The Petya ransomware is starting to look like a cyberattack in disguise

The ransomware that wasn’t

The haze of yesterday’s massive ransomware attack is clearing, and Ukraine has already emerged as the epicenter of the damage. Kaspersky Labs reports that as many as 60 percent of the systems infected by the Petya ransomware were located within Ukraine, far more than anywhere else. The hack’s reach touched some of the country’s most crucial infrastructure including its central bank, airport, metro transport, and even the Chernobyl power plant, which was forced to move radiation-sensing systems to manual.

The ostensible purpose of all that damage was to make money — and yet there’s very little money to be found. Most ransomware flies under the radar, quietly collecting payouts from companies eager to get their data back and decrypting systems as payments come in. But Petya seems to have been incapable of decrypting infected machines, and its payout method was bizarrely complex, hinging on a single email address that was shut down almost as soon as the malware made headlines. As of this morning, the Bitcoin wallet associated with the attack had received just $10,000, a relatively meager payout by ransomware standards.

“THERE’S NO FUCKING WAY THIS WAS CRIMINALS.”
It leads to an uncomfortable question: what if money wasn’t the point? What if the attackers just wanted to cause damage to Ukraine? It’s not the first time the country has come under cyberattack. (These attacks have typically been attributed to Russia.) But it would be the first time such an attack has come in the guise of ransomware, and has spilled over so heavily onto other countries and corporations.

Because the virus has proven unusually destructive in Ukraine, a number of researchers have come to suspect more sinister motives at work. Peeling apart the program’s decryption failure in a post today, Comae’s Matthieu Suiche concluded a nation state attack was the only plausible explanation. “Pretending to be a ransomware while being in fact a nation state attack,” Suiche wrote, “ is in our opinion a very subtle way from the attacker to control the narrative of the attack.”

Another prominent infosec figure put it more bluntly: “There’s no fucking way this was criminals.”


There’s already mounting evidence that Petya’s focus on Ukraine was deliberate. The Petya virus is very good at moving within networks, but initial attacks were limited to just a few specific infections, all of which seem to have been targeted at Ukraine. The highest-profile one was a Ukrainian accounting program called MeDoc, which sent out a suspicious software update Tuesday morning that many researchers blame for the initial Petya infections. Attackers also planted malware on the homepage of a prominent Ukraine-based news outlet, according to one researcher at Kaspersky.

THE INFECTIONS SEEM TO TARGET UKRAINE’S MOST VITAL INSTITUTIONS
In each case, the infections seem to specifically target Ukraine’s most vital institutions, rather than making a broader attempt to find lucrative ransomware targets. These initial infections are particularly telling because they were directly chosen by whoever set the malware in motion. Computer viruses often spread farther than their creators intended, but once Petya was on the loose, the attackers would have had no control over how far it reached. But the attackers had complete control over where they planted Petya initially, and they chose to plant it by some of the most central institutions in Ukraine.

The broader political context makes Russia a viable suspect. Russia has been engaged in active military interventions in Ukraine since former president Viktor Yanukovych was removed from power in 2014. That has included the annexation of Crimea and the active movement of troops and equipment in the eastern region of the country, but also a number of more subtle activities. Ukraine’s power grid came under cyberattack in December 2015, an attack many interpreted as part of a hybrid attack by Russia against the country’s infrastructure. That hybrid-warfare theory extends to more conventional guerrilla attacks: the same day that Petya ripped through online infrastructure, Ukrainian colonel Maksim Shapoval was killed by a car bomb attack in Kiev.

“I THINK ULTIMATELY IT’S ABOUT MONEY.”
All that evidence is still circumstantial, and there’s no hard link between yesterday’s attacks and any nation state. It could be Ukraine simply presented a soft target, and the attackers screwed up their payment and decryption systems out of simple carelessness. Functional or not, the software involved still has strong ties to traditional ransomware systems, and even if the attackers didn’t make much money off ransom payments, Petya was still collecting credentials and other data from infected machines, which could be valuable fodder for future attacks. That has led researchers like F-Secure’s Sean Sullivan to hold off on nation-state suspicions. “Maybe there’s multiple ways they’re working the money angle, but I think ultimately it’s about money,” Sullivan told me. “Tigers don’t change their stripes.”

