The Big Story

It's a Pipeline problem

Put the emergency gas cans away, my East Coast friends: The Colonial Pipeline is reopening. It'll take a few days to get things back to normal, the company said in a statement, but it has turned things back on, ending one of the highest-profile ransomware sagas we've seen.

• The pipeline has been shut down since Friday, when Colonial Pipeline Company "learned it was the victim of a cybersecurity attack" that involved ransomware. It shut off its own systems "to contain the threat," which cut off access to nearly half the East Coast's supply of fuel.
• The hacking group DarkSide claimed responsibility, which the FBI confirmed. DarkSide took nearly 100GB of data from Colonial just before the pipeline was shut down, Bloomberg reported, and threatened to publish it online and lock up Colonial's machines unless the company paid up.
• The group is believed to be in Russia, but President Biden said there was no evidence yet that it was connected to the government there.

Ransomware has been a growing problem in recent years, and this is yet another example of how fragile core infrastructure can be. For the victims, it's getting more complicated all the time. Most just end up paying and covering it with insurance, but some insurance companies are starting to nix that idea.

• Interestingly, DarkSide seemed to feel bad about this attack. "Our goal is to make money, and not creating [sic] problems for society," the group said in a statement. "From today we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future."
• That's right: Ransomware is a content-moderation issue.

Trouble is, ransomware is both booming and going legit. The security firm Cybereason found that DarkSide is essentially a SaaS company, offering ransomware and other hacking tools to paying customers. It even offers an affiliate program!

• It said it donates part of its profits to charities, too, like a hacker Robin Hood: "No matter how bad you think our work is, we are pleased to know that we helped change someone's life. Today we sended [sic] the first donations."

The need to do something about ransomware is clear, but nobody seems to know what to do. At least not in the near term, when the cyberattacks are so much more sophisticated than the systems they're infiltrating and there's no globally coordinated response.

• President Biden issued an executive order last night calling for sweeping cybersecurity reform, and the establishment of a Cyber Safety Review Board in Homeland Security.
• The order is meant to facilitate information-sharing about hacks, collaboration among agencies, and move the government toward zero-trust systems.

Meanwhile, DarkSide has already moved on: It claimed responsibility for three more victims yesterday. All three are for-profit companies, because come on, you've got to have principles.

EPIC V. APPLE

The notorious YGR

Judge Yvonne Gonzalez Rogers holds the future of Epic and Apple in her hands. She's been a consistent participant during the first 10 days of the trial, too, probing Tim Sweeney for Epic's master plan and asking both sides why they're arguing the way they are.

• She took issue with economist David Evans earlier this week, as he tried to make the case that Apple is a monopoly, Protocol's Ben Brody reported. She asked whether players might have picked up other games in lieu of Fortnite when it was banned, if he had evidence of profit or loss on console sales and what she should make of his treatment of in-app purchases as separate from app distribution. She didn't seem to like many of his answers.
• Yesterday, she quizzed lawyers on why they weren't making "duty to deal" arguments, which would mean arguing that a company like Epic can't succeed without access to smartphones. "Everybody has a communications device," she said. "And the only way to access those billions of customers is through Android or the iPhone."
• Side note on that from Ben: "Epic might actually benefit in the short run if Gonzalez Rogers is genuinely curious about bringing in a duty to deal, but the Supreme Court is so deeply suspicious of the idea that it might be a problem for Epic long-term if she does. One antitrust expert I spoke with said that conservatives and many moderates 'consider the duty to deal a topic of special, virulent hatred.'"

Everyone wants to know how Gonzalez Rogers is thinking. A Wall Street Journal profile tells a story of her not letting her son play video games; evidence that she's anti-Fortnite? Or is the fact that she brings treats to the courtroom a sign of empathy? She has ruled in Apple's favor in past cases, but nobody seems to think that matters much here.

• If you polled the experts, I think most would say she's leaning slightly toward Apple so far, but the trial is young and Apple hasn't begun to call its own witnesses for her to question.

We've spent the last couple of days deep in the weeds of market definitions and ultra-specific ideas about what constitutes a monopoly, but ultimately this is the stuff that will decide the case. And YGR seems to be all over it.

A MESSAGE FROM CIRCLECI

Vamp, the leading release orchestration platform, is joining CircleCI. Soon, code release will be truly risk-free: continuous integration, fully-featured deployment, and automated rollbacks.

With a full suite of features to get code from your build environment to your customers' hands, CircleCI is bringing risk-free release to your CI/CD pipeline.

