Just weeks after a major American oil pipeline was struck by hackers, a cyberattack hit the world’s largest meat supplier. What next? Will these criminals target hospitals and schools? Will they start going after US cities, governments—and even the military?
In fact, all of these have been hit by ransomware already. While the onslaught we’ve seen in the last month feels new, hackers holding services hostage and demanding payments has been a huge business for years. Dozens of American cities have been disrupted by ransomware, while hospitals were hit by attacks even during the depths of the pandemic. And in 2019, the US military was targeted. But that doesn’t mean what we’re seeing now is just a matter of awareness. So what’s different now?
It’s the result of inaction
You cannot explain the metastasizing of the ransomware crisis without examining years of American inaction. The global ransomware crisis grew to incredible proportions during the Donald Trump presidency. Even as US critical infrastructure, cities, and oil pipelines were hit, the Trump administration did little to address the problem, and it went ignored by most Americans.
The ransomware boom started at the tail end of the Obama White House, which approached it as part of its overall cybercrime response. That involved putting agents on the ground around the world to score tactical wins in countries that were otherwise uncooperative, but defense against such attacks fell down the list of priorities under Trump even as ransomware itself boomed.
Today, the Biden administration is making an unprecedented attempt to tackle the problem. The White House has said that the hackers behind both the Colonial Pipeline and JBS ransomware attacks are based in Russia, and have current efforts involving Homeland Security and the Justice Department But while President Biden plans to discuss the attacks in an upcoming summit with Vladimir Putin on June 16, the problem goes deeper than just relationships between two countries.
It’s also the result of new tactics
When the ransomware industry was taking off half a decade ago, the business model for such attacks was fundamentally different—and far simpler. Ransomware gangs started out by indiscriminately infecting vulnerable machines without much care for exactly what they were doing or who they were targeting.
Today, the operations are much more sophisticated and the payouts are much higher. Ransomware gangs now pay specialist hackers to go “big game hunting” and seek out massive targets that can pay out huge ransoms. The hackers sell the access to the gangs, who then carry out the extortion. Everyone gets paid so handsomely that it’s become increasingly irresistible—especially because the gangs typically suffer no consequences.
There’s safe harbor for criminals
That leads to the next dimension of the problem: The hackers work from countries where they can avoid prosecution. They operate massive criminal empires and remain effectively immune to all attempts to rein them in. This is what Biden will bring up to Putin in the coming weeks.
The problem extends beyond Russia and, to be clear, it’s not as simple as Moscow directing hackers. But the Kremlin’s tolerance of cybercriminals—and sometimes even direct cooperation with them—is a real contributor to the booming criminal industry. To change that, America and other countries will have to work together to confront nations who otherwise see no problem with US hospitals and pipelines being held for ransom. The safe harbor for cybercriminals, combined with the mostly unregulated cryptocurrency used to facilitate the crime, has made it very favorable for the hackers.
And we’re all more connected and insecure than ever
And then there is the unavoidable fact that weak cybersecurity combined with ubiquitous connectivity equals increasingly vulnerable targets. Everything in America—from our factories to our hospitals—is connected to the internet, but a lot of it is not adequately secured.
Globally, the free market has repeatedly failed to solve some of the world’s biggest cybersecurity problems. This may be because the ransomware crisis is a problem at a scale that no private sector can solve alone.
As ransomware and cybercrime increasingly becomes a national security threat—and one that risks harming human beings, as in the case of attacks against hospitals—it’s become clear that government action is required. And so far officials from the world’s most powerful nations have chiefly succeeded in watching the disaster unfold.
Instead, what must happen to change this is a global partnership between countries and companies to take ransomware head on. There is momentum to change the status quo, including a major recent cybersecurity executive order out of the White House. But the work is only beginning.
Audio Postcard: Real-time farming
Pinot Grigio actually makes a white wine and it’s won a few varieties in California that, uh, is a pretty common variety that actually we make purple grapes that make a white wine. So my name is Dirk Heuvel and I’m the VP of vineyard operations here at McManis family vineyards.
My family actually kind of set roots here, actually farming almonds. And some people say almonds, we say in Ripon, and we say, say, almonds.
I feel like, if it was like my dad or my grandpa trying to adopt this technology, absolutely. I think there’d be a huge culture shock there for them. I still think they don’t quite understand it, but they’re seeing the results of it. So I think that’s the most important thing—that we’re able to show them that it is working and how it’s working for us.