Still, the line between common criminals and state agents can be difficult to parse. A recent indictment in the Yahoo hacking case charged Russian officials alongside freelance hackers, and the division of labor was often unclear. Criminals can be enlisted as privateers, or agents can adopt criminal tactics as a way of disguising themselves. If the suspicions around Petya are correct, that line may be growing even thinner, as globe-spanning attacks get lost in the fog of war. With no clear path to a firm attribution, we may never be able to prove who was responsible for this week’s attacks, or what they hoped to achieve. For anyone digging out a Petya-bricked computer system, that clean getaway is adding insult to injury.The haze of yesterday’s massive ransomware attack is clearing, and Ukraine has already emerged as the epicenter of the damage. Kaspersky Labs reports that as many as 60 percent of the systems infected by the Petya ransomware were located within Ukraine, far more than anywhere else. The hack’s reach touched some of the country’s most crucial infrastructure including its central bank, airport, metro transport, and even the Chernobyl power plant, which was forced to move radiation-sensing systems to manual.

The ostensible purpose of all that damage was to make money — and yet there’s very little money to be found. Most ransomware flies under the radar, quietly collecting payouts from companies eager to get their data back and decrypting systems as payments come in. But Petya seems to have been incapable of decrypting infected machines, and its payout method was bizarrely complex, hinging on a single email address that was shut down almost as soon as the malware made headlines. As of this morning, the Bitcoin wallet associated with the attack had received just $10,000, a relatively meager payout by ransomware standards.

“THERE’S NO FUCKING WAY THIS WAS CRIMINALS.”
It leads to an uncomfortable question: what if money wasn’t the point? What if the attackers just wanted to cause damage to Ukraine? It’s not the first time the country has come under cyberattack. (These attacks have typically been attributed to Russia.) But it would be the first time such an attack has come in the guise of ransomware, and has spilled over so heavily onto other countries and corporations.

Because the virus has proven unusually destructive in Ukraine, a number of researchers have come to suspect more sinister motives at work. Peeling apart the program’s decryption failure in a post today, Comae’s Matthieu Suiche concluded a nation state attack was the only plausible explanation. “Pretending to be a ransomware while being in fact a nation state attack,” Suiche wrote, “ is in our opinion a very subtle way from the attacker to control the narrative of the attack.”

Another prominent infosec figure put it more bluntly: “There’s no fucking way this was criminals.”


There’s already mounting evidence that Petya’s focus on Ukraine was deliberate. The Petya virus is very good at moving within networks, but initial attacks were limited to just a few specific infections, all of which seem to have been targeted at Ukraine. The highest-profile one was a Ukrainian accounting program called MeDoc, which sent out a suspicious software update Tuesday morning that many researchers blame for the initial Petya infections. Attackers also planted malware on the homepage of a prominent Ukraine-based news outlet, according to one researcher at Kaspersky.

THE INFECTIONS SEEM TO TARGET UKRAINE’S MOST VITAL INSTITUTIONS
In each case, the infections seem to specifically target Ukraine’s most vital institutions, rather than making a broader attempt to find lucrative ransomware targets. These initial infections are particularly telling because they were directly chosen by whoever set the malware in motion. Computer viruses often spread farther than their creators intended, but once Petya was on the loose, the attackers would have had no control over how far it reached. But the attackers had complete control over where they planted Petya initially, and they chose to plant it by some of the most central institutions in Ukraine.

The broader political context makes Russia a viable suspect. Russia has been engaged in active military interventions in Ukraine since former president Viktor Yanukovych was removed from power in 2014. That has included the annexation of Crimea and the active movement of troops and equipment in the eastern region of the country, but also a number of more subtle activities. Ukraine’s power grid came under cyberattack in December 2015, an attack many interpreted as part of a hybrid attack by Russia against the country’s infrastructure. That hybrid-warfare theory extends to more conventional guerrilla attacks: the same day that Petya ripped through online infrastructure, Ukrainian colonel Maksim Shapoval was killed by a car bomb attack in Kiev.

“I THINK ULTIMATELY IT’S ABOUT MONEY.”
All that evidence is still circumstantial, and there’s no hard link between yesterday’s attacks and any nation state. It could be Ukraine simply presented a soft target, and the attackers screwed up their payment and decryption systems out of simple carelessness. Functional or not, the software involved still has strong ties to traditional ransomware systems, and even if the attackers didn’t make much money off ransom payments, Petya was still collecting credentials and other data from infected machines, which could be valuable fodder for future attacks. That has led researchers like F-Secure’s Sean Sullivan to hold off on nation-state suspicions. “Maybe there’s multiple ways they’re working the money angle, but I think ultimately it’s about money,” Sullivan told me. “Tigers don’t change their stripes.”


