Information Technology

Microsoft has detailed how you should use Windows Update policies to keep your devices updated and secure, from single-user devices right through to kiosks and billboards – and rollercoasters.The tech giant’s first bit of advice for admins using Windows Group Policy to manage enterprise Windows 10 and Windows 11 devices is don’t mess too much with the defaults. 

Admins shouldn’t try too hard to customize device security patching and feature updates because the defaults are “often the best”, according to Microsoft. This focus on defaults keeps users happy and productive, while ensuring devices are patched and up to date. SEE: Windows 11 security: How to protect your home and small business PCsAdmins can use Group Policy to control the timing of updates for Patch Tuesday, emergency patches, and new feature releases of Windows. The default for Windows Update in the enterprise is much like the experience for consumers on Windows PCs. But there are many other ways Windows and Windows Update is used to keep all manner of devices operational when needed and also patched regularly during downtime. The default Windows Update policy is for devices to scan daily, automatically download and install any applicable updates “at a time optimized to reduce interference with usage, and then automatically try to restart when the end user is away,” according to Microsoft senior program manager Aria Carley. “Leverage the defaults!” Carley said. But there are so many use cases for Windows that the defaults can’t cover every scenario. Besides single-user personal Windows devices, there are: multi-user devices; education devices; kiosks and bank ATMs; factory machines, rollercoasters, and critical infrastructure; and Microsoft Teams Rooms devices.While the defaults are a good baseline, Carley offers details about how to use Group Policy to tweak the timing of automatic updates for each use case. She’s also compiled a list of 25 Group Policy settings that admins should not use.  For use cases where Group Policy can be used, admins can specify “the number of days before an update is forced to install” during active hours, when the user may be present. This is applicable to single-user devices that could be connected to the corporate network or used remotely. Microsoft recommends the use of deadlines because of heightened security risks from ransomware and destructive malware. The US Cybersecurity and Infrastructure Security Agency (CISA) is concerned destructive malware may target US organizations due to US sanctions on Russia over its invasion of Ukraine.      Multi-user devices like HoloLens or a PC in a lab or library setting may have set periods in which they are used, such as a building’s opening hours. Updating these at midnight, when staff are away, could be ideal. For education device, admins can ensure Windows update notifications or automatic reboots don’t happen during the school day. To do this while remaining patched, admins can check the new Group Policy box option “Apply only during active hours”. However, this feature is currently only for devices in the Windows Insider Program for Business in the Dev or Beta channels. Microsoft notes: “For those on Windows 10 or Windows 11, version 21H2 devices, we do not recommend configuring this and instead recommend leveraging the default experience.”Another relevant Group Policy setting is “Turn off auto-restart for updates during active hours”, which overrides Microsoft’s default “intelligent active hours” – a measure that is calculated on the devices based on user usage. SEE: How to talk about tech: Five ways to get people interested in your new projectFor things like kiosks, billboards and ATMs, owners may wish for no notifications or auto reboots, and prefer to reboot during ‘low visibility’ hours.  There are four relevant policies for these devices to avoid notifications that would be useless and disruptive to passive users, as well as reboots during typical active hours. Admins have an option to set the update to occur at 3AM daily, the assumed low visibility hour.   There are some devices that you might not think of as needing a Windows Update, but even admins of factory devices, rollercoasters and critical infrastructure also get advice around how to to manage automate update behavior if needed. As Carley notes: “Machines on the factory floor, rollercoasters at amusement parks, and other critical infrastructure can all require updates. Given the criticality of these devices, it is pivotal that they stay secure, stay functional, and are not interrupted in the middle of a task. Often these are some of the devices in the final wave when rolling out an update after everything else has been validated.” Carley adds: “Note: This is one of the only use cases where compliance deadlines are not recommended given automatic updates are never acceptable in this scenario.”

Enterprise Software More

Globant has admitted to a data breach after notorious hacking group Lapsus$ allegedly leaked the firm’s source code.