I will say today, I feel that we’re growing better quality grapes than we were 30 years ago. Just adapting a lot of this aerial imagery, modern irrigation technology, running drip system technology, you know, being able to fertilize through drip systems. And you can actually look at the imaging on your phone and you can actually pinpoint go out and walk to a specific vine. You know, that might be a vine that died, that shows up on the aerial imaging. You can use the technology and, and walk right into a specific area. Just being able to identify areas, you know, using GPS. We can have field checkers go through the field now and on their app, they’re able to actually drop and pinpoint where we might have mite issues where we might have, you know, leafhopper issues, areas that need to get treated. And that actually allows us to go through and just cite specific treat. Instead of treating an entire vineyard block, we’re able to just treat specific areas.
Jennifer: It was only what like five, seven years ago, it was half of farm workers weren’t using smartphones.
Dirk Heuvel: Yeah.
Jennifer: So, if people are dropping pins that’s…
Dirk Heuvel: Yeah. You know, 30 years ago, in order to make a phone call, you’d have to drive in a, in a town or go to your house to call your irrigator to do stuff. And now it’s, this is almost, it’s like real time farming. Now we can make decisions on the fly. And one of the big advantages to using variable rate applications is that you’re only applying the amount of nutrients or amendments that are needed for a specific area. So before we adapted this variable rate technology, we would drive down a row and we would put a consistent amount of amendments, whether it be gypsum, lime, soil, sulfur, we would apply that amount evenly throughout the entire vineyard block. Now we realize going through and using this variable rate technology is that we might cut the, the amendments that are needed by 20 to 30% on a specific vineyard block, just by applying the correct amounts of nutrients where they’re needed and not overlying where they’re not needed
The Download: dual-driving AI, and Russia’s Telegram propaganda
This is today’s edition of The Download, our weekday newsletter that provides a daily dose of what’s going on in the world of technology.
This startup’s AI is smart enough to drive different types of vehicles
The news: Wayve, a driverless-car startup based in London, has made a machine-learning model that can drive two different types of vehicle: a passenger car and a delivery van. It is the first time the same AI driver has learned to drive multiple vehicles.
Why it matters: While robotaxis have made it to a handful of streets in Phoenix and San Francisco, their success has been limited. Wayve is part of a new generation of startups ditching the traditional robotics mindset—where driverless cars rely on super-detailed 3D maps and modules for sensing and planning. Instead, these startups rely entirely on AI to drive the vehicles.
What’s next: The advance suggests that Wayve’s approach to autonomous vehicles, in which a deep-learning model is trained to drive from scratch, could help it scale up faster than its leading rivals. Read the full story.
—Will Douglas Heaven
Russia’s battle to convince people to join its war is being waged on Telegram
Putin’s propaganda: When Vladimir Putin declared the partial call-up of military reservists on September 21, in a desperate effort to try to turn his long and brutal war in Ukraine in Russia’s favor, he kicked off another, parallel battle: one to convince the Russian people of the merits and risks of conscription. And this one is being fought on the encrypted messaging service Telegram.
Opposing forces: Following the announcement, pro-Kremlin Telegram channels began to line up dutifully behind Putin’s plans, eager to promote the idea that the war he is waging is just and winnable. But whether this vein of propaganda is working is far from certain. For all the work the government is doing to try to control the narrative, there’s a vibrant opposition on the same platform working to undermine it—and offering support for those seeking to dodge the draft. Read the full story.
NASA’s DART mission is on track to crash into an asteroid today
NASA’s Double Asteroid Redirection Test spacecraft, or DART, is on course to collide with the asteroid Dimorphos at 7.14pm ET today. Though Dimorphos is not about to collide with Earth, DART is intended to demonstrate the ability to deflect an asteroid like it that is headed our way, should one ever be discovered.
Read more about the DART mission, and how the crash is likely to play out.
I’ve combed the internet to find you today’s most fun/important/scary/fascinating stories about technology.
