Live Business News: Widespread Internet Outage and Markets Today - The New York Times

Live Business News: Widespread Internet Outage and Markets Today - The New York Times


Live Business News: Widespread Internet Outage and Markets Today - The New York Times

Posted: 08 Jun 2021 04:37 AM PDT

Daily Business Briefing

June 9, 2021, 12:53 a.m. ET

June 9, 2021, 12:53 a.m. ET
Lordstown Motors gained attention after it bought a shuttered auto plant in Ohio to build its truck, the Endurance.
Credit...David Maxwell/EPA, via Shutterstock

Lordstown Motors, an electric vehicle start-up that aimed to revive a shuttered General Motors factory in Ohio, said on Tuesday that it did not have enough cash to start commercial production of its electric pickup truck and might have to close its doors.

The company, which was once held up as a savior by former President Donald J. Trump, is now being investigated by the Securities and Exchange Commission. In a regulatory filing, Lordstown said it will not be able to begin "commercial scale production" without raising more money from investors and lenders.

Lordstown, one of about a dozen start-ups in the electric vehicle space that have gone public by merging with special purpose acquisition companies, or SPACs, added that there was "substantial doubt regarding our ability to continue as a going concern" — a legal phrase companies often use to alert investors that they might not survive. The company had $587 million in cash at the end of March, down from more than $629 million at the end of last year.

The filing will likely increase doubt about the viability of businesses that have merged with SPACs, which have been criticized by some investors and analysts for doing a shoddy job of vetting the businesses they acquire. Many of the SPAC deals in the electric vehicle space have been particularly precarious because it takes a lot of expertise, money and time to create an auto company capable of mass-producing cars and trucks.

Lordstown has been on shaky ground for months. On Friday, the company said the Nasdaq stock exchange could delist its shares because it was late in filing its quarterly report with the S.E.C. The company offered no explanation for the delay, but it may have been related to an accounting change that securities regulators issued for companies that have merged with SPACs.

Lordstown's stock fell sharply on Tuesday, closing down more than 16 percent, to $11.22 a share. It fell a bit more in extended trading.

The S.E.C. said this year that warrants awarded in SPAC deals had to be accounted for as debt or a liability on a company's balance sheet. A warrant grants an investor the right to buy shares at a preset price. Before the accounting change, most warrants were treated as stock and not debt.

Lordstown, in its quarterly filing, reported a net loss in the value of its warrants of about $19 million. The company also reported $82 million in cash proceeds from the exercise of warrants during the quarter.

Just last month, the company said it was on track to start production in September, although it said it would make only about 1,000 trucks by the end of the year — half as many as it had originally planned — if it was unable to raise more money.

The company said it was considering issuing new stock or borrowing money. "As we seek additional sources of financing, there can be no assurance that such financing would be available to us on favorable terms or at all," the company's filing said.

Lordstown also said it was reducing its spending to conserve the cash it had on hand, without saying whether it might cut jobs. Company representatives did not respond to a request for comment.

The company was founded by its chief executive, Steve Burns, who previously headed another electric vehicle business, Workhorse Group. Lordstown was created after G.M. decided in 2018 to shut down a plant that had made the Chevrolet Cruze sedan.

Mr. Trump attacked G.M. for closing the factory and demanded that the automaker sell it to someone else. G.M. sold the plant to Lordstown for just $20 million in 2019 and later lent the start-up $40 million. G.M. still owns 7.5 million shares in Lordstown.

Lordstown became a publicly traded company in October when it merged with Diamond Peak Holdings, a SPAC created by a former Goldman Sachs banker who had no experience in the auto industry. The deal was completed in just two months.

In its Tuesday filing, Lordstown revealed that it had received two subpoenas from the S.E.C. seeking documents and information, including about its deal with Diamond Peak. The company said it was cooperating with regulators.

Lordstown also said it restated a portion of its 2020 annual report after determining it had found "material weaknesses" in its financial reporting. The company said it did not have enough employees with "appropriate technical accounting skills and knowledge."

The company said it was hiring more skilled employees. But it warned that it might not be "successful in remediating the material weaknesses."

Ohio's attorney general, Dave Yost, filed a lawsuit on Tuesday in pursuit of a novel effort to have Google declared a public utility and subject to government regulation.

The lawsuit, which was filed in a Delaware County, Ohio court, seeks to use a law that's over a century old to regulate Google by applying a legal designation historically used for railroads, electricity and the telephone to the search engine.

"When you own the railroad or the electric company or the cellphone tower, you have to treat everyone the same and give everybody access," Mr. Yost, a Republican, said in a statement. He added that Ohio was the first state to bring such a lawsuit against Google.

If Google were declared a so-called common carrier like a utility company, it would prevent the company from prioritizing its own products, services and websites in search results.

Google said it had none of the attributes of a common carrier that usually provide a standardized service for a fee using public assets, such as rights of way.

The "lawsuit would make Google Search results worse and make it harder for small businesses to connect directly with customers," José Castañeda, a Google spokesman, said in a statement. "Ohioans simply don't want the government to run Google like a gas or electric company. This lawsuit has no basis in fact or law and we'll defend ourselves against it in court."

Though the Ohio lawsuit is a stretch, there is a long history of government control of certain kinds of companies, said Andrew Schwartzman, a senior fellow at the nonprofit Benton Institute for Broadband & Society. "Think of 'The Canterbury Tales.' Travelers needed a place to stay and eat on long road treks, and innkeepers were not allowed to deny them accommodations or rip them off," he said.

After a series of federal lawsuits filed against Google last year, Ohio's lawsuit is part of a next wave of state actions aimed at regulating and curtailing the power of Big Tech. Also on Tuesday, Colorado's legislature passed a data privacy law that would allow consumers to opt out of data collection.

On Monday, New York's Senate passed antitrust legislation that would make it easier for plaintiffs to sue dominant platforms for abuse of power. After years of inaction in Congress with tech legislation, states are beginning to fill the regulatory vacuum.

Ohio was also one of 38 states that filed an antitrust lawsuit in December accusing Google of being a monopoly and using its dominant position in internet search to squeeze out smaller rivals.