ZDNet Recommends

Globant is an IT and software development giant. Founded in 2003, the company caters to a global customer base and operates Globant X, an innovation incubator. On March 30, Lapsus$ came back from a ‘vacation’ with a new victim pinned in the hacking group’s Telegram chat: Globant. The cybercriminals are alleged to have compromised the tech giant’s system, stealing credentials and intellectual property. Lapsus$ then published a torrent containing approximately 70GB of data, allegedly including source code belonging to their latest victim. In response, Globant said in a statement that a “limited section of our company’s code repository has been subject to unauthorized access.””According to our current analysis, the information that was accessed was limited to certain source code and project-related documentation for a very limited number of clients,” Globant says. “To date, we have not found any evidence that other areas of our infrastructure systems or those of our clients were affected.”Globant added that an investigation is underway and the firm is “taking strict measures to prevent further incidents.”Other high-profile organizations connected to Lapsus$ attacks are Okta and Sitel. First, Okta was the subject of screenshots circulated online by the hacking group on March 22. Okta pointed the finger at Sitel, a third-party Okta subprocessor, as the source of the security incident, which happened in January. Okta said that up to 366 customers might have been impacted by the security breach, adding that the company “made a mistake” in not informing clients sooner. The FBI has now placed Lapsus$ on its Most Wanted list and seeks information on the group’s members. Earlier this month, UK law enforcement arrested seven teenagers, the youngest being 16 years old, who are suspected of being involved in a criminal hacking group. A 16-year-old from Oxford has also been accused of having ties with Lapsus$, but no formal connection has been made to the operation. See alsoHave a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0 More

Image: Asha Barbaschow/ZDNet
Australia’s second tranche of cyber laws has passed through both houses of Parliament, meaning entities running “systems of national significance” will soon be beholden to enhanced cybersecurity obligations that could force them to install third-party software. Home Affairs Minister Karen Andrews said the laws would boost the security and resilience of Australia’s critical infrastructure.”Throughout the pandemic, Australia’s critical infrastructure sectors have been regularly targeted by malicious cyber actors seeking to exploit victims for profit, with total disregard for the community and the essential services we all rely on,” Andrews said.”The Bill builds on the Morrison Government’s strong support for our national security agencies announced in Tuesday’s Federal Budget, to make Australia stronger and keep Australians safe in an increasingly uncertain world.Australia’s parliamentary body tasked with reviewing cyber laws threw its support behind these laws last week, saying the laws would create a standardised critical infrastructure framework to make it easier for government and industry to approach cyber attacks in a precautionary fashion.The laws, packaged in the Security Legislation Amendment (Critical Infrastructure Protection) Bill 2022, were initially meant to be part of the initial tranche of cyber laws for critical infrastructure entities that were enshrined last year. They were eventually left out of the first set of laws, however, due to the federal government wanting further consultation from industry on how to co-design a critical infrastructure regulatory framework.Along with enhanced cybersecurity obligations, the critical infrastructure reforms will require critical infrastructure entities to maintain a risk management program for identifying hazards to critical infrastructure assets and the likelihood of them occurring. In addition, entities will have to submit an annual report about the risk management program and if any hazards had a significant impact on critical infrastructure assets.Home Affairs Secretary Mike Pezzullo previously said the costs for running the risk management program, on average, would set entities back a one-off AU$9.7 million payment to set the program up and an annual ongoing cost of AU$3.7 million.  In terms of where the critical infrastructure reforms sit in the big picture, the reforms and the ransomware action plan will act as the federal government’s primary regulatory efforts for bolstering Australia’s cybersecurity posture. It sits separate to the Coalition’s newly proposed AU$9.9 billion cybersecurity program that was announced in the federal Budget, which is primarily focused on providing more resources to the Australian Signals Directorate.RELATED COVERAGE More