Still, the line between common criminals and state agents can be difficult to parse. A recent indictment in the Yahoo hacking case charged Russian officials alongside freelance hackers, and the division of labor was often unclear. Criminals can be enlisted as privateers, or agents can adopt criminal tactics as a way of disguising themselves. If the suspicions around Petya are correct, that line may be growing even thinner, as globe-spanning attacks get lost in the fog of war. With no clear path to a firm attribution, we may never be able to prove who was responsible for this week’s attacks, or what they hoped to achieve. For anyone digging out a Petya-bricked computer system, that clean getaway is adding insult to injury.

Read More >>

Read More

Cyberattack Hits Ukraine Then Spreads Internationally

Several companies have been affected by the Petya cyberattack, including, from left, Rosneft, the Russian energy giant; Merck, a pharmaceutical company; and Maersk, a shipping company. Credit Left, Sergei Karpukhin/Reuters; center, Matt Rourke/Associated Press; right, Enrique Castro Sanchez/Agence France-Presse — Getty Images

Computer systems from Ukraine to the United States were struck on Tuesday in an international cyberattack that was like a recent assault that crippled tens of thousands of machines worldwide.

In Kiev, the capital of Ukraine, A.T.M.s stopped working. About 80 miles away, workers were forced to manually monitor radiation at the old Chernobyl nuclear plant when their computers failed. And tech managers at companies around the world, from Maersk, the Danish shipping conglomerate, to Merck, the drug giant in the United States, were scrambling to respond.

It was unclear who was behind this cyberattack, and the extent of its impact was still hard to gauge Tuesday. It started as an attack on Ukrainian government and business computer systems — an assault that appeared to have been intended to hit the day before a holiday marking the adoption in 1996 of Ukraine’s first Constitution after breaking away from the Soviet Union. It spread from there, causing collateral damage around the world.

This outbreak is the latest and perhaps the most sophisticated in a series of attacks that make use of dozens of hacking tools that were stolen from the National Security Agency and leaked online in April by a group called the Shadow Brokers.

Like the WannaCry attacks in May, the latest global hacking took control of computers and demanded digital ransom from their owners to regain access. The new attack used the same N.S.A. hacking tool, Eternal Blue, that was used in the WannaCry incident, and two other methods to promote its spread, according to researchers at the computer security company Symantec.

The N.S.A. has not acknowledged its tools were used in WannaCry or other attacks. But computer security specialists are demanding that the agency help the rest of the world defend against the weapons it created.

”The N.S.A. needs to take a leadership role in working closely with security and operating system platform vendors such as Apple and Microsoft to address the plague that they’ve unleashed,” said Golan Ben-Oni, the global chief information officer at IDT, a Newark-based conglomerate hit by a separate attack in April that used N.S.A. hacking tools. Mr. Ben-Oni warned federal officials that more serious attacks were probably on the horizon.

The vulnerability in Windows software used by Eternal Blue was patched by Microsoft in March, but as the WannaCry attacks demonstrated, hundreds of thousands of organizations around the world failed to properly install the fix.

“Just because you roll out a patch doesn’t mean it’ll be put in place quickly,” said Carl Herberger, vice president of security at Radware. “The more bureaucratic an organization is, the higher chance it won’t have updated its software.”

Because the ransomware used at least two other ways to spread on Tuesday, even those who used the Microsoft patch could be vulnerable, according to researchers at F-Secure, the Finnish cybersecurity firm.

A Microsoft spokesman said the company’s latest antivirus software should protect against the attack.

The Ukrainian government said several of its ministries, local banks and metro systems had been affected. A number of other European companies, including Rosneft, the Russian energy giant; Saint-Gobain, the French construction materials company; and WPP, the British advertising agency, also said they had been targeted.

Ukrainian officials pointed a finger at Russia on Tuesday, though Russian companies were also affected. Home Credit bank, one of Russia’s top 50 lenders, was paralyzed, with all of its offices closed, according to the RBC news website. The attack also affected Evraz, a steel manufacturing and mining company that employs about 80,000 people, the RBC website reported.