Last year, a Pennsylvania man amassed thousands of followers on Twitter by impersonating relatives of former President Donald J. Trump. In November, he even duped Mr. Trump, who messaged the man "LOVE!" while thinking he was writing to one of his sisters.

The New York Times later identified the man as Josh Hall, a 21-year-old food-delivery driver and Trump supporter, and showed that he had used the accounts to collect thousands of dollars for a fake political group.

On Tuesday, federal authorities arrested Mr. Hall and charged him with fraud and identity theft.

Mr. Hall pretended to be members of the Trump family "to fraudulently induce hundreds of victims to donate to a political organization that did not exist, and then pocketed those funds for his own use," Audrey Strauss, the U.S. attorney in Manhattan, said in a news release.

Credit...Josh Hall

Mr. Hall's arrest is a rare instance of criminal charges filed against someone for creating fake accounts on social media. Facebook, Instagram, Twitter and other social networks are rife with millions of fake accounts, many of which impersonate politicians, celebrities and soldiers to scam people out of money. But few of the people behind the fakes ever face consequences.

Mr. Hall attracted the attention of the Federal Bureau of Investigation after he posed as five members of Mr. Trump's family on Twitter, amassing more than 160,000 followers on the site. Over a year, he pretended to be, among others, Robert Trump, the president's brother; Barron Trump, the president's teenage son; and Dr. Deborah L. Birx, the White House's coronavirus coordinator at the time.

He used the accounts to direct people to donate to a political group called Gay Voices for Trump. Mr. Hall later told The Times that the group didn't exist. He brought in more than $7,300. The Justice Department said on Tuesday that Mr. Hall had kept the money.

Mr. Hall appeared in federal court in Harrisburg, Pa., on Tuesday, the Justice Department said. He could face up to 22 years in prison, the department said.

Mr. Hall could not be immediately reached on Tuesday. He told The Times last year that his fake accounts were clear parodies and that anyone should have known that, including Mr. Trump, by reading a few of their typically juvenile posts.

"There was no nefarious intention behind it," Mr. Hall said. "I was just trying to rally up MAGA supporters and have fun," he added, referring to the abbreviation for Mr. Trump's slogan, "Make America Great Again."

Video

transcript

bars

0:00/1:12

-0:00

transcript

C.E.O. Details How Hackers Infiltrated Colonial Pipeline Network

Joseph Blount, the chief executive of Colonial Pipeline, told a Senate committee on Tuesday that the company believes cybercriminals accessed its computer systems via a virtual private network that was no longer used.

Just one month ago, we were the victims of a ransomware attack by a cybercriminal group, and that attack encrypted our I.T. systems. Although the investigation is still ongoing, and we believe the attacker exploited the legacy V.P.N. profile that was not intended to be in use, DarkSide demanded a financial payment in exchange for a key to unlock the impacted systems. We had cyberdefenses in place, but the unfortunate reality is that those defenses were compromised. We reached out to federal authorities within hours of the attack, and they have continued to be true allies as we've worked to quickly and safely restore our operations. I made the decision to pay, and I made the decision to keep the information about the payment as confidential as possible. It was the hardest decision I've made in my 39 years in the energy industry. And I know how critical our pipeline is to the country. And I put the interests of the country first. I kept the information closely held because we were concerned about operational safety and security. And we wanted to stay focused on getting the pipeline back up and running. I believe with all my heart it was the right choice to make.

Video player loading
Joseph Blount, the chief executive of Colonial Pipeline, told a Senate committee on Tuesday that the company believes cybercriminals accessed its computer systems via a virtual private network that was no longer used.CreditCredit...Andrew Caballero-Reynolds/Agence France-Presse — Getty Images

The top executive of the Colonial Pipeline told a Senate committee on Tuesday that an oversight appears to have allowed hackers into its computer systems and contributed to the paralyzing of the delivery of gasoline and other fuels up and down the East Coast.

Joseph Blount, the chief executive of the pipeline company, said the company believes that the criminal hackers infiltrated Colonial's computers through an old virtual private network, commonly known as a V.P.N., "that was not intended to be in use." He added, "We are still trying to determine how the attackers gained the needed credentials to exploit it."

The V.P.N., a technology often used by companies to allow staff to access internal corporate networks from home, did not require multifactor authentication, a process through which a user is granted access to a computer system or application only after successfully presenting two or more pieces of information — security experts often refer to it as "something you know and something you have." The first piece of information is often a password; the second can be a code sent to a cellphone, for example. Multifactor authentication has become increasingly common, and even free services like Gmail and Facebook offer it and encourage people to use it.

Democratic and Republican Senators were largely sympathetic in their questioning of Mr. Blount and did not press him aggressively on the glaring vulnerability. Colonial operates a 5,500-mile pipeline network that supplies 100 million gallons of gasoline, diesel and jet fuel daily to gas stations, airports and other customers along the East Coast, supplying nearly half of the region's transportation energy.

"We are deeply sorry for the impact that this attack had," Mr. Blount said.

Mr. Blount said the company quickly notified the Federal Bureau of Investigation on the day of the attack and suggested the damage done to the pipeline could have been much worse had the company not paid a ransom to a criminal group called DarkSide that infiltrated its system.

The Justice Department said on Monday that it had seized more than half the ransom, which totaled more than $4 million worth of the digital currency Bitcoin.

Deputy Attorney General Lisa Monaco, center, described how the feds hacked the hackers.
Credit...Pool photo by Jonathan Ernst

The Justice Department said on Monday that it had traced and seized much of the ransom that a major U.S. pipeline operator paid to a Russian hacking collective last month. The ransomware attack shut down the Colonial Pipeline for about a week, prompting fuel shortages and price spikes, until the company paid hackers more than $4 million worth of Bitcoin. But federal officials said that a new F.B.I. task force had recaptured most of the Bitcoins by, in essence, hacking the hackers.

Bitcoin transactions are anonymous but not untraceable. The hackers moved the ransom through dozens of accounts, which can be tracked on the blockchain, the public ledger of all Bitcoin transactions. Eventually, the funds landed in an account that a federal judge allowed the F.B.I. to break into. According to court documents, officials got the account's "private key," a crucial password that gives the owner complete control over the funds inside.