Image: ACT Policing
Australian Federal Police (AFP) Commissioner Reece Kershaw told senators on Thursday morning that additional funding from this year’s Budget would allow his law enforcement agency to start deploying the warrant powers it received in recently passed “hacking” laws shortly. Outlined in the annual federal Budget released on Tuesday night, the Coalition plans to hand over AU$142.2m across four years to the AFP for upping its specialist operational, intelligence, collection, and criminal asset confiscation capabilities, which includes these new warrants. The Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020 was enshrined late last year, giving the AFP the ability to issue three types of warrants. The first of the warrants is a data disruption one, which can be used to prevent “continuation of criminal activity by participants, and be the safest and most expedient option where those participants are in unknown locations or acting under anonymous or false identities”. The second is a network activity warrant that would allow the AFP and ACIC to collect intelligence from devices that are used, or likely to be used, by those subject to the warrant. The last warrant is a hostile account takeover warrant that would allow the agencies to take control of an account for the purposes of locking a person out of the account. Kershaw told senators that the hostile account takeover warrant would primarily be used in child protection in instances where predators refuse to hand over their identity. He added that the funding would hopefully allow the AFP to become better equipped at monitoring how criminals use cryptocurrencies. “The environment is getting more complex with cryptocurrencies so this will help us with identifying where the money and the flows [are] in the Australian system, at least, where we can work with AUSTRAC, Home Affairs, our other partner agencies, the Australian Criminal and Intelligence Commission, and Australian Border Force on dealing with hitting them where it hurts,” Kershaw said. The Department of Home Affairs in recent years has steadily pushed for law enforcement agencies, such as the AFP, to receive more powers. Alongside these new warrants, the AFP gained the ability to request or demand assistance from communications providers to access encrypted communications last year. Last week, the AFP also launched a new AU$89 million cybercrime centre. With the increased powers and resources, Kershaw said the AFP has seized, on average, AU$250 million in criminal assets annually over the past two years. By comparison, the AFP previously seized around AU$60 million worth of criminal assets per year. Given these new capabilities, the AFP is now considering a “stretch target” of seizing AU$1 billion of criminal assets per year. Last night, the Australian Federal Police (AFP) also set up a new taskforce specifically for protecting high-office holders and parliamentarians in the upcoming federal election, which is expected to be held in May. Among its numerous responsibilities, the taskforce will monitor online material that targets these key figures.”Hiding behind a keyboard to issue threats against politicians does not ensure anonymity,” the AFP said. “The AFP has world-leading technology to identify individuals who break the law by harassing, menacing or threatening to kill politicians.” The taskforce, consisting of hundreds of investigators, intelligence officers, and protective security specialists, will conduct its operations in a new “incident coordination centre”.  Related Coverage More

Satellite communications giant Viasat on Wednesday shared new information from its investigation into the February cyberattack that took down service for broadband customers in Ukraine and across Europe. The company confirmed the “multifaceted and deliberate” attack impacted “several thousand” customers in Ukraine and tens of thousands of other fixed broadband customers across Europe. 

ZDNet Recommends

The incident against Viasat’s KA-SAT network took place on Feb. 24, the same day that Russia invaded Ukraine. According to Viasat’s incident summary, a targeted denial of service attack was first detected when high volumes of focused, malicious traffic made it difficult for many modems to remain online. The traffic emanated from several SurfBeam2 and SurfBeam 2+ modems and/or associated customer premise equipment physically located within Ukraine. “We believe the purpose of the attack was to interrupt service,” Viasat said. “There is no evidence that any end-user data was accessed or compromised, nor customer personal equipment (PCs, mobile devices, etc.) was improperly accessed, nor is there any evidence that the KA-SAT satellite itself or its supporting satellite ground infrastructure itself were directly involved, impaired or compromised.”The attack was localized to a single, consumer-oriented partition of the KA-SAT network operated on Viasat’s behalf by a Eutelsat subsidiary, Skylogic. It didn’t impact Viasat’s directly managed mobility or government users on the KA-SAT satellite, nor did it affect users on other Viasat networks.The investigation and forensic analysis of the event identified a ground-based network intrusion by an attacker who gained remote access to the trusted management segment of the KA-SAT network. The attack apparently managed to gain that access by exploiting a misconfiguration in a VPN appliance. The attacker used their network access to execute legitimate, targeted management commands on a large number of residential modems simultaneously.Viasat said that it’s still working with the wholesale distributors of its services to bring their customers back online. Some customer modems promptly received over-the-air updates, while other customers are getting new modems entirely. Viasat has already shipped tens of thousands of replacement modems to distributors, the company said. The California-based company said it’s working with Eutelsat/Skylogic, as well as the cybersecurity firm Mandiant and law enforcement and government agencies, to continue its investigation into the attack. More

