually look to advance a bill to President Biden’s desk that derails any portion of the so-called “Inflation Reduction Act,” nor will “uni-party” legislators on both sides of the aisle support Senator Josh Hawley’s Pelosi (Preventing Elected Leaders from Owning Securities and Investments) Act.  

But there actually is one critical issue that should resonate with all of DC, and it relates to shoring up America’s substandard cyber-defenses. If ever there was an issue where legislators of both parties and in both chambers could reach consensus, this is it.

2022 played host to countless hacking attacks and other cyber events initiated by state-sponsored hacking syndicates,  with many of the more notable attacks birthed as a part of the still-ongoing Ukraine War. 

And in the early part of 2023, we’ve already seen several significant attacks that have crippled hospitals   and compromised financial services.  Although overall ransomware attacks affecting businesses were down 61 percent in 2022,  average Americans are being targeted by literally thousands of new malware strains that are proliferating weekly.

STOP/Djvu Ransomware variants like MZQW and a steady rise in adware like Adjustable Box have placed individuals, who don’t have the luxury of an on-site IT team, in the digital crosshairs of online profiteers.

But despite the fact that the dangers associated with hacking are regularly discussed on Capitol Hill, earlier this month, a review by States Newsroom showed that a whopping 32 members of Congress, 31 Democrats and 1 independent, had TikTok accounts as of early January. 

Although there are currently no specific laws that ban lawmakers from using the app on personal devices, these legislators should know better than to risk their data getting into the hands of Chinese leadership, as laws in the communist country allow for the government to legally commandeer the data held by TikTok and its parent company, ByteDance.

Among the members of Congress reported to have still been on TikTok as of early January, about half of them either currently sit or have previously sat on committees that regularly deal with matters related to foreign affairs, the military, or national security.

Some of the more notable congressional “TikTokers” include Rep. Sheila Jackson Lee (D-TX), Rep. Alexandria Ocasio-Cortez (D-NY), Rep. Ilhan Omar (D-MN), and Sen. Cory Booker (D-NJ). In the case of Booker for example, it can be assumed that he is privy to various classified matters as a result of his seat on the Senate’s Foreign Relations Committee. Booker uses TikTok to reach his more than 329,000 followers and has tallied over 2.8 million likes.

TikTok collects user information that includes location data, contacts, and browsing histories. This data can potentially be used to physically track US officials placing them potentially in harm’s way or may possibly even subject them to foreign-based extortion plots.

The fact that this irresponsible behavior and potential danger exists only among Democrats and one Independent should not be overlooked by American voters, and these individuals must be held accountable where it matters most – the ballot box.

Additionally, with this information now coming to light as the Special Counsel Investigation into President Joe Biden’s mishandling of classified documents heats up, the Republicans seem to be getting more and more serious talking points to take into the coming 2024 election season. 

The so-called “adults in the room” have a really bad habit of repetitively compromising national security. From maintaining unsecured private servers, to selling off our strategic oil reserves, the Joe Biden classified documents scandal and now this TikTok fiasco, it is quite possible that the United States has never been in more immediate danger than this very moment in time.  

 

Julio Rivera is a business and political strategist, Editorial Director for Reactionary Times, and a political commentator and columnist. His writing, which is focused on cybersecurity and politics, has been published by many of the most heavily trafficked websites in the world.

 

 

Cyber Security, The Not So Hidden Threat

Written by Julio Rivera on . Posted in Guest Articles

Publisher’s note: Mr. Rivera is a regular contributor to The Patriots Press and this excellent article discussing cyber threats is one of the reasons why.

Julio Rivera:  2022 in Cyber: Data Breaches, Espionage, Infrastructure Attacks, and Billions in Profits for Hackers

2022 was another huge year for cyber-attacks. Although the news cycle was filled with many consequential stories related to the Ukraine War, inflation, and other major events and issues that pushed the ongoing cyber wars off the front pages, the digital dangers that exist in the "cybersphere" only grew, as governments and the private sector scrambled to stay ahead of the next major hack or data breach

These online methods of espionage, offensive digital warfare, and for-profit criminality, are a great danger because they can be used to disrupt or damage IT systems, compromise critical infrastructure networks, and commandeer sensitive data. 