Tom Robinson of the blockchain analytics company Elliptic, who has been tracking the ransom payments, wrote in a blog post that the account compromised by the authorities appeared to hold the 85 percent share of the ransom that went to the client of DarkSide, the Russian "ransomware as a service" hacking group whose software was behind the attack. The remaining 15 percent was funneled through accounts presumably controlled by DarkSide developers.

In a way, this could be good for cryptocurrency, the DealBook newsletter reports. A major criticism of crypto is that its anonymity and ease of use make it suitable for crime, like the ransomware attacks that, by some measures, strike every eight minutes. The Justice Department didn't divulge how it had seized the bulk of the Colonial ransom, but its success shows that it can comb the blockchain and crack into at least some accounts. That's good for the traceability of cryptocurrency used for crime — but also goes against the decentralized, privacy-focused, anti-establishment benefits that some see as crypto's greatest assets. (There are other cryptocurrencies with features that make them harder to trace than Bitcoin.)

Federal officials encouraged companies to work with the F.B.I. when attacked, as Colonial did, to help recoup ransom payments, which are thought to run into the billions of dollars (and are legal and even tax-deductible).

Joseph Blount, the chief executive of Colonial, will testify Tuesday before the Senate and Wednesday before House, where more details about the attack, and the response, could be revealed.

Job openings surged in recreation, food service and other sectors that are ramping up after a year of pandemic-related restrictions.
Credit...Anjali Pinto for The New York Times

Job openings surged to record levels in April, the latest evidence that businesses are struggling to hire workers as the economy reopens.

U.S. employers had 9.3 million jobs available at the end of April, the Labor Department said Tuesday. That is the most in the two decades that records have been kept, and more than two million more than before the pandemic. Openings surged in recreation, food service and other sectors that are ramping up after a year of pandemic-related restrictions.

Hiring rose, too, but not by nearly as much, which is consistent with separate figures showing that net job growth slowed significantly in April. (Job growth picked up in May, but remains below March levels.)

Many businesses have reported in recent weeks that they would like to hire more quickly but cannot find enough workers. The data released Tuesday, the monthly Jobs and Labor Turnover Survey, provided some evidence of that shortage: There was roughly one unemployed worker for every available job in April. That is above the level before the pandemic, when there were fewer jobless workers than available jobs, but it represents a much faster rebound than after the last recession.

With plenty of jobs available, workers are feeling emboldened: Nearly four million people voluntarily quit their jobs in April, the most on record. The number was especially elevated in the leisure and hospitality sector, where many businesses have been offering signing bonuses and other incentives to lure workers.

"More than a year after horrific job losses and wage cuts, job seekers have a strong hand in the labor market again," Nick Bunker, director of research for the hiring site Indeed, said in a statement. "Demand for workers is surging as the broader economy starts to emerge from the pandemic."

A Boeing 737 Max plane flown by Southwest Airlines. Southwest has ordered a total of 383 of the planes through 2031.
Credit...Ted S. Warren/Associated Press

Southwest Airlines said Tuesday that it would buy more Boeing's 737 Max jets than it had previously planned, providing an important vote of confidence for the troubled plane that was grounded by regulators for nearly two years.

The airline said in a securities filing that it had agreed to buy 34 more Max jets next year, more than doubling its previous order. That brings Southwest's total order for those planes through 2031 to 383 planes, with options to buy hundreds more. The new jets will replace older 737's in the Southwest's fleet, which is made up of various Boeing 737 models. The airline said it expected to retire at least 30 to 35 older planes each year over the next decade.

The news helped to lift Boeing's sales for May. The manufacturer reported Tuesday that it had sold a net 20 planes last month, after accounting for cancellations.

Southwest's order comes as the pandemic recedes in the United States and demand for travel rebounds strongly.

Memorial Day weekend kicked off what airlines hope will be a monthslong travel frenzy spurred by widespread vaccinations and a drop in new infections.

Southwest said Tuesday that it expected June revenue to be down only 20 percent compared with the same month in 2019, at the low end of a previous company estimate. Fares for leisure travel in June and July are in line with 2019 and summer bookings are looking "fairly typical," the airline said in the filing.

Boeing received several dozen cancellations but it also said that it was now hopeful about more than 70 orders that it had previously removed from its books because they seemed unlikely to be filled. The company's order backlog now stands at more than 4,100 planes, most of which are for the 737 Max.

That plane started flying passengers late last year after a 20 month global ban following two fatal crashes. Since then, 23 airlines have restarted using the Max, flying nearly 45,000 passenger flights, Boeing said.

The British government's main website was offline during the outage.
Credit...Leon Neal/Getty Images

Several major websites, including those of the British government, The New York Times, CNN, The Financial Times and The Guardian, were briefly inaccessible for many users on Tuesday morning.

According to Downdetector.com, which tracks internet disruptions, sites including Etsy, Hulu, PayPal, Reddit, Twitch and Twitter also reported problems.

Many of the affected sites appeared to have been restored after a little less than an hour.

The outage was connected to Fastly, a provider of cloud computing services used by scores of companies to improve the speed and reliability of their websites. Fastly later said on its website that the issue had been identified and that a fix was being made.

Fastly works on technology known as a content delivery network, which is a highly distributed network of servers used to reduce the distance between a server and user, and increase the speed at which a website loads.

The technology is thought to improve reliability because it distributes the delivery of a website to many locations, rather than depending on a central data center. Fastly did not immediately respond to a request for comment on Tuesday.

Widespread internet outages are less common today than years ago, as Google and other major tech companies develop interconnected data centers that improve performance, but there have been a number of incidents over the last year.

In December, Google services including Gmail, Maps and YouTube crashed for about an hour. The company attributed the problem to an "authentication system outage." And in January, Slack, the popular workplace messaging platform used by millions of people worldwide, experienced a major disruption in which users could not send messages, load channels, make calls or log in to the service.

Outages like the one on Tuesday, in which many of the affected sites belonged to news outlets, often hit businesses in the same sector because they rely on the same third-party services, said Marie Vasek, a lecturer in information security at University College London.