Hackers can easily use stolen usernames and passwords to conduct cyber attacks because many online accounts still don’t use two-factor authentication controls designed to help keen them safe.  Two-factor authentication (2FA) – or multi-factor authentication (MFA) as it’s alternatively known – is one of the key methods which individual users and wider organisations can use to help protect their online accounts from being hacked, even if their login credentials have been leaked or stolen. However, according to the DCMS Cyber Security Breaches Survey 2022, only around third of organisations have any requirement for two-factor authentication on user accounts – the figure stands at 37% for businesses and 31% for charities. That means that around two thirds of organisations don’t have any rules around two-factor authentication at all, so employees are unlikely to be using it, leaving their user accounts vulnerable to cyber attacks and hacking. Two-factor authentication creates an additional layer of protection, requiring users to use a text message, app or hardware key to confirm that it’s really them attempting to login to their account. This can help to stop cyber criminals from logging into online accounts with breached or stolen passwords. SEE: Multi-factor authentication: How to enable 2FA to step up your security But with so few users equipping accounts with two-factor authentication, cyber criminals could directly access accounts if they’ve got the login credentials, whether the username and password is stolen using a phishing email, guessed because it’s weak or taken from a previous data dump. Breached accounts, particularly those accessed using Remote Desktop Protocol (RDP), can be used to steal additional information, or be quietly used to move around the network and lay the foundations for a malware or ransomware attack. Two-factor authentication is more widely used in some sectors than it is in others. For example, the DCMS data says there are policies in place in around two thirds of businesses in information and communications, while under one in five businesses within the food and hospitality have rules around it. Other industries with low uptake of two-factor authentication are utilities, production, and manufacturing, where only 28% of businesses have any policies in place. These critical industries are already a tempting target for cyber criminals – particularly ransomware gangs – and the lack of additional protections on accounts leaves them even more vulnerable. At a time when the government is urging organisations to be wary of cybersecurity threats, more needs to be done to ensure that two-factor authentication and other cybersecurity measures, like applying security patches in a timely manner, using strong passwords and keeping anti-virus software up-to-date are in place.  “It is vital that every organisation take cyber security seriously as more and more business is done online and we live in a time of increasing cyber risk,” said Cyber Minister Julia Lopez. “No matter how big or small your organisation is, you need to take steps to improve digital resilience now and follow the free government advice to help keep us all safe online.”  The National Cyber Security Centre (NCSC) also offers advice to businesses and individual users on how to keep accounts secure and how to stay safe online. MORE ON CYBERSECURITY More

StackCommerce
Cybersecurity skills are highly valued in the tech industry, and there are always job openings available. So if you want to switch to a well-paid tech job, these 10 e-learning bundles can help. They all have classes starting at the beginner level, and they’re on sale for an additional 50% off when you use coupon code LEARNNOW during our Best of Digital Sale.These courses are self-paced, and you don’t have to complete all of them before you can start applying for new positions. In fact, you’ll often be able to start sending out over 100 job applications a day after completing just one course.The Super-Sized Ethical Hacking BundleYou can learn beginner to advanced ethical hacking techniques, even with no prior experience. This bundle covers topics ranging from pen testing to social engineering, including hands-on interactive courses.For a limited time only, get The Super-Sized Ethical Hacking Bundle for $21.50 (reg. $1,080) with code LEARNNOW.The Ethical Hacker Master Class BundleThese 10 courses not only teach you ethical hacking from scratch, but they’ll also train for coveted CompTIA certifications. This includes A+, Network+, and Security+, three foundational certs that can endorse your skills in designing and implementing functional networks and addressing security incidents.For a limited time only, get The Ethical Hacker Master Class Bundle for $19.50 (reg. $4,883) with code LEARNNOW.How to Hack from Beginner to Ethical Hacking CertificationYou need no experience whatsoever to learn how to hack with this bundle of courses. They are designed for all levels and can take you from total novice to professional. Some of the topics covered include using Raspberry Pi to hack devices and coding custom tools with Python.For a limited time only, get How to Hack from Beginner to Ethical Hacking Certification for $19.50 (reg. $1,649) with code LEARNNOW.The Premium Ethical Hacking Certification BundleWhether you’re looking for an all-in-one hacking guide from zero to hero, specialized WordPress hacking skills, or CompTIA pen-testing prep, this bundle has what you need. You can switch to an exciting tech career with just one of these courses.For a limited time only, get The Premium Ethical Hacking Certification Bundle for $30 (reg. $1,600) with code LEARNNOW.The Ultimate White Hat Hacker Certification BundleThis is a highly-rated bundle of courses that provides a range of cybersecurity training in just 10 courses. Some courses cover tools like Wireshark, Tcpdump, Syslog, and Nmap, while others can help you gain valuable CompTIA certifications.For a limited time only, get The Ultimate White Hat Hacker Certification Bundle for $20 (reg. $1,345) with code LEARNNOW.The All-In-One 2022 Super-Sized Ethical Hacking BundleIf you’re looking for the most comprehensive bundle of ethical hacking courses, this is it. These trainings cover everything from bug hunting and pen-testing through an ethical hacking certification course.For a limited time only, get The All-In-One 2022 Super-Sized Ethical Hacking Bundle for $21.50 (reg. $3,284) with code LEARNNOW.The All-in-One Ethical Hacking & Penetration Testing BundleWhile the courses in this bundle cover a wide range of topics, from phishing to network layer attacks, it’s particularly suitable for anyone who wants to work with Microsoft Azure. The “Cloud Security with Microsoft Azure for Beginners” course, for example, could help you pursue a career change.For a limited time only, get The All-in-One Ethical Hacking & Penetration Testing Bundle for $14.99 (reg. $1,800) with code LEARNNOW.The 2022 Premium Certified Ethical Hacker Certification BundleThese 10 courses offer free ethical hacking tools, certifications to make your resume shine, and much more. Start from scratch and move at your own pace into advanced network hacking.For a limited time only, get The 2022 Premium Certified Ethical Hacker Certification Bundle for $17.50 (reg. $2,000) with code LEARNNOW.The 2022 Ultimate Ethical Hacking Super-Sized Certification Prep BundleWhether you are a complete novice, a Cisco professional, or anything in between, this bundle offers training material that can help you succeed as an ethical hacker. You can even prepare for the CompTIA Network+ and Security+ exams.For a limited time only, get The 2022 Ultimate Ethical Hacking Super-Sized Certification Prep Bundle for $17 (reg. $1,800) with code LEARNNOW.The Complete 2022 PenTest & Ethical Hacking BundleWith hands-on hacking, practical pen-testing courses, and more, you’ll be ready to take the CompTIA PenTest+ course included in this bundle. This certification may even help your resume stand out when seeking cybersecurity roles.For a limited time only, get The Complete 2022 PenTest & Ethical Hacking Bundle for $24.50 (reg. $1,770) with code LEARNNOW.