They are carried out primarily by ransomware gangs and government sponsored Advanced Persistent Threat groups (APTs), though the past several years have seen a sharp rise in the utilization of Ransomware-as-a-Service, which can make anyone willing to purchase malicious code on the dark web, a hacker. 

Hacking attacks are particularly dangerous because they can originate from anywhere in the world and are very difficult to detect and stop. In addition, with the ever-increasing use of cloud computing and mobile devices, it is now easier and more convenient than ever for cybercriminals to gain access remotely to sensitive data. 

Furthermore, since most entities, both public and private, rely heavily on their computer systems for both communication and to facilitate financial transactions, it is easy for attackers to cause initiate serious disruptions through cyberattacks that may either prevent employees from accessing important data or perhaps even shut down an entire private network for days or perhaps even weeks at a time. 

That said, these are some of the more notable cyberattacks that occurred in the past 12 months:

Major Breaches Expose the Data of Millions: Although the more prominent recent headlines surrounding social media giant Twitter have revolved around the company’s acquisition by Elon Musk and the revelations regarding the burial of the October 2020 New York Post article regarding Hunter Biden’s laptop, the company was victimized by a significant data breach that affected millions of users. 

As a result of a vulnerability that was discovered in January of 2022, a hacker known by the alias ‘devil,’ was able to acquire the data of over 5.4 million Twitter users. The stolen data, which included email addresses and phone numbers from celebrities and companies, was offered for sale on the hacking forum known as BreachForums.

Student loans, which were a hot subject in the summer leading up to the 2022 midterm elections due to the Biden Administration’s ill-fated Student Loan Forgiveness Program, were at the center of another major breach that would expose the social security numbers of more than 2.5 million individuals. As a result of a cybersecurity vulnerability that was suffered by student loan servicer Nelnet Servicing, which provides technology services including a website portal to two student loan companies, Edfinancial and OSLA services, student loan registration data including names, addresses, email addresses, phone numbers and social security numbers, were accessible during June and July of 2022. 

Cyber-warfare Between Nation-States: In 2022, there was no shortage of major cyber-events between nations in what has quickly become a perpetual state online warfare over the past several years. 

The activity was related to everything from reconnaissance and espionage to attacks against infrastructure. These kinds of quasi-military cyber operations were most evident in the flurry of attacks carried out by belligerents on both sides of the Russia-Ukraine conflict, as well as other a select few other long-standing conflicts between established combatants like Israel and Iran. 

The early days of the Ukraine conflict saw an immediate spike in attacks that included the Russian-based Hermetic Wiper attacks that devastated hundreds of organizations in Ukraine by wiping out data on Windows-based computers and networks, as well as the mid-February distributed denial of service (DDoS) incidents that took place against the financial sector in Ukraine. In the months after, hacktivism groups sympathetic to the Russian cause would organize subsequent cyber-attacks via the messaging app, Telegram.

In late June, the Washington Post that Iran’s state-owned Khuzestan Steel Co. and two other steel companies were forced to halt production after suffering an Israeli cyber-attack. An Israeli hacking group claimed responsibility on social media, saying it targeted Iran’s three biggest steel companies in response to the “aggression of the Islamic Republic.”

Lastly, one of the more attention-grabbing cyber headlines of the year belonged to the Chinese Advanced Persistent Threat group APT41, who brazenly stole at least $20 million in COVID relief (Small Business Administration loans and unemployment insurance). The Secret Service told NBC News that there were more than 1,000 ongoing investigations into the defrauding of public benefits programs, and that China’s APT41 was “a notable player.”

New Espionage Tactics Target Policy Experts: When people envision espionage or spying operations, their heads fill with thoughts of James Bond type figures that talk into their watches, and shady foreign characters that work as double agents, leveraging governments against each other. But in reality, many “spying” operations are as simple as attacking a target device with a keylogger and recording online actions.