"All of these websites really depended on this one third-party service, and the slight disruption in that caused this disproportionate effect," Dr. Vasek said.

Madeline Carr, the director of the Research Institute for Sociotechnical Cyber Security, which focuses on the security of organizations, said that companies that provide the infrastructure for websites can be slow to provide details when they experience internal failures or are the victims of cyberattacks. That is in part because their main selling point to clients is their reliability, she said.

"There does need to be a level of accountability," said Dr. Carr, also a professor of cybersecurity at University College London. "In the last generation of cybersecurity, it was about ensuring websites were protected or had adequate security, but when you're talking about something like Fastly, in a sense it doesn't matter how secure your own website is," she said, since so many websites depend on it.

Websites for Hulu, Reddit, Twitch and The New York Times crashed for about an hour on Tuesday morning.
Credit...Mark Lennihan/Associated Press

For a company pitching itself as helping improve the reliability and speed of websites, it is hard to imagine a worse turn of events than what Fastly experienced on Tuesday.

Fastly, a cloud-computing company used by businesses around the world to operate their websites, faced an outage that caused popular websites including Reddit, Twitch, Hulu and The New York Times to suddenly crash for about an hour on Tuesday. Websites in North and South America, Europe, Asia and Africa were affected, the company said.

Fastly, based in San Francisco, provides the kind of behind-the-scenes technology that most people do not know exists, but is crucial for making the internet work. The company had been enjoying some success. Its stock skyrocketed last year, benefiting from all the people who were online amid the pandemic, the same wave that helped other tech companies like Zoom before coming back down over the past several months.

Before the system crashed on Tuesday, the stock had more than doubled since the company went public in 2019.

Fastly provides a technology known as a Content Delivery Network, or CDN, a highly distributed network used to reduce the distance between a server and a user, thus accelerating website loading speeds. Fastly says its network improves reliability because it distributes a website to many locations, rather than depending on a central data center.

Everything began going sideways for Fastly on Tuesday morning. At 5:58 a.m. Eastern time, the company posted on its website that it was investigating a problem with its services.

Customers that were experiencing outages included PayPal, The New York Times, The Financial Times and The Guardian. Even the British government's main webpage was offline.

A spokeswoman for Fastly, whose own website was taken down, attributed the problem to a disruption to Fastly's systems that send website content from a server to individual users.

Kentik, a network analytics company, said internet traffic volume coming from Fastly's services fell by 75 percent.

The complexity of the internet means that short-lived outages will always exist, said Doug Madory, Kentik's director of internet analysis. He noted that Google, Amazon and other large companies have also experienced problems that take services offline.

"There is no error-free internet, it doesn't exist," he said. "This is unavoidable because of the complexity."

But investors seemed to shrug off the worldwide internet outage Fastly had caused. After slumping in premarket trading, its stock price was up about 3 percent Tuesday morning.

A Tesla showroom in Beijing. Sales of the company's China-made cars jumped last month.
Credit...Nicolas Asfouri/Agence France-Presse — Getty Images
  • U.S. stocks edged higher on Tuesday, with the S&P 500 climbing less than 0.1 percent.

  • Most European stock indexes rose. The Stoxx Europe 600 climbed 0.1 percent as gains in technology and health care companies outweighed drops in the shares of energy companies.

  • The eurozone economy didn't fare as badly as initially projected at the start of this year, according to a revision of first quarter gross domestic product by the European statistics agency. The region's economy fell 0.3 percent in the first three months of the year, compared with a previous estimate of a 0.6 percent decline, data published on Tuesday showed.

  • "While the euro area experienced a technical recession around the start of 2021, this upside surprise" to the first quarter economic data "is another positive development," analysts at Barclays wrote in a note. The improvement suggests "that the euro area could be experiencing a little less scarring than we thought originally."

  • Japan, too, reported an improved figure for first-quarter growth. Its economy shrank at an annual rate of 1 percent from January through March from the previous quarter, the government said Tuesday, an improvement from the initial estimate of a 1.3 contraction.

  • Tesla's sales of cars made in China jumped 29 percent in May from the month before, and now represent a third of its total sales, Reuters reported. But Tesla's Model 3, previously the best-selling electric vehicle in the country, has been overtaken by a cheaper electric car made by the joint venture between General Motors and SAIC Motor. Tesla shares fell 0.3 percent.

  • MoviePass, the failed subscription service that promised unlimited moviegoing for $10 a month, agreed on Monday to settle Federal Trade Commission accusations that it knowingly deceived customers, making the service difficult to use, and exposed their personal data. In the process, the F.T.C. revealed the elaborate obstacles that MoviePass executives made the most active users overcome, including forcing them to reset their passwords and setting unannounced limits on their accounts. "MoviePass and its executives went to great lengths to deny consumers access to the service they paid for while also failing to secure their personal information," Daniel Kaufman, the F.T.C.'s acting director of the Bureau of Consumer Protection, said in a statement.

Video
Cinemagraph
CreditCredit...By Timo Lenzen

Today in the On Tech newsletter, Shira Ovide writes that YouTube has figured out ways to generate enough cash to make many people in the music world happy — or at least content enough for now. If this persists, YouTube might have achieved something that few internet companies have: a relatively healthy relationship with an established industry that it simultaneously helps and disrupts.

After Black Lives Matter protests last year and an economic crisis that disproportionately sidelined women, corporate America vowed to be more inclusive. It threw its weight behind policies like child care that would foster an equitable recovery from the pandemic, promises that seemed to represent a sea change in what until recently had been an apolitical corporate landscape.

But in corporate boardrooms, little has changed. Boards have been, and continue to be, predominantly male and white, according to a new study that will be released on Tuesday.

The study, by the Alliance for Board Diversity and the consulting firm Deloitte, found that white women gained the most number of seats, increasing their presence at Fortune 100 companies by 15 percent and at Fortune 500 companies by 21 percent. But, in total, they still represent just about a fifth of all board seats. And minority women — which includes Black, Hispanic and Asian women — represent the smallest slice of boardrooms at both Fortune 100 (around 7 percent) and Fortune 500 (around 6 percent) companies. More than half of directors newly appointed to board seats last year were white men.

