Cyberattacks grabbed headlines throughout 2021 as massive disruptions affected government agencies, major companies and even supply chains for essential goods like gasoline and meat.

The year started off on a sour security note. In January, the FBI, the National Security Agency and the Cybersecurity and Infrastructure Security Agency jointly suggested that Russia was responsible for an attack against SolarWinds, a Texas-based company whose software was used by everyone from the federal government to railroads, hospitals and major tech companies.

The attackers inserted malicious software into an update of SolarWinds' popular Orion IT software products that companies incorporate into their own systems. Thousands of customers installed the tainted update, and cybercriminals were then able to access their systems. The Russian government has denied involvement in the attack.

Ransomware attacks in May hit both Colonial Pipeline, a major pipeline operator, and JBS USA Holdings, a big meat processor. The companies coughed up millions in payments and shut down their operations long enough to drive up the prices of gasoline and meat. Again, Russia was blamed for the attack.

Tech companies weren't immune either. Apple and Facebook had to deal with cyberthreats that endangered the security and privacy of their users. Meanwhile, the same companies wrestled with knotty questions about how much user data, which could be vulnerable in a cyberattack, should be collected.

Here's a quick look at the most important cybersecurity news of 2021:

Ransomware: When the big guys go down, it affects everyone

The year made it painfully obvious that the days of garbage ransomware used by script kiddies are long gone.

Ransomware, which encrypts a computer until victims pay for tools to unlock their data, is big business. Cybercriminals have set their sights on major businesses that will pay big bucks to avoid being shut down.

That's what happened in the headline-grabbing cases of Colonial Pipeline and JBS USA. Both companies forked over millions of dollars in ransom payments via bitcoin, a favorite cryptocurrency, after they found their systems locked up.

The two high-profile attacks were far from the only ransomware cases of 2021.

Suspected ransomware payments reported by banks and other financial institutions totaled $590 million for the first six months of this year, according to an October report by the Department of the Treasury. The figure easily surpassed the $416 million in suspicious payments reported for all of 2020.

The US government has pledged to step up its approach to fighting computer crimes. In October, the White House convened an international counter-ransomware event that included representatives from more than 30 countries. Group members pledged to share information and work together to track down and prosecute the cybercriminals behind ransomware attacks.

Notably absent: Russia, which the US and other countries blame for harboring and possibly encouraging the groups behind the attacks.

A month earlier, in an effort to make it at least a little bit harder to ransom US companies, the Treasury Department said it will sanction cryptocurrency exchanges, insurance companies and financial institutions that facilitate ransomware payments.

Data privacy battles

Apple also found itself at a privacy crossroads in 2021. The iPhone maker was forced to fend off an outside hacking threat that endangered the security and privacy of its users, some of them very high profile, while attempting to find a balance in its own data privacy practices.

In September, Apple issued an emergency patch for the operating systems powering its iPhones, iPads and Apple Watches to close holes that made the devices vulnerable to the Pegasus spyware developed by Israel's NSO Group.

Though the spyware was largely a threat only to high-profile users who could be targeted by nation-state hackers, the vulnerability was a black mark for Apple, which had, for the most part, enjoyed a reputation for being relatively safe from viruses and online attackers.

Apple also provoked controversy with a proposed feature that would scan its devices for images of child exploitation. Privacy and security experts, as well as other critics, charged that the approach to combating the illicit material was tantamount to creating a back door that could be exploited by governments intent on curbing free expression. Apple, which had previously won plaudits for refusing to crack a terrorist's iPhone, delayed rolling out the feature.

Data breaches keep coming

Data breaches publicly reported in the first nine months of 2021 exceeded the total for all of 2020, according to the Identity Theft Resource Center.

Department store chain Neiman Marcus, stock trading platform Robinhood, web host GoDaddy and wireless carrier T-Mobile were among the companies to report data breaches that resulted in customer information being stolen. California Pizza Kitchen and McDonald's both reported breaches that compromised data related to their operations and employees. Cybercriminals stole data from video game company Electronic Arts that included the source code for the soccer game FIFA 21.

Most recently, Planned Parenthood Los Angeles confirmed that an October data breach exposed patient records, including names, dates of birth, addresses, insurance identification numbers and clinical data like diagnosis, treatment and prescription information.

