EU targets Big Tech with “hit list” facing tougher rules

A Facebook logo in front of an EU flag in this photo illustration on November 20, 2017.
Enlarge / A Facebook logo in front of an EU flag in this photo illustration on November 20, 2017.

EU regulators are drawing up a “hit list” of up to 20 large Internet companies, likely to include Silicon Valley giants such as Facebook and Apple, that will be subject to new and far more stringent rules aimed at curbing their market power.

Under the plans, large platforms that find themselves on the list will have to comply with tougher regulation than smaller competitors, according to people familiar with the discussions, including new rules that will force them to share data with rivals and an obligation to be more transparent on how they gather information.

The list will be compiled based on a number of criteria, including market share of revenues and number of users, meaning the likes of Facebook and Google are likely to be included. Those deemed to be so powerful that rivals cannot trade without using their platforms could also be added.

The move to gain new powers is part of a growing effort in Brussels to force big technology companies to change their business practices without a full investigation or any finding that they have broken existing laws.

It follows complaints that the current regulatory regime has resulted in weak and belated action, which has done little to foster competition.

The number of companies and the precise criteria for the list is still being discussed, but it is the latest indication of how serious the EU is about coming up with powers to limit the power of platforms seen as “too big to care.”

“The immense market power of these platforms is not good for competition,” said a person with intimate knowledge of the discussions.

The proposals, which are still being discussed among senior EU officials, could

EU creates ‘hit list’ of Big Tech targets for new regulation: Report

  • EU lawmakers are drawing up a “hit list” of Big Tech companies to target with new regulation, sources told the Financial Times.
  • The list will have up to 20 companies on it, and is likely to include big players such as Facebook and Apple, the sources said.
  • The EU is set to publish proposals for new technology laws in December.
  • Visit Business Insider’s homepage for more stories.

EU lawmakers are writing a “hit list” of Big Tech companies to target with tougher regulation, sources familiar with the matter told the Financial Times.

The sources did not say which names are on the list so far, but said it will feature up to 20 large tech companies, and that it is likely to include Silicon Valley behemoths such as Facebook and Apple.

Under draft plans for new legislation, the companies named on the list will have to abide by stricter regulations than smaller competitors.

The EU is currently working on a new set of technology laws called the Digital Services Act. It is due to set out its first proposals in December.

“The immense market power of these platforms is not good for competition,” a source familiar with the discussions told the FT.

“Big platforms are invasive, they pay little tax and they destroy competition. This is not the internet we wanted,” said another.

Thierry Breton, the European commissioner for internal markets, told the FT in September that the EU was looking at giving itself sweeping powers to crack down on powerful tech companies, up to and including the ability to break them up.

“There is a feeling from end-users of these platforms that they are too big to care,” Breton said.

This comes as Big Tech companies are facing ever-increasing antitrust scrutiny in the US, with the Department of Justice

Software AG Hit by Data-Stealing Ransomware Attack

A major German enterprise software company has become the latest tech name to suffer a likely ransomware attack featuring information theft.

IoT specialist Software AG, which claims to have over 10,000 customers and annual revenue exceeding €800m, revealed the news in a brief update late last week.

The note claimed the attack had been ongoing since Monday and had yet to be fully contained.

“Today, Software AG has obtained first evidence that data was downloaded from Software AG’s servers and employee notebooks. There are still no indications for services to the customers, including the cloud-based services, being disrupted. The company is refining its operations and internal processes continuously,” it explained on October 8.

“Software AG is further investigating the incident and is doing everything in its power to contain the data leak and to resolve the ongoing disruption of its internal systems, in particular to restart its internal systems as soon as possible which had been shut down for security reasons.”

Although the firm’s website appears to be up and running as normal, it is requesting users with support issues to email their problem and leave a number for call back, “due to technical issues with our online support system.”

Researchers MalwareHunterTeam posted on social media that the firm had been hit by the Clop variant, one which usually demands a ransom of $20 million. The group apparently claims to have swiped around a terabyte of data.

The incident is yet another sign of ransomware groups increasingly going after large enterprise targets with deep pockets. They will often perform detailed reconnaissance before striking in advanced multi-stage attacks using APT-style tactics to stay hidden while exfiltrating data and finally deploying the ransomware.

An attack on IT services giant Cognizant cost the firm an estimated $50-70m in Q2 2020, it admitted earlier

Software AG caught in double extortion ransomware hit

German software giant Software AG is racing to contain a major data leak resulting from a double extortion attack that saw its files encrypted and stolen by the operators of the Clop ransomware.

The firm first came under attack on 3 October, and was forced to shut down its internal systems, forcing its helpdesk and internal communications offline, although its core customer-facing services, including its cloud-based services, were unaffected.

At the time of writing, its online support system remained offline and customers were being asked to email a support address with details of their problem instead of using the standard interface.

Clop’s operators are understood to have demanded an exceptionally high ransom payment of $20m, but Software AG has refused to pay, so the gang has now begun to publish its confidential data on the dark web. Screenshots obtained by ZDNet show the leaked data to include scans of employees’ identification, including passport details, internal emails and financial information.

Such double extortion attacks are becoming increasingly common after first emerging about 12 months ago, because they give cyber criminals an additional means to apply pressure to their victims.

“On 5 October 2020, Software AG disclosed that it is affected by a malware attack,” said the company in a statement. “The malware is not fully contained yet, and Software AG’s systems remain being affected by the attack.

“Today, Software AG has obtained first evidence that data was downloaded from Software AG’s servers and employee notebooks. There are still no indications for services to the customers, including the cloud-based services, being disrupted. The company is refining its operations and internal processes continuously.

“Software AG is further investigating the incident and is doing everything in its power to contain the data leak and to resolve the ongoing disruption of its internal systems, in

Microsoft Hit By New Surface Problems

The Surface Duo is having a rough week. Microsoft’s dual-screened Android-powered mobile device has a unique form factor and offers a new way of working. To achieve this, it needs consumer confidence in the software and the hardware. It’s the latter that has been heavily discussed online, and not in a good way.

First up is a cosmetic issue; while these do not have a bearing on the functionality of the Surface Duo, when you are paying upwards of $1400 for the device, you don’t want it to loose its lustre after a few weeks. User reports of the plastic on the Duo starting to yellow strongly suggest that this isn’t a chemical reaction within the plastic, but a material that is quick to pick oils and grease. Nevertheless it’s not welcome.

Then you have the plastic cracking around the USB-C port. The thin nature of each side of the Surface Duo leaves little room around the USB-C port for moulding and it’s a natural weak point in the design. Those reporting cracked plastic between the port and the edge of the plastic note that charging the device is unaffected.

A small number of users are also reporting broken and seized hinges. Given the core nature of the Surface Duo this is a serious problem for those users affected.

While these issue clearly have an impact on the individual, the damage they can do to the Surface brand itself should