Credit...By The New York Times | Sources: Deloitte, Alliance for Board Diversity

The report, however, analyzed data only through last June. More recent data from the research firm Institutional Shareholder Services found that since last July, the number of Black directors on boards of S&P 500 companies surged by nearly 200 percent, representing 32 percent of all newly appointed directors, up from 11 percent in 2019. Almost half of them were new to publicly traded company board services.

That report, which didn't break down the data by gender, attributed the shift to "the widespread racial justice protests last summer."

Even before the protests, there was growing pressure for boardroom diversity from institutions like Goldman Sachs, BlackRock and Nasdaq, driven in large part by a growing body of evidence showing that diverse leadership correlates with better business performance. And as a result of 2018 legislation in California, almost all of the more than 600 public companies based there now have at least one female board member, according to researchers at Clemson University and the University of Arizona.

Substantial change, though, will still take time, experts said. A typical tenure of a board director is eight years, and adding more seats can be costly, with director pay often reaching hundreds of thousands of dollars.

The report from the Alliance for Board Diversity and Deloitte noted that, at the current rate of change, it would take decades for boardrooms to reach representation proportional to the demographics of the American population. Women of color, for example, make up 20 percent of the U.S. population, but it would take until 2046 for them to make up 20 percent of Fortune 100 board seats.

"The fact remains," the authors of the report write, "progress has been painfully slow."

Domino effect: Why the worlds biggest websites suddenly went offline - Business Standard

Posted: 08 Jun 2021 09:34 PM PDT

The hour-long Fastly Inc. outage was a reminder of how exposed the world's biggest websites are to the impact of disruptions ranging from simple human error to coordinated cyberattack.

The failure at Fastly, which helps websites load their pages faster, sent vast swaths of the web offline on Tuesday. News websites including CNN, the New York Times and Bloomberg News, services such as Amazon.com Inc., Shopify Inc. and Stripe Inc., plus sites as large as Spotify and Reddit all went offline. U.K. government digital services were also unavailable for a period.

Major sites began reporting problems around 10:30 a.m. U.K. time on Tuesday, according to Downdetector, which tracks service interruptions.

In a summary of the events that unfolded, the company said a valid software configuration change by one of its customers triggered a previously undiscovered bug, introduced during a May 12 software deployment. Fastly quickly identified an issue with its content delivery network and announced it was rolling out a fix just 46 minutes after acknowledging a problem. Sites began to spring back to life soon afterward.

"This outage was broad and severe, and we're truly sorry for the impact to our customers and everyone who relies on them," Nick Rockwell, Fastly's senior vice president of engineering and infrastructure, said in the blogpost.

Nevertheless, the cascade of failures across the web turned a mere "service configuration" into a global outage that hit large companies and small users alike.

What does Fastly do?

Fastly is one of a number of high-level website and application hosting services that large enterprises use to serve content to millions of users simultaneously.

Rather than hosting all website content on a single set of servers in one location, Fastly's so-called "edge computing" model puts servers in dozens of locations, allowing websites to serve pages to users from physical locations closest to them. This cuts lag time, speeding up page-loading and spreading the burden on individual servers.

ALSO READ: Websites back online after Fastly-linked glitch takes down internet

These vast and complex setups are run by just a few companies, such as Fastly, Cloudflare Inc. and Akamai Technologies Inc. The global edge computing market was valued at $4.68 billion in 2020 and is expected to expand at a compound annual growth rate of 38.4% from 2021 to 2028, according to a recent analysis by Grand View Research.

While these setups usually work perfectly, their complexity means that even a simple error in a configuration file can trigger chain reactions of outages. For users, most of whom rarely need to think about how the internet works, that can come as a shock.

"People believe that somehow things don't break. At the end of the day it's a computer sitting in a server room with different components that can malfunction," said Mehdi Daoudi, co-founder and chief executive officer of Catchpoint, a technology platform that monitors website performance.

"The way networks are built, an outage can quickly cascade. It's a domino effect."

The universe of content is expanding, fast

It wasn't always this way: In earlier iterations of the internet, a basic website consisted of a few pages of text and accompanying images, all of which lived on a single web server with an IP address all to itself. To access that site, an internet service provider directed a user request to that specific computer.

That setup still works, but the rapid, exponential increase in digital content makes delivering it vastly more complicated for large businesses. Research published by analyst group IDC last May suggested more data will be generated in the next three years than was collectively over the past three decades.

Digital content today lives on multiple identical servers dotted all around the world; some are basic, designed to serve up static content such as text, while others are packed with solid-state hard drives to pump out video files, or filled with fast memory to maintain live conference calls to hundreds of participants.

The biggest content providers, such as Netflix Inc., connect their servers directly to those of an ISP to reduce the demand placed on networks, or install their servers within another network operator's infrastructure.

Content distribution networks began taking shape in the 1990s as the internet outgrew its early infrastructure.

"They solved two problems: capacity and performance. But they're not perfect. Today it was Fastly, but these outages can happen to anyone," said Daoudi.

Large websites are kept online by experienced system administrators. While they know that occasional outages are inevitable, and rarely last more than a few minutes, failures that take globally renowned websites offline never go unnoticed and cause a stir on social media.

But the short-term chaos online -- which can result in furious tweets, failed transactions or canceled subscriptions -- is often worse than the longer-term impact. Even outages that last longer, for several hours or more, are so uncommon that their business fallout is considered minor.


ALSO READ: Active internet users in India likely to reach 900 mn by 2025: IAMAI

While Fastly is one of only a few companies that provide this service, many investors turned on the stock after the company last year lost its largest customer, the Chinese internet giant and TikTok owner ByteDance Ltd. After rising 350% in the second half of last year alone, the shares are down more than 40% this year. The stock gained Tuesday after service was restored.

Was this a hack?

There is no evidence to suggest Fastly's issues on Tuesday were the result of a malicious cyberattack. But widespread outages are often the result of hackers, and are not always the fault of the companies hosting content.

For instance, in 2016, millions of internet users lost access to some of the world's most popular websites after hackers compromised Domain Name System service provider Dyn Inc.. That knocked offline sites including Twitter, Spotify, Reddit, CNN, Etsy and The New York Times.