Yesterday marked 'Data Privacy Day' or 'International Data Security Day,' observed globally, raising awareness about the importance of securing personal information. Various international organizations have implemented various initiatives to promote awareness regarding the security of personal information. According to the Information Commissioner's Office (ICO) of the United Nations, 128 out of 194 countries worldwide have laws pertaining to information security and personal privacy. Similarly, Article 43 (kha) of our constitution also recognizes privacy rights as fundamental human rights.

However, while our constitution and laws emphasize information security and personal privacy, individual privacy is constantly breached. From intimate phone calls to the proliferation of audio-video content online, personal information is vulnerable and can reach millions of people in an instant. From politicians to ordinary citizens, no one is immune, especially in today's digital age, where personal information is readily accessible to multinational corporations. Additionally, both government and non-government entities collect personal information in various ways. Due to the lack of clear guidelines about what information an individual should disclose or how much information can be demanded, the privacy of personal information is under considerable threat, according to experts in social and digital security.

A few days ago, a leaked telephone conversation involving former Information Minister Dr. Murad Hassan created quite a stir. The incident led to his eventual resignation. Similar incidents of leaked phone conversations involving various political leaders have occurred before. It's not just phone calls; the advancement of communication technology has enabled the widespread sharing of various types of information, including audio and video, in an alarming rate. The investigation into Dr. Murad Hassan's leaked phone call from two years ago is still ongoing, led by law enforcement agencies. Recently, the trend of leaking phone conversations has surged among politicians, and even ordinary individuals are resorting to various apps to avoid discussing sensitive matters over the phone. Alongside concerns about security and privacy, there is ongoing debate within the political arena regarding the legal aspects of these issues.

How Personal Privacy Is Breached

Personal privacy is breached in various ways, starting from close acquaintances. Firstly, there's a decline in the perception of security regarding the protection of personal information worldwide. People tend to reveal a lot of information, both knowingly and unknowingly, often with a misplaced trust in the security of digital platforms.

Research shows that personal privacy is most often compromised by those closest to us. If not through hacking or leaks, personal matters often find their way online through various social media platforms or are exposed due to threats. Breakups between spouses, partners, or lovers, for instance, can result in one party sharing personal photos or videos online out of revenge. Additionally, personal matters are sometimes exploited and used to mentally harass individuals. In some cases, even without their knowledge, hackers can expose any piece of personal information online. We regularly share a significant amount of personal information on platforms like Facebook and other communication mediums. This can inadvertently expose our privacy. Moreover, personal data such as phone numbers, emails, and bank account numbers are shared in various ways with different multinational corporations. Self-interest and greed prompt individuals and organizations to utilize personal information for commercial or personal gains. Often, individuals willingly share all sorts of information inspired by their self-interest. Analyzing this data, those organizations gain insight into individuals' minds, often better than the individuals themselves.

What Does Bangladeshi Law Say About Personal Privacy?

Recording someone's personal phone call and sharing it without their consent is illegal in Bangladesh, as per the constitution and prevailing laws, unless authorized by the government. According to Article 43 of the constitution, every citizen has the right to privacy of correspondence and other means of communication. Furthermore, Section 71 of the Bangladesh Telecommunications Act explicitly mentions that intercepting telephone conversations without the permission of both parties is a punishable offense. It states that if anyone intentionally intercepts any message intended for another person through telephone, that person shall be punishable with imprisonment for a term not exceeding two years or with a fine not exceeding five crore taka or with both.

However, these laws come with certain conditions. Under Section 97-K, these provisions will not apply to agencies appointed by the government for national security, law enforcement, or investigative purposes. In other words, government agencies have the legal authority to intercept phone conversations for national security and law enforcement reasons, but this requires authorization from the Minister or State Minister of the Home Ministry. While the law specifies who can be intercepted, for how long, and under what circumstances, it lacks clarity on these aspects.

Experts in social and digital security argue that governments have the authority to intercept communications for the sake of national security. Every country in the world has laws concerning this, particularly post-9/11, when countries worldwide shifted their focus from traditional notions to safeguarding national security interests. Although these laws do not make such interceptions acceptable in principle, they do extend the reach of governments to monitor individual communications, especially in the context of national security and public order. Nevertheless, it is not permissible to use these laws for personal or political gains.

The proliferation of leaked personal phone calls in our society has generated significant curiosity and discussion. However, these incidents should not be sensationalized, and such activities should be discouraged, according to experts. While these legal matters are complex, the leakage of personal phone calls continues to be a concern. Prominent politicians, public figures, and ordinary individuals alike have experienced personal conversations being leaked to the public.