In the United States, DLA Piper, the multinational law firm, also reported being hit. Hospitals in Pennsylvania were being forced to cancel surgeries after the attack hit computers at Heritage Valley Health Systems, a Pennsylvania health care provider, and its hospitals in Beaver and Sewickley, Penn., and satellite locations across the state.

A spokesman for the N.S.A. referred questions about the attack to the Department of Homeland Security. “The Department of Homeland Security is monitoring reports of cyber attacks affecting multiple global entities and is coordinating with our international and domestic cyber partners,” Scott McConnell, spokesman for D.H.S., said in a statement.

Computer specialists said the ransomware was very similar to a virus that first emerged last year called Petya. Petya means “Little Peter,” in Russian, leading some to speculate the name referred to Sergei Prokofiev’s 1936 symphony “Peter and the Wolf,” about a boy who captures a wolf.

Reports that the computer virus was a variant of Petya suggest the attackers will be hard to trace. Petya was for sale on the so-called dark web, where its creators made the ransomware available as “ransomware as a service” — a play on Silicon Valley terminology for delivering software over the internet, according to the security firm Avast Threat Labs.

That means anyone could launch the ransomware with the click of a button, encrypt someone’s systems and demand a ransom to unlock it. If the victim pays, the authors of the Petya ransomware, who call themselves Janus Cybercrime Solutions, get a cut of the payment.

That distribution method means that pinning down the people responsible for Tuesday’s attack could be difficult.

The attack is “an improved and more lethal version of WannaCry,” according to Matthieu Suiche, a security researcher who helped contain the spread of the WannaCry ransomware when he created a kill switch that stopped the attacks.

In just the last seven days, Mr. Suiche noted that WannaCry had tried to hit an additional 80,000 organizations, but was prevented from executing attack code because of the kill switch. Petya does not have a kill switch.

A screenshot of what appeared to be the ransomware affecting systems worldwide on Tuesday. The Ukrainian government posted the shot to its official Facebook page.

Petya also encrypts and locks entire hard drives, while the earlier ransomware attacks locked only individual files, said Chris Hinkley, a researcher at Armor, the security firm.

The hackers behind Petya demanded $300 worth of the cybercurrency Bitcoin to unlock victims’ machines. By Tuesday afternoon, online records showed that 30 victims had paid the ransom, though it was not clear whether they regained access to their files. Other victims may be out of luck, after Posteo, the German email service provider, shut down the hackers’ email account.

In Ukraine, people turned up at post offices, A.T.M.s and airports to find blank computer screens, or signs about closures. At Kiev’s central post office, a few bewildered customers milled about, holding parcels and letters, looking at a sign that said, “closed for technical reasons.”

The hackers compromised Ukrainian accounting software mandated to be used in various industries in the country, including government agencies and banks, according to researchers at Cisco Talos, the security division of the computer networking company. That allowed them to unleash their ransomware when the software, which is also used in other countries, was updated.

The ransomware spread for five days across Ukraine, and around the world, before activating Tuesday evening.

“If I had to guess, I would think this was done to send a political message,” said Craig Williams, the senior technical researcher at Talos.

One Kiev resident, Tetiana Vasylieva, was forced to borrow money from a relative after failing to withdraw money at four automated teller machines. At one A.T.M. in Kiev belonging to the Ukrainian branch of the Austrian bank Raiffeisen, a message on the screen said the machine was not functioning.

Ukraine’s Infrastructure Ministry, the postal service, the national railway company, and one of the country’s largest communications companies, Ukrtelecom, had been affected, Volodymyr Omelyan, the country’s infrastructure minister, said in a Facebook post.

Officials for the metro system in Kiev said card payments could not be accepted. The national power grid company Kievenergo had to switch off all of its computers, but the situation was under control, according to the Interfax-Ukraine news agency. Metro Group, a German company that runs wholesale food stores, said its operations in Ukraine had been affected.

At the Chernobyl plant, the computers affected by the attack collected data on radiation levels and were not connected to industrial systems at the site, where, though all reactors have been decommissioned, huge volumes of radioactive waste remain. Operators said radiation monitoring was being done manually.

Cybersecurity researchers questioned whether collecting ransom was the true objective of the attack.