Users often see no difference between a distributed-denial-of-service attack or a content delivery network failure. Each can mean the user sees a "server not found" error or a blank page, leaving them unable to access the site. More malicious hacks hijack websites in an attempt to extort users with ransomware.

Dear Reader,

Business Standard has always strived hard to provide up-to-date information and commentary on developments that are of interest to you and have wider political and economic implications for the country and the world. Your encouragement and constant feedback on how to improve our offering have only made our resolve and commitment to these ideals stronger. Even during these difficult times arising out of Covid-19, we continue to remain committed to keeping you informed and updated with credible news, authoritative views and incisive commentary on topical issues of relevance.
We, however, have a request.

As we battle the economic impact of the pandemic, we need your support even more, so that we can continue to offer you more quality content. Our subscription model has seen an encouraging response from many of you, who have subscribed to our online content. More subscription to our online content can only help us achieve the goals of offering you even better and more relevant content. We believe in free, fair and credible journalism. Your support through more subscriptions can help us practise the journalism to which we are committed.

Support quality journalism and subscribe to Business Standard.

Digital Editor

First Published: Wed, June 09 2021. 10:04 IST

17 Password Manager Apps - Small Business Trends

Posted: 08 Jun 2021 07:00 AM PDT

Password managers are computer programs allowing small businesses to generate, store and manage passwords for online services and software applications. These tools keep all the information for your business and the websites you use securely. They encrypt all information in your database, and they are one of the best ways for how to remember passwords.

These apps keep your business passwords protected so you don't need to be concerned about being hacked. Check out the links on our site to the best products.



Why You Need a Password Manager for Your Business

The best password managers work for business and personal uses. They help keep your credentials secure. These apps also help to prevent sensitive information from being hacked. Your password database gets encrypted with one master password. You only need to remember that.

Professional Accounts

Some businesses use the same passwords for all of their accounts. That's a bad move since hackers only need to know one to grab sensitive information. A password manager is another layer of protection.

One of the big advantages is they usually have military-grade encryption which is extremely hard for hackers to breach. Storage is usually in a cloud server which is a secure platform for small businesses.

The best passwords involve random characters and numbers. Remembering them can be a real problem for small businesses. Hackers use algorithms to get at weak passwords. That makes it impossible to remember long strings of vital passwords. Writing them down on sticky notes or somewhere else is looking for trouble.

How to Use a Password Manager?

They store the information in a vault. It's where a password manager stores information. There are browser add-on and mobile apps that connect the software and devices.

17 Best Password Manager Apps

There are several password manager options to choose from. Some are free and others have paid packages. You'll need to sort through the features and password manager apps to find the right one.

1. LastPass

LogMeIn is the company behind this password manager tool. They are one of the biggest software as a service (SaaS) companies globally. This password manager tool has 70,000 business users and 25.6 million clients overall. There's are free, premium, and family packages available. This password management tool offers some excellent business tools. For example, secure password storage allows workers their own space to store apps and web logins. Some of the other important policies include centralized control.

This allows business owners to enforce security policies and get insights into their employees' password behavior. Security is big with this password management software. LastPass uses third-party security firms to conduct audits and test the product. It's an excellent feature for small businesses looking for reliability and security.

One of The Better Deals

LastPass offers a browser extension and mobile app. The app offers an automated filling feature so you don't need to type out information. There is also a fingerprint access option for authentication. This is one of the best password managers because it offers a variety of plans. There is a free and premium option. The premium option bills in monthly increments. The families option comes with a free 30-day trial. it works with different devices.

The business plans range from an MFA package that costs $3 per user per month. The Identity Package combines the Enterprise and MFA options for $8 dollars.

Compatible with

LastPass is compatible with a variety of search engines and devices. You can get a version for Windows and Mac. It also works with Chrome, Firefox, Safari, and Microsoft Edge. You can download versions right from their website. You can also get versions for iPad and iPhone and Android smartphones.

2. 1Password

1Password makes our list of password manager picks for several reasons. You store important data on credit cards and logins. This tool also looks after things your company needs to keep secret like application keys and private certificates. These features make it one of the better deals.

1Password allows business owners to restrict access. Currently, they have millions of customers which include over 80,000 small businesses.

There's a free trial version with a business package that starts at $7.99 per user per month. This product offers some interesting integrations. You can use Slack with 1Password. There is also an advanced reporting feature so you can identify potential security threats.

It allows small businesses to see if credentials and email addresses have been exposed

There are personal and family options. Businesses can get unlimited items storage and free family accounts for $7.99 per user per month. There is also a Teams package that comes with a free version. It costs $3.99per user per month. You can get a custom quote for the Enterprise offering.

Compatible with:

The downloads available for 1Password include macOS and iOS. You can also find them for Windows, Android, and Linux. Chrome OS and Command Line are also on the list. There are some other options for small businesses who want to use 1password. Like standalone versions of these browser extensions. You can also get the latest release for Windows 10 for later versions. Some other browser extensions are available for Firefox and Edge as well as Chrome.

3. Keeper

Keeper is another one of the password managers it does similar things to 1password. It creates high-strength random passwords for applications and websites. One of the big differences is it stores the passwords in a vault on employee devices. It is considered one of the better password managers because each employee gets an encrypted vault.

It's good for small businesses because it allows employees to save time. They don't need to reuse, reset and remember different passwords. It works for traveling sales teams very well. Because they can have private client data files and credentials.

The pricing works as follows. There's a free version and a number of other options for business, personal, family, and student use. The family plan offers five private vaults where you can store unlimited passwords. It costs $6.24 per month. There is also a student version. The business version has a free trial. There is an encrypted vault for each and every user that includes folders and subfolders.

The enterprise version offers automated team management and other password management features

Compatible with:

Keeper is compatible with Chrome, Firefox, Safari, and Opera. It also works with Edge and Internet Explorer. Remember, this tool offers professional services and world-class support. They have teams that will help you to implement the tool and with configuration. That's great news if you have a complicated IT environment

Here's another note. Keeper can install this tool including encryption right on a user's device. Other products like 1Password only do that at the vault level. That means all records don't get this service with 1Password. Another advantage for Keeper is it supports Internet Explorer. 1Password doesn't offer that option.