It is essential to raise awareness about the importance of personal privacy and information security. Individuals should be educated about the risks associated with sharing sensitive information online and over the phone. Organizations and government agencies should also take steps to ensure that they handle personal data responsibly and securely, following established legal and ethical guidelines. Moreover, there is a need for clearer and more comprehensive laws and regulations that govern the collection, storage, and sharing of personal information in the digital age.

Soppiya, Bangladesh's first global no-coding e-commerce, blog, and portfolio platform has been officially launched at the BASIS SoftExpo 2023 at Bangladesh-China Friendship Exhibition Center in the capital’s Purbachal area on Friday (February 24)

Bangladesh Association of Software and Information Services (BASIS), the national trade organization of the information and communication technology sector, has organized the 4-day exhibition with the slogan 'Welcome to Smartverse'.

Md. Ekramul Haque, Honorable Managing Director of Soppiya Innovation Limited, cut a cake on Friday to open the launching ceremony.

During this 4-day exhibition, Soppiya’s stalls hosted various events including a chance to win attractive gift hampers by opening a free website for visitors.

Asad Bin Abdullah, executive director of Soppiya said, ''Soppiya is a saas-based cms platform. Through this, you can create your professional e-commerce, blog, and portfolio website in 30 minutes for free. By doing this, there will be a revolutionary change in the socio-economic system of the country through online platform business and Bangladesh will take a step forward in achieving Digital Bangladesh.''

''We have launched the platform with an emphasis on providing quality e-commerce websites, blog websites, and portfolio website creation solutions with the latest updates and most convenient packages, themes, plugins, widgets, hosted solutions, and advanced technologies. Even those who have no coding or technical knowledge can set up a beautiful website and all this is possible only with Soppiya.''

Twitter on Saturday began rolling out a controversial new paid subscription system which the social network's unpredictable new owner, billionaire Elon Musk, ordered staff to build after taking over last week.

The platform's mobile app began offering an update that will allow users to sign up for the new version of Twitter Blue, which Musk has said will cost $8 a month, and is set to grant users a blue checkmark and perks such as less advertising in their feeds.

"Starting today, we're adding great new features to Twitter Blue," says the update, only on iPhones for now. "Get Twitter Blue for $7.99 a month if you sign up now."

In a tweet, the California-based company's director of product development Esther Crawford specified that the new service had yet to go live.

"The new Blue isn't live yet -- the sprint to our launch continues but some folks may see us making updates because we are testing and pushing changes in real-time," she posted.

"New Blue ... coming soon!" she added.

On Friday, half of Twitter's 7,500 employees were laid off by Tesla boss Musk.

He ordered the redesign of Twitter Blue as a priority, making some teams work day and night on it, reportedly with a target launch date of November 7 -- a day before the US midterm elections.

The current version of the service, which costs $5, contains premium features, such as a more comfortable reading mode.

Musk wants to add a blue tick which until now has symbolized account verification, though he has not explained how the paying accounts will be verified.

Until now verification has been free and serves as proof of authenticity for the accounts of users such as politicians, governments, journalists, celebrities and sports figures -- a system Musk has derided as "lords and peasants."

The update also lists other benefits mentioned by Musk, such as the ability to post longer videos and audio messages.

"Since you're supporting Twitter in the battle against the bots, we're going to reward you with half the ads and make them twice as relevant," the offer states.

The Californian company needs to diversify its income, heavily reliant on advertising. Several advertisers have suspended their spending on the platform since its acquisition, after Musk vowed to dial back content moderation.

– BSS/AFP

Tesla Inc (TSLA.O) boss Elon Musk said in a filing on Monday he will serve as chief executive of Twitter, the social media company he just bought for $44 billion, a move that Wall Street analysts have said could stretch the billionaire thin.

Musk, who also runs rocket company SpaceX, brain-chip startup Neuralink and tunneling firm the Boring Company, fired Twitter's previous chief, Parag Agrawal, and other top company officials last week.

Tesla's stock has lost a third of its value since Musk made an offer to buy Twitter in April, compared with a 12% decline in the benchmark S&P 500 index (.SPX) in the same period.

Musk had previously changed his Twitter bio to "Chief Twit" in an allusion to his planned move.