“It’s entirely possible that this attack could have been a smoke screen,” said Justin Harvey, the chief security officer for the Fidelis cybersecurity company. “If you are an evil doer and you wanted to cause mayhem, why wouldn’t you try to first mask it as something else?”

Read More >>

Read More

Global Cyberattack: What We Know and Don’t Know

A screenshot of what appeared to be the ransomware affecting systems worldwide on Tuesday. The Ukrainian government posted the shot to its official Facebook page.

A quickly spreading ransomware attack is hitting countries across the world including France, Russia, Spain, Ukraine and the United States, just weeks after a ransomware attack known as WannaCry.

What We Know

• Several private companies have confirmed that they were hit by the attack, including the American pharmaceutical giant Merck, the Danish shipping company AP Moller-Maersk, the British advertising firm WPP, the French multinational Saint-Gobain and the Russian steel, mining and oil companies Evraz and Rosneft.

• Photographs and videos of computers affected by the attack show a message of red text on a black screen. The message read: “Oops, your important files have been encrypted. If you see this text then your files are no longer accessible because they have been encrypted. Perhaps you are busy looking to recover your files but don’t waste your time.”

• Kaspersky Lab, a cybersecurity firm based in Moscow, reported that about 2,000 computer systems had been affected by the new ransomware.

• Cybersecurity researchers first called the new ransomware attack Petya, as it bore similarities to a ransomware strain known by that name, which was first reported by Kasperksy in March 2016. But Kaspersky later said that its investigation into the new attack found that it was a type of ransomware that had never been seen before.

• ESET, a Slovakia-based cybersecurity company, said the first known infection occurred early on June 27, through a Ukrainian software company called MeDoc. MeDoc denied that its program was the initial infection point. In a Facebook post, the firm wrote, “At the time of updating the program, the system could not be infected with the virus directly from the update file,” though an earlier message confirmed that its systems had been compromised.

• Symantec, a Silicon Valley cybersecurity firm, confirmed that the ransomware was infecting computers through at least one exploit, or vulnerability to computer systems, known as Eternal Blue.

• Eternal Blue was leaked online last April by a mysterious group of hackers known as the Shadow Brokers, who have previously released hacking tools used by the National Security Agency. That vulnerability was used in May to spread the WannaCry ransomware, which affected hundreds of thousands of computers in more than 150 countries.

• ESET and several other cybersecurity companies have identified at least one other exploit used in the attack known as PsExec, which takes advantage of a single computer that has not been updated with the latest software in a network to spread infections by looking for — and using — administrative credentials. By using PsExec, the ransomware continued spreading across systems that had been updated, or patched, after the WannaCry outbreak last month.

• Several cybersecurity researchers have identified a Bitcoin address to which the attackers are demanding a payment of $300 from their victims. At least some of the victims appear to be paying the ransom, even though the email address used by the attackers has been shut down. That removes the possibility that the attackers could restore a victim’s access to their computer networks, even once ransom is paid.

What We Don’t Know

• Who is behind the ransomware attack. The original Petya ransomware was developed and used by cybercriminals, and variations have been sold through dark web trading sites, which are accessible only by using browsers that mask a user’s identity, making it difficult for cybersecurity researchers to track.

• The motives for the attack. Cybersecurity researchers ask why, if the goal of the attack was to force victims to pay ransom, more care was not taken to protect the email address through which attackers could communicate with their victims, or to provide multiple avenues for payment.

• How much bigger this attack will get. Cybersecurity researchers say that like WannaCry, the ransomware infects computers using vulnerabilities in the central nerve of a computer, called a kernel, making it difficult for antivirus firms to detect. It also has the ability to take advantage of a single unpatched computer on a network to infect computers across a vast network, meaning that even systems that were updated after WannaCry could potentially become vulnerable again.

What Is Ransomware?

• Ransomware is one of the most popular forms of online attack today. It typically begins with attackers sending their victims email that includes a link or a file that appears innocuous but contains dangerous malware.

• Once a victim clicks on the link or opens the attachment, the computer becomes infected. The program encrypts the computer, essentially locking the user out of files, folders and drives on that computer. In some cases, the entire network the computer is connected to can become infected.

• The victim then receives a message demanding payment in exchange for attackers unlocking the system. The payment is usually requested in Bitcoin, a form of digital currency.