4. RoboForm

RoboForm uses a random password generator to build unique and strong passwords for each website. You can share login information with other people who use this tool. Password sharing is simple. You only need the recipient's email. That doesn't mean this password management software isn't secure. It uses two-factor authentication to access every account.

Setting up an account is easy. All you need to do to get started is enter an email address and set a master password. You can even import other passwords from your browser or import them manually. It's even possible to use a competing password management product. RoboForm will save them in a password vault. This is done automatically when you log in to any online accounts.

There is a free version available. It includes unlimited logins and a password generator. The Everywhere option costs $1.99 a month and it is billed annually. The Family Plan costs $3.98 a month and you can get access on all of your devices.

The business option costs $3.35 a month and is billed annually. There are no contracts and you pay as you use the service. This option offers a complete separation of personal and business passwords.

Compatible with:

RoboForm works with a variety of different platforms. It works with Android, Windows, iOS and Mac. This tool has support for all of the larger browsers.

5. Dashlane

Dashlane is ahead of the competition when it comes to other password managers tools. It uses US Patented Security Architecture and AES 256-bit encryption. There is another feature here designed for work-life balance. Smart Spaces can monitor passwords in either the business or personal space. They also offer one single sign-on that covers different accounts.

The reporting dashboard allows you to look for problems with passwords and make changes.

This password management system comes with a free trial. If you are looking to buy Dashlane, there is a business, individual, or family plan to choose from. The business version costs eight dollars a month and is billed annually. It comes with a free trial.

The Essentials package offers dark web monitoring and two-factor authentication. Some of the other interesting features include personalized security alerts and 1 GB of file storage

Compatible with:

Dashlane is supported on mobile platforms and your small business's main desktop. It works with Windows 10, macOS, iOS, and Android. All the major browsers are supported like Firefox, Chrome, Edge, and Safari

6. Zohovault

Zohovault offers one sign-on for cloud applications. Users are able to log on to the apps they use every day without needing passwords. This is one of the best password managers because you can export visual reports from your vault account in PDF format. You can choose a data center from around the world to store your information.

Zohovault has a 15-day free trial. After that, you can move on to a paid version or to their free plan. There is a standard and professional paid plan as well as an enterprise-level option. You'll need to have a minimum of five users for this one.

This is one of the best password managers because it has a free version. That's something 1password doesn't have. This Zoho product also integrates with third-party apps.

Compatible with:

This product is compatible with Microsoft apps like OneDrive and other popular ones like DropBox. Included are several mobile apps too. There's a 15-day free trial making this one of the best deals.

7. BitWarden

This tool incorporates open-source software for secure data sharing. That means is possible to access password vault data on any device, anywhere you might be working. This tool also has enhanced security. The password vault is regularly audited.

There are several packages to choose from. The Teams and Business package has unlimited users for $3 dollars per user per month. The Enterprise Organizations option has unlimited users for $5 dollars per user per month

Compatible with:

The website reports that you can access information through any browser on any device

8. LogMeOnce

LogMeOnce offers a variety of features like auto-login and an automatic password generator. There's a multi-factor authentication process And different sign-ups for personal and business users. There are three different options to choose from for businesses.

The Teams and Business package starts at $3 dollars per user per month. The Enterprise package starts at $4 dollars and the Identity package goes up to $7 dollars per user per month

There are personal versions for sale and free trials.

9. Password Boss

Password Boss is the password management system that offers role-based access. This means different members of your team can manage access to clients' passwords. This tool also offers encrypted data and secured password sharing. That means that you can share internal passwords and customers' passwords as well as digital notes. There is a dark web scan available and a business and personal option. The business plans have a standard and advanced option. You can try each for 14 days for free.

Compatible with:

There is an app you need to install to get your account set up. It's compatible with Windows,OSX,iOs and Android.

10. Sticky Password

Sticky Password works on memory cards and USB sticks. As far as password managers go this product excels with additional features. There's an optional Wi-Fi synchronization. It's considered one of the best password managers available because it keeps credit card information safe and generates strong passwords.

There's a free version available that has data storage and unlimited encrypted password abilities. The premium version costs $29.99 for one year. Small businesses get secure cloud backup with this version. There is a team package for your business. For students and teachers, there is an academic version too.

Compatible with:

Sticky password is compatible with Windows and IOS as well as Android and Mac.

11. True Key

As far as secure password managers go, True Key is an industry leader. It uses the AES-256 encryption algorithm. When you're not signing in on a trusted device, this tool offers two-factor authentication for further security. Password management is also automatic

Compatible with:

True Key Supports several different platforms including IOS, Android, Mac, and Windows. It is also one of the better password managers you can find supported on popular browsers like Edge and Chrome.

You can download the app in the app store or on Google Play.

12. BitWarden

BitWarden is another one of the open-source password managers on this list. They offer administrative policies that help employees practice password hygiene. You can use either the cloud storage or host your self option with this password management tool.

The teams and business package is three dollars per user per month. It offers unlimited collections on an unlimited number of devices. The Enterprise Organizations option offers single sign-on authentication.

Compatible with:

BitWarden is compatible with the directory service your small businesses using presently.

13. KeePassXC

KeePassXC uses industry-standard encryption to store passwords. They are the password management solution offering a tool that logs into your e-commerce website. These browser plug-ins are extremely helpful as a quick and easy way to get these managers working. Security is covered with standard industry encryption.

There are some other interesting password manager features. The password database also works offline. That means you can access your passwords without an Internet connection.

There is a basic and advanced option to choose from. The basic version allows for integration with browsers like Mozilla Firefox and Google Chrome. The advanced version offers password reports and statistics

Compatible with:

This is one of the password managers that has been tested on Linux, macOS, and Windows.

14. NordPass

NordPass remembers the websites you frequent and fills in the correct password for you. Share passwords with their encrypted vault. Store information for credit cards and even shipping addresses. This is one of the password managers that use fingerprints and Face ID.