But one story reported earlier this month broke the mold for the use of targeted email phishing to commandeer insight on potential policy trends for the upcoming year. It seems now that the North Korean APT known as either Thallium or Kimsuky is targeting people who are influential in foreign governments in an effort to better understand where Western policy may be headed on NoKo.

In October, that APT targeted Daniel DePetris, a U.S.-based foreign affairs analyst. DePetris received an email purporting to be from the director of the 38 North think-tank, Jenny Town commissioning an article. But the sender was really a member of Thallium or Kimsuky. This is certainly one of the oddest stories you’ll hear regarding an attempted spying campaign.

Despite all of these stories and the fact that threats facing public and private sector entities carry the largest potential for devastation, the far majority of cyber-attacks still target individuals. Whether its new strains of ransomware that spring from some of the more prominent families like STOP/Djvu, or browser hijackers that wreak havoc on your computer by attempting to take you to dangerous sites loaded with malware, with each passing year, you are more likely to become the victim of an online attack as threats continue to proliferate in the wild. Although government organizations like the Cybersecurity and Infrastructure Security Agency (CISA) continue to invest manpower and billions of dollars towards keeping Americans safe, with wildcards like the repercussions of the Log4Shell Vulnerability still being learned, there just aren’t enough eyes available to keep all Americans safe, and 2023, much like 2022, is likely to play host to the most cyberattacks in history.

Julio Rivera is a business and political strategist, Editorial Director for Reactionary Times, and a political commentator and columnist. His writing, which is focused on cybersecurity and politics, has been published by many of the most heavily trafficked websites in the world.

 

 

When Wokeness Threatens Global Security

Written by Julio Rivera on . Posted in Guest Articles

The pronounced shortage of qualified cybersecurity personnel is a problem that the entire world is facing, and many countries are instituting new initiatives to attempt to close the workforce shortage gap as quickly as possible.

In Africa, for instance, it is said that 9 in every 10 African businesses are operating without critically needed cyber security protocols in place.

In the United States, the Biden administration announced a multi-agency program that create will hundreds of security-based registered apprenticeship programs earlier this summer. The US government hopes that the initiative will begin to help to address the critical lack of IT staffing in both the public and private sectors. The program will not come cheap however, as its $500 million price tag is being covered by the United States Commerce Department program known as the Good Jobs Challenge.

But the American left, which is seemingly more focused on the phony “wokeness” movement, has decided that their concentration within this program should center around recruitment of specifically “young people, women, and minorities,” in hopes that they become the “leaders of the next generation of cybersecurity professionals,” curiously omitting one of the largest demographic groups in the United States – white men. 

United States Commerce Secretary Gina Raimondo, who did not beat around the bush on programs intention to value diversity over merit, even went as far as to say of the program, “We’re not going to find 700,000 people if we’re only looking for white men.”

It is a disturbing sign of the times that someone who ranks as high as Raimondo would so casually make such a statement. And it displays the reality detachment that currently is afflicting the American left. Long gone is the concept of meritocracy, replaced with an obsession with artificially created diversity. This plays into the hands of cybercriminals as new threats ranging from browser hijackers to mac malware multiply to the tune of billions of dollars in profits yearly.

Seemingly on cue, Canadian liberals have decided to follow America’s lead on creating their own new cyber initiative that reeks with overtones of overt anti-male discrimination, as Rogers Cybersecure Catalyst, which is Toronto Metropolitan University's National Centre for “training, innovation and collaboration in cybersecurity,” has recently announced a new program called CyberStart Canada.

The program, which is funded by Canadian taxpayers via Public Safety Canada's Cyber Security Cooperation Program, will initially provide services and education to 700 girls and non-binary students from Ontario, Alberta and British Columbia in 2022-23 in what is being described as a “gamified environment,” and then throughout Canada the following year.

According to the eligibility requirements listed on the program’s website, “Priority in 2022 will be given to students in Ontario, Alberta or British Columbia who self-identify as girls or non-binary. Students must be over the age of 13 to participate.”