Read More >>

Read More

Tumblr Goes Radio Silent On Net Neutrality After Verizon Acquisition

Back when Verizon first began expressing interest in pivoting from broadband duopolist to media and advertising, you might recall that it launched a short-lived technology blog named Sugarstring. Sugarstring quickly made headlines for all the wrong reasons however, after it was revealed that Verizon was banning any new hires from writing about hot-button subjects like net neutrality, or the fact that companies like Verizon and AT&T are now bone-grafted to the nation's intelligence and surveillance apparatus.

Sugarstring is long-since dead, replaced in large part by Verizon's acquisitions of Yahoo and AOL, which also brought Huffpo, Engadget, and Techcrunch under the Verizon umbrella. And while Verizon itself has been busy using fake reporters to blatantly lie about the company's ongoing role in killing net neutrality, there's no indication (yet) that the company has pressured any of its own news outlets to quiet down on the subject. In fact, we've noted previously that some of the best reporting on net neutrality in recent months has originated at TechCrunch (this piece in particular is worth a read).
But while Verizon hasn't yet tried to get its own news outlets to quiet down on net neutrality, other now-Verizon-owned companies that used to be very active on the subject have gone dead quiet. Case in point: Tumblr, which was an integral ally in the SOPA/PIPA fight and an outspoken protector of net neutrality, is now utterly radio silent as FCC boss Ajit Pai attempts to kill the popular consumer protections. Insiders at the company this week expressed their concern to the Verge that Verizon is pressuring CEO David Karp to keep his mouth shut on the subject:

"Now, multiple sources tell The Verge that employees are concerned that Karp has been discouraged from speaking publicly on the issue, and one engineer conveyed that Karp told a group of engineers and engineering directors as much in a weekly meeting that took place shortly after SXSW. “Karp has talked about the net neutrality stuff internally, but won’t commit to supporting it externally anymore,” the engineer said. “[He] assures [us] that he is gonna keep trying to fight for the ability to fight for it publicly.” Karp did not respond to four emails asking for comment, and neither Yahoo nor Tumblr would speak about the matter on the record."

Granted Karp may just have toned down the company's rhetoric voluntarily to avoid ruffling feathers during the transition. And obviously any time a smaller company gets acquired by a larger conglomerate (especially from the historically droll and stodgy telecom sector) you'll see a major culture shift that often isn't for the better. Still, Verizon's positions on subjects like net neutrality are so hostile, Tumblr employees have grown increasingly uneasy in recent weeks, which could lead to an exodus of talent at the company:

“Some of our previous stances on issues that are really important to Tumblr employees and its community are being silenced,” said the former employee. “We've been really noisy about things like net neutrality in the past. We asked the new Head, Simon Khalaf, about it in an all-hands a few weeks ago and he said it was ‘not his problem’ and ‘above his pay grade.’” A current employee and another former employee corroborated this account."
It's unfortunate to have lost Tumblr's voice in the net neutrality fight, especially given that other industry giants like Google and Netflix have similarly gone mute on the subject, leaving consumers and small businesses increasingly alone in fighting for something vaguely resembling an open and healthy internet. And while you'd like to think Verizon is above trampling the editorial independence of former AOL and Yahoo news outlets, Verizon's Sugarstring experiment should make it pretty clear that ham-fisted attempts at censorship aren't exactly out of character for the telco.

For now, however, Verizon appears content to try and use entirely fake journalists like "Jeremy" to spread misinformation on net neutrality, as evident by this recent, comically misleading video by the company:

Read More >>

Read More

Net Neutrality Is Dying. Speak Out Now Before It's Too Late

“Come on! The internet is an incredible place!” said comedian and political commentator John Oliver, “And tonight, we need to talk about an issue that is impacting it.” He was just one of the many advocates of a free and open internet who were using the public forum to spread awareness on the threats that the internet is about to face. On May 18, 2017, the current Federal Communications Commission (FCC) led by Chairman Ajit Pai voted 2-1 on a motion to repeal rules and regulations put in place by his predecessor to ensure a free and open internet for all.

The motion, if sustained during a second vote held after the FCC is fully staffed later this year, would mean the repelation of the so-called net neutrality regulations that were put into place by retired FCC Chairman Tom Wheeler to ensure that internet service providers like Comcast, AT&T and Verizon cannot discriminate against various types of internet traffic in a way that suits their businesses. This would give popular broadband companies and internet service providers greater monopoly in their services, allowing them to regulate and alter the people’s access to the internet in a way that suits their needs.