There's even a username generator that strengthens authentication. The business name generator places NordPass alongside the best password managers. There's a free and Premium as well as a Business version.

Compatible with:

There are apps available for Windows, macOS, Linux, iOS, and Android. And extensions for Chrome, Firefox, Edge, and Opera.

15. RememBear

RememBear is one of the password managers that lets you log in with one click. You can autofill passwords and even save notes.

Compatible with:

Like some of the other password managers, RememBear provides apps. There are ones available for macOS, Android, iOS, and Windows. Browers extensions include versions for Safari, Firefox, and Chrome.

16. EnPass

EnPass allows for secure password storage using over 80 built-in templates. This tool lets you store passwords. Then you can sync them on your own cloud servers.

There are several different plans to choose from. Small businesses can begin with a desktop app that's free and move on to individual or family plans. The one-time plan offers a personal Lifetime License

Compatible with:

The desktop app works with Windows, macOS, and Linux. Get the app from the App Store, the Windows Store, or the Mac Store. You can even import other passwords from Excel spreadsheets and your Chrome browser

17. Blur

Blur offers industry-leading privacy. There's a free version available, but only on a single device. Another big bonus is the excellent autofill support.

There are three different options for this password manager including Premium, Unlimited Premium, and a free plan.

Compatible with:

This tool works on several different platforms like Mac, Android,.iOS, and Linux. There are several browser plug-ins for Safari and Opera as well as Chrome and Firefox

Finding the Best Password Manager App: Features to Look For

Sorting through the best password managers doesn't need to be daunting. There are several features to look for like at least two-factor authentication. Make sure you understand how passwords are generated. Other features like dark web monitoring and cloud storage are important. However, all of this will be for not if you don't have company password policy best practice in place. The list below goes through some must-have password management features.

Role-Based Permissions

As the name suggests, this feature is about restricting access to users that have been authorized. A good password manager might do this based on management roles. It adds another layer of password security

Encrypted File Storage

Protecting your files using a password that allows users to decrypt them is another security layer. The files should never be uploaded to a server. If there's form filling involved, make sure the encryption only happens in your browser.

Password Generator

Passwords need to be secure. A password generator is another feature you can't overlook. Look for this on any interface meant for users. It will allow you to use different devices for your small businesses. Eight characters is usually the minimum for a good password that's automatically generated. Look for secure password storage too.

Digital Security Analysis

It doesn't matter whether you need a password manager for your business laptops or other devices. One that scans data for password hygiene is best. Dark web monitoring is another box to check. 1Password has a travel mode feature that can hide vaults when you travel. Bitwarden has platforms that include HIPAA security standards. They also offer third-party security audits for their browser plugins

Emergency Contacts Setup

The idea is to be able to override two-factor authentication if there's an emergency. Look for a built-in way to set up a recovery-type tool.

Automatic Form Filling

Any password manager needs to gather information. This is an authentication feature that automatically fills in the password and any username. You should find one that automatically fills in credentials that have been stored. Most of the top-notch platforms include this for their users. Read about some security issues below.

Password Sharing

Industry-leading password manager tools handle your private documents and logins and store them in a password vault. This is convenient and safe when more than one person needs to access an account. Look for a sticky password option when looking at sharing passwords. A great feature for security.

Reset Master Password

Many of these tools offer a master password reset option. The LastPass web browser extension allows you to do this. One note of caution here. Links to other users accounts will need to be reset after you've adopted a new master password

Multi-Factor Authentication Options

A good password manager needs to be secure. Two-factor authentication is good. However, a password manager like LastPass premium offers multi-factor authentication. Some of these offer a fingerprint option for a smartphone. Multi-factor authentication can include third-party tools like YubiKey.

A Large Password Vault

Any kind of password vault like the one that comes with LastPass is a good idea. This holds all of your logins, usernames, and passwords and gives you access with one password. The best of these use advanced encryption standards. It's the same one the US government uses to protect information is classified.

Why not Use Automatic Form Filling?

Automatic form filling isn't as secure without a password manager. Even so, there's evidence tracking scripts can capture information from auto form filling features. Some experts recommend disabling this item on these platforms. Even LastPass is vulnerable.

Which password manager is best?

Looking for the best password manager means checking out different features. Tom's Guide is a good source to point you to the best site. The site lists LastPass, Keeper, Bitwarden, Dashlane, and 1Password in that order. LastPass offers great features like automatic form filling. Bitwarden has excellent features too. It allows users access in 40 languages. Bitwarden Premium has a secure vault you can access from your device. The user interface is good for different devices. The authenticator is good for password sharing. If you're looking for free features, don't bypass Dashlane.

What is the best password manager for iPhone?

Dashlane is considered the best password manager for an iPhone. Some of the features put it ahead of others like Bitwarden and LastPass. For example, the premium plan has a built-in virtual private network. Platforms that use tools like Windows, macOS, and Android can streamline tasks.

Are password managers really safe?

Are you wondering if a password manager can really be secure and safe? One of the features to look for is cloud storage. Security is a number one priority. Tom's guide lists some of the features you can find in the best ones like Dashlane and LastPass. Look for things like excellent antivirus software and identity theft protection. Look for regular audits and compliance with global security standards.

The site also suggests you look for a password manager with a VPN service to keep business matters private. The key is to have password best practices in your organization.

Are free password managers safe?

Good security is just as important when you're looking at free password managers. Features like secure file storage are critical. They should also have browser plugins for android and ios. Look for other must-haves like password encryption. You'll need the security of end-to-end encryption too.

What is the best free password app?

Dashlane is one of the best free password manager app choices. Tom's Guide has some other platforms to consider too. They suggest Bitwarden has a good basic free option. LastPass is mentioned too. However, they only allow links to mobile devices or computers. Not both. To be fair LastPass does include an authenticator app for devices in its free plan. Dashlane also offers a free VPN.

Image: Depositphotos


Comments

Popular posts from this blog

10 Best New Age Business Ideas - CT Post

COVID-19: New business ideas emerge as people work from home - The Jakarta Post - Jakarta Post

$10,000 up for grabs during annual Citadel competition for business ideas - ABC NEWS 4