1 The US says Russia will face catastrophe if it uses nuclear weapons
It’s hard to know whether Putin’s threat is a bluff—or deadly serious. (The Guardian)
+ Ukrainian president Volodymyr Zelensky thinks it is very real. (CNBC)
+ What is the risk of a nuclear accident in Ukraine? (MIT Technology Review)
2 YouTube wants to lure creators away from TikTok with cash
But it won’t say how much. (MIT Technology Review)
3 Germany’s zero-tolerance for hate speech is a double-edged sword
While the threat of fines disincentivizes some perpetrators, activists worry that too many people are being targeted. (NYT $)
+ Misinformation is already shaping US voters’ decisions ahead of November’s midterms. (NYT $)
4 Why even the largest companies are vulnerable to hacking
A zero-trust approach is helpful, but will only take you so far. (WSJ $)
+ Hackers can disrupt image-recognition systems using radio waves. (New Scientist $)
+ Microsoft is optimistic that AI can root out bad actors. (Bloomberg $)
+ The hacking industry faces the end of an era. (MIT Technology Review)
6 Fighting climate change extends beyond kicking corporations
A more nuanced approach could be required to speed up the transition to cleaner energy. (The Atlantic $)
+ Global wildfires mean that snow is melting quicker than usual. (Slate $)
+ Disaster insurance is increasingly tricky to navigate. (Knowable Magazine)
+ Carbon removal hype is becoming a dangerous distraction. (MIT Technology Review)
7 Crypto’s fired workers don’t know what to do next
But plenty of them haven’t let their experiences put them off the sector. (The Information $)
+ Interpol has issued a red notice for Terraform Labs’ co-founder Do Kwon. (Bloomberg $)
9 Why neuroscience is making a comeback
Some experts are convinced that making neurology and psychiatry departments work closer together is long overdue. (Economist $)
10 How plant-based meat fell out of fashion
Evangelists are convinced the nascent industry is merely experiencing teething problems. (The Guardian)
+ Your first lab-grown burger is coming soon—and it’ll be “blended”. (MIT Technology Review)
Quote of the day
“There’s definitely the boys’ club that still exists.”
—Taryn Langer, founder of public relations firm Moxie Communications Group, tells the New York Times about her frustrations at the sexist state of the tech industry.
The big story
The quest to learn if our brain’s mutations affect mental health
Scientists have struggled in their search for specific genes behind most brain disorders, including autism and Alzheimer’s disease. Unlike problems with some other parts of our body, the vast majority of brain disorder presentations are not linked to an identifiable gene.
But a University of California, San Diego study published in 2001 suggested a different path. What if it wasn’t a single faulty gene—or even a series of genes—that always caused cognitive issues? What if it could be the genetic differences between cells?
The explanation had seemed far-fetched, but more researchers have begun to take it seriously. Scientists already knew that the 85 billion to 100 billion neurons in your brain work to some extent in concert—but what they want to know is whether there is a risk when some of those cells might be singing a different genetic tune. Read the full story.
We can still have nice things
+ Some gadgets are definitely more useful than others.
+ Calling all cat lovers! This potted history of mischievous felines in French painter Alexandre-François Desportes’ work is heartwarming stuff (thanks Melissa!)
+ A useful guide to working out what you really want from life.
+ A Ukrainian startup is reportedly planning to use AI to clone the iconic voice of James Earl Jones, aka Darth Vader.
+ The rumors are true—butter really is having a moment.
This startup’s AI is smart enough to drive different types of vehicles
Jay Gierak at Ghost, which is based in Mountain View, California, is impressed by Wayve’s demonstrations and agrees with the company’s overall viewpoint. “The robotics approach is not the right way to do this,” says Gierak.
But he’s not sold on Wayve’s total commitment to deep learning. Instead of a single large model, Ghost trains many hundreds of smaller models, each with a specialism. It then hand codes simple rules that tell the self-driving system which models to use in which situations. (Ghost’s approach is similar to that taken by another AV2.0 firm, Autobrains, based in Israel. But Autobrains uses yet another layer of neural networks to learn the rules.)
According to Volkmar Uhlig, Ghost’s co-founder and CTO, splitting the AI into many smaller pieces, each with specific functions, makes it easier to establish that an autonomous vehicle is safe. “At some point, something will happen,” he says. “And a judge will ask you to point to the code that says: ‘If there’s a person in front of you, you have to brake.’ That piece of code needs to exist.” The code can still be learned, but in a large model like Wayve’s it would be hard to find, says Uhlig.
Still, the two companies are chasing complementary goals: Ghost wants to make consumer vehicles that can drive themselves on freeways; Wayve wants to be the first company to put driverless cars in 100 cities. Wayve is now working with UK grocery giants Asda and Ocado, collecting data from their urban delivery vehicles.
Yet, by many measures, both firms are far behind the market leaders. Cruise and Waymo have racked up hundreds of hours of driving without a human in their cars and already offer robotaxi services to the public in a small number of locations.
“I don’t want to diminish the scale of the challenge ahead of us,” says Hawke. “The AV industry teaches you humility.”