The question of net neutrality is a rather big one, and significantly more important than being able to decide what streaming service you want to use or what search engine you wish to access, though that alone should be incentive enough to speak up. If the proposal put forward by FCC Chairman Ajit Pai falls into place, it would allow internet service providers to block, throttle and fast-lane various parts of the internet at will, potentially regulating and censoring your entire web-surfing experience and forcing you to stick to the destinations that pay protection money to these cable and broadband companies. It would effectively lead to the monopolization of a free institution that since the 1980s has served as the freest and most democratic source of unbridled information.

It is only rarely that we get to see big corporations the likes of Google and Facebook take up the cause of ordinary citizens on a massive scale, but when we do, it is assured that the matter at hand is an important one. When it came to net neutrality, however, we saw our entire country, rich, poor, democrat, republican, independent and corporate, come together to support an idea that is necessary for the growth and prosperity of our data nation as a whole. That is because net neutrality is an idea that anyone can get behind, one that promotes free and equal access to information for every citizen of the country, and initiative that is not only desirable but also essential for the growth of our country and the entire world from an information perspective.

Thankfully for us, the fight isn’t over yet. A huge number of organizations, small and large, are coming together on July 12 to protest the current administration's blatant disregard of public opinion in their decision to break net neutrality, and it is the hope of these participants that, with the correct amount of attention, they can force the government to take notice regarding an issue that should clearly be independent and bipartisan, much like climate change and affordable healthcare.

If you or anyone you know considers themselves an informed citizen of the country and of the internet, one that is prepared to fight for its freedom and in turn, the freedom of the people, I request you to join now by signing up at this website to participate in the massive protest being held on July 12 to demonstrate our apartisan love for net neutrality and the principles that govern it. Remember, the only thing necessary for the triumph of evil is for good men to do nothing.

Read More >>

Read More

Netflix Joins Support of Net Neutrality

July 12 will be a national day of action for net neutrality, and Netflix has finally announced it will be fully participating.

During the Obama years, Netflix was a major player on the front lines of the fight for ensuring net neutrality. As a streaming service, Netflix theoretically relies on net neutrality to ensure internet providers don’t slow down their streaming speed in order to elevate cable programs.

But Netflix hasn’t seemed to be as enthusiastic as of late, even as the FCC under Ajit Pai, a former cable lobbyist appointed by Trump, poses the most grave threat to net neutrality we’ve ever seen.

Netflix CEO Reed Hastings recently said, “We think net neutrality is incredibly important, [but] not narrowly important to us because we’re big enough to get the deals we want.”


This raised concerns that Netflix had grown too big for it’s britches and that the fight for net neutrality had lost one of its most powerful forces.

But a few days ago, Netflix released another statement saying, “Netflix will never outgrow the fight for net neutrality. Everyone deserves an open Internet.” A Netflix spokesperson also added, “”We support strong net neutrality protections, even if we are at less risk because of our popularity. There are other companies for whom this is a bigger issue, and we’re joining this day of action to ensure the next Netflix has a fair shot to go the distance.”

Some have said that Netflix’s response was just a PR ploy and they’re just doing this to save face because of growing public pressure. That may be true, but ultimately it doesn’t matter. It’s great that there’s enough public zeal out there to put pressure on companies, and it’s great that Netflix has reaffirmed its position regardless of their motive.

Maybe Netflix really is big enough now to have sufficient negotiating power to take care of themselves when it comes to streaming speeds and dealing with ISPs. But the internet-based video streaming industry as a whole needs net neutrality and would be one of the hardest hit mediums if Pai and cable providers have their way.

Without net neutrality, cable providers can prioritize cable TV in ways that will attempt to deter people from using various online video streaming platforms. Imagine going to Youtube, Amazon or Netflix and seeing a message saying something along the lines of, “To access this site you must pay $5.99/month access fee to your internet provider. If you would like to be able to stream without buffering for 10 minutes or more, an additional $2 fee will be added for each video.”

It’s impossible to overstate the importance of the what’s going on with net neutrality right now. Regardless of what you think of Netflix, it’s a huge relief to have them, and all their lobbying resources, in the fight.

Read More >>

Read More