"In addition to sparking interest in cybersecurity as a career, CyberStart Canada will focus on educating young women and girls on topics such as cyber respect and kindness, safe communication and digital citizenship," according to Marco Mendicino, Minister of Public Safety. "CyberStart Canada will also be a key resource for teachers and educators, allowing them to bring cybersecurity into and outside of their classrooms, without needing any prior knowledge of cybersecurity or computer science."

The question here should be, “why is the Canadian government funding a cyber program that is intentionally discriminant to male students?” There are already several youth themed cyber programs in Canada that cater to male, female, and non-binary students. Programs like HackStudent and CyberTitan already provide a wealth of education, challenges, and opportunities for young Canadians across all demographical classifications. Why is a new publicly funded program that is long on key innovation, intentionally and overtly excluding young Canadian boys from its ranks?

Sounds disturbingly similar to the sentiments expressed by US Commerce Secretary Gina Raimondo, doesn’t it?

Public Safety Canada, which claims a mandate to keep all Canadians, not just females and those that identify as non-binary, safe from risks that include crime and terrorism, including cyber-related instances of such, has a responsibility to see that all Canadians have access to the latest education and training programs related to the critical fields of the present and future.

Especially as critical Canadian infrastructure and organizations in both the public and private sectors are constantly being threatened by increasingly brazen ransomware gangs as well as state-sponsored advanced persistent threat groups (APTs).

With the constant threats being posed by cyber powers like Russia, China, Iran, and North Korea, only expected to continue to quickly grow over the next several years, the prevalent attitude surrounding governments and academia globally should be one of “all hands of deck” regarding the training of the next generation of security professionals. Because to put it bluntly, the digital realm of 1’s and 0’s cares little about the world of X and Y gender determination. 

Julio Rivera is a business and political strategist, the Editorial Director for Reactionary Times, and a political commentator and columnist. His writing, which is focused on cybersecurity and politics, has been published by numerous websites and he is regularly seen on National and International news programming.

 

 

 

 

 

Tucker Carrying The Waters Bucket

Written by David DiCrescenzo on . Posted in Guest Articles

Publisher’s note:  I came across this post on FB on Friday evening and believe the author, Marshall M. Becker, a man I do not know, did an outstanding job of expressing what a lot of people are rightfully thinking and talking about in response to Tucker Carlson hosting Roger Waters on his show.  With his kind permission, I am reposting it on this platform.

Mr. Waters is a notorious anti-Semite, and to allow him or anyone of his ilk any airtime and shine some sort of positive light on himself is very “Goebbelesque” and everyone associated with that segment needs to do some serious soul searching.  It leaves me wondering if they might be lining up David Dukes, members of “the squad” or maybe the likes of Nihad Awad just to be “fair and balanced”.  Really poor decision making on the part of Tucker and all concerned...!  

Marshall M. Becker: Shame on Fox News and in particular Tucker Carlson. At the end of an otherwise great show tonight he had the irrationally anti-Semitic rock star Roger Waters on as a guest to discuss the Julian Assange case. Tucker gave this psychotic Jew-hater a platform to promote himself as a humanitarian and source of rational information by commenting on the Assange case. It legitimizes this scum bag who puts a Star of David on a pig floating over his performances. As if Tucker, his producers, and Fox could find no other informed advocates for Assange’s side of the case.

Roger Water’s inability to master basic facts and realities regarding the Israel-Palestinian conflict are proof of his Jew-hate. He ignores endless terrorism and human rights abuses by not only Palestinians but worldwide to focus on the only and tiny Jewish state.  Israel is a democratic nation with religious freedom, press freedom, gay rights and professions open to all citizens. Israel has Arab and Muslim judges (including one on its Supreme Court) and professors and property owners, and national team athletes and IDF officers including a General. Its universities, hospitals are open to all of its people.

By putting Waters on your program for any subject of political and human rights affairs or even his music is an act of legitimizing his warped analyses on all topics he might opine upon.

I am disappointed in Mr. Carlson’s judgment. I have been a regular viewer but I can live without a show that would put a mini Goebbels on the air to opine on any issue.

I know many people who share my opinion. You might check social media to see the fallout and scope of your self-inflicted wounds.