Learn more

People Are Talking

No more buying Teslas with Bitcoin, Elon Musk said:

• "Cryptocurrency is a good idea on many levels and we believe it has a promising future, but this cannot come at great cost to the environment."

Apple employees wrote a petition asking for an investigation into the company's hiring of Antonio García Martínez:

• "It is concerning that the views Mr. García Martínez expresses in his 2016 book 'Chaos Monkeys' were overlooked — or worse, excused — during his background check or hiring panel. We demand an investigation into how his published views on women and people of color were missed or ignored, along with a clear plan of action to prevent this from happening again."

And soon after, Apple said García Martínez no longer worked at the company:

• "At Apple, we have always strived to create an inclusive, welcoming workplace where everyone is respected and accepted. Behavior that demeans or discriminates against people for who they are has no place here."

On Protocol | Enterprise: The great work-software bundling doesn't solve all of a business's problems, Boomi's Chris McNabb said:

• "When an enterprise has 850 applications, even the largest ecosystems in the world are not going to replace the vast majority of those 850 apps. Maybe they replace 100, but you're still gonna have 750 that aren't [getting replaced], and you need something that's going to connect all of that stuff together."

Making Moves

Raghu Raghuram is the new CEO of VMware. He was previously one of the company's COOs, and fills the job left open by Pat Gelsinger, who now runs Intel.

The Senate Commerce Committee approved Lina Khan's FTC nomination. Now she'll face a full Senate vote.

Amazon is adding another 1,900 employees to its HQ2 in Virginia, and nearly half of the new listings are for AWS jobs.

Bird is officially going public, in a SPAC deal that values the company at $2.3 billion.

Ger Dwyer and Adam Frost are both leaving Waymo. The two executives are following former CEO John Krafcik out the door, and Waymo's already in the market for a new CFO.

Cisco acquired Socio Labs, which it'll use to make Webex a better tool for "large-scale, multi-session hybrid events and conferences."

In Other News

• On Protocol | Policy: The Endless Frontier Act was passed out of the Senate Commerce Committee yesterday. But the bill, aimed at injecting billions of dollars into tech R&D to counter China, is shrinking and picking up pet provisions along the way.
• Vitalik Buterin donated $1.2 billion to the India Covid Relief Fund. The Ethereum founder regifted dog-themed memecoins that had been sent, unsolicited, to his personal wallet in recent days.
• On Protocol: Sonos won an injunction against Googlein Germany, which could force Google to stop the sale of smart speakers, media players and even phones in the country.
• Clubhouse has a blocking problem. The app's black badge was meant to identify trolls, writes Will Oremus, but has instead "created a system of self-moderation, in which the thorny questions of online speech are devolved to its users."
• Airbnb's "smart pricing" algorithm widened racial disparities, a new report found, as its uptake was low among black hosts, while adopters made more money.
• Don't miss this story about the limits of automated credit ratings from The Verge, which explores how twins can cause some big problems for financial algorithms.
• On Protocol | Fintech: Diem is focusing on the U.S.The Facebook-backed digital currency is pulling back on its plans to be based in Switzerland, after U.S. regulators raised concerns about the risk of money laundering.

WORK IN THE FUTURE

Step into my VR office

You know what's better than Zoom meetings? VR meetings! Better yet, meetings that are actually just two avatars hanging out in a video game, half talking and half defending their territory. I'm really starting to believe — and more and more tech folks agree — that VR headsets are going to be part of the hybrid work future.

So my advice, if you have a headset: Download Infinite Office, Spatial or Microsoft Mesh and start getting comfy in your virtual office. Move the plants around, start fiddling with the weird floating keyboards. None of this is finished yet, but it all feels like the future. And next time you need to reach me, let's do it in a battle royale.

A MESSAGE FROM CIRCLECI

Vamp, the leading release orchestration platform, is joining CircleCI. Soon, code release will be truly risk-free: continuous integration, fully-featured deployment, and automated rollbacks.

With a full suite of features to get code from your build environment to your customers' hands, CircleCI is bringing risk-free release to your CI/CD pipeline.

Learn more

Refer Five Friends, Get A Mug

Are you tired of explaining the tech news of the day to your co-workers every morning? Let us do the heavy lifting and refer them to Source Code.

Send them your referral link via Slack, text, email, or carrier pigeon and we'll send you your very own Protocol mug after you refer five friends!

Your referral link:*|RH_REFLINK|*

Share on Twitter — Share on LinkedIn — Share via email