Twitter on Monday declined comment on how long Musk might remain CEO or appoint someone else.

In another filing on Monday, Musk revealed that he became the sole director of Twitter as a result of the takeover.

"The following persons, who were directors of Twitter prior to the effective time of the merger, are no longer directors of Twitter: Bret Taylor, Parag Agrawal, Omid Kordestani, David Rosenblatt, Martha Lane Fox, Patrick Pichette, Egon Durban, Fei-Fei Li and Mimi Alemayehou," Musk said in the filing.

Shortly afterward, Musk tweeted that the move to dissolve the board "is just temporary," without elaborating.

Last week, Musk's takeover of the social media company for $44 billion concluded a months-long saga.

Since the takeover Musk has moved quickly to put his stamp on Twitter, which he had ridiculed for months for being slow to introduce product changes or take down spam accounts.

His teams began meeting with some employees to investigate Twitter's software code and understand how aspects of the platform worked, according to two sources familiar with the matter.

Some staff who spoke with Reuters said they had received little communication from Musk or other leaders and were using news reports to piece together what was happening at the company.

- Reuters

Facebook parent Meta on Wednesday reported that its revenue declined for a second consecutive quarter, hurt by falling advertising sales as it faces competition from TikTok’s wildly popular video app.

The quarter’s weak results raised fresh questions about whether Meta’s plans to spend $10 billion a year on the metaverse — a concept that doesn’t quite exist yet and possibly never will — is prudent while its main source of revenue is faltering.

The quarterly results from Meta Platforms Inc. sent its stock tumbling 19% in after-hours trading to $105.20. If the sell-off holds through Thursday’s regular trading day, it will be the lowest it’s been since 2016. The stock closed Wednesday down 61% for the year.

Meta’s disappointing results followed weak earnings reports from Google parent Alphabet Inc. and Microsoft this week. The Menlo Park, California, company earned $4.4 billion, or $1.64 per share, in the three-month period that ended Sept. 30. That’s down 52% from, $9.19 billion, or $3.22 per share, in the same period a year earlier.

Analysts were expecting a profit of $1.90 per share, on average, according to FactSet.

Revenue fell 4% to $27.71 billion from $29.01 billion, slightly higher than the $27.4 billion that analysts had predicted.

Some of the company’s investors are concerned Meta is spending too much money and confusing people with its focus on the metaverse, a virtual, mixed and augmented reality concept that few people understand — while it also grapples with a weakening advertising business.

“Meta has drifted into the land of excess — too many people, too many ideas, too little urgency,” wrote Brad Gerstner, the CEO of Meta shareholder Altimeter Capital, earlier this week in a letter to Meta CEO Mark Zuckerberg. “This lack of focus and fitness is obscured when growth is easy but deadly when growth slows and technology changes.”

In addition to an accelerating revenue decline, Meta also forecast weaker-than-expected sales for the current quarter, further raising worries that the revenue slump is more of a trend than an aberration.

“While we face near-term challenges on revenue, the fundamentals are there for a return to stronger revenue growth,” Zuckerberg said in a statement. “We’re approaching 2023 with a focus on prioritization and efficiency that will help us navigate the current environment and emerge an even stronger company.”

Meta said it expects staffing levels to stay roughly the same as in the current quarter — a departure from previous years’ double-digit workforce growth. The company had about 87,000 employees as of Sept. 30, an increase of 28% year-over-year.

“To return to stronger growth, Meta needs to turn its business around,” said Insider Intelligence analyst Debra Aho Williamson. “As Facebook Inc., it was a revolutionary company that changed the way people communicate and the way marketers interact with consumers. Today it’s no longer that innovative groundbreaker.”

She added that “Meta would benefit from less priority on the metaverse and more on fixing its core business.” Meta’s Reality Labs unit, which includes its metaverse and virtual reality efforts, had an operating loss of $3.67 billion in the third quarter, compared with a loss of $2.63 billion a year earlier. Its revenue was $285 million.

Meta said it expects Reality Labs operating losses in 2023 to “grow significantly year-over-year.”

Despite the revenue decline, Meta grew its user base. Facebook’s monthly active users were 2.96 billion as of Sept. 30, up 2% from a year earlier. And 3.71 billion people logged in to at least one of Meta’s family of apps — Facebook, Instagram, WhatsApp or Messenger — up 4% year-over-year.

– AP/UNB