More ZDNet Academy Deals More

Eugene Krupnov: “A day after we left, an enemy rocket hit a high-rise building not far from our home in Kyiv.”
Image: Eugene Krupnov
“Our daughter kept asking if we would die.” Eugene Krupnov, developer of the popular Mac application Unclutter, found himself answering his eight-year-old daughter with a bit of pop-culture gallows humor. “Not today, we joked, quoting Arya from Game of Thrones.” On February 24, Krupnov and his family evacuated from Kyiv. “As we were fleeing the city, we heard how the shelling escalated, we saw unthinkable traffic across the highways and endless lines at every gas station. It was night time. And it seemed like an apocalypse.”
“The first days we had more confusion, panic and anxiety. Now you almost get used to things, and just have to care less. I try to consume less news, as it often brings stress and sadness.”  
— Unclutter’s Bohdan Toporivsky  

Krupnov told ZDNet, “A day after we left, an enemy rocket hit a high-rise building not far from our home in Kyiv.” Ukraine has a very large tech sector. According to Bloomberg, the country boasts a quarter of a million tech professionals, many of whom provide coding services to major players like Apple, Google, Lyft, Ubisoft, Daimler, BMW, Citi, and JPMorgan, among many others. According to the trade group IT Ukraine Association, as reported in the Wall Street Journal, IT export volume, “increased 36% to $6.8 billion last year, up from $5 billion in 2020 and $4.2 billion in 2019.” According to Ukrainian developer outsource firm Daxx, via research from SkillValue, Ukraine’s developers rank 5th worldwide in terms of overall competence. There are also thousands of entrepreneurial companies building their own software products. We spoke to eight of them this week. Tanya Vert is a PR specialist at BeLight Software. I’ve spoken to her over the years, particularly when I reviewed Live Home 3D. The idea for this article occurred to me when I was using Live Home 3D last week to rearrange my home workshop. Here I was using a product to rearrange my home, when the developers were losing theirs. The BeLight team is spread across Ukraine now, with half of the team staying in Odesa. When I checked in with Vert, she told me, “There are air raid alarms several times a day, explosions are heard all the time. People spend several hours every day in shelters. There is no subway in Odesa, so underground parking lots, basements and corridors inside buildings serve as shelters. Every night, we enjoy missiles, drones and air defense performance in the sky over the sea.” Headway startup team in the first days of the war.
Image: Headway startup
Bohdan Toporivsky is SEO and Content Manager, also at Unclutter. He shared what he calls “our life these days” with me. “The first days we had more confusion, panic and anxiety. Now you almost get used to things, and just have to care less. I try to consume less news, as it often brings stress and sadness.” In his email, he told me, “We are happy to have enough food and clothes – too many Ukrainians don’t have that luxury. Most of my other friends I text with are holding up relatively well too. It’s rather hard to sleep, air raid alert wakes us up once or twice a night (more during the day) and we go to the basement a.k.a. bomb shelter.” Bohdan Toporivsky: “It’s rather hard to sleep, air raid alert wakes us up once or twice a night (more during the day) and we go to the basement a.k.a. bomb shelter.”
Image: Bohdan Toporivsky
Right now, he’s living in a refugee/guest house of a local church. “We settled there,” he said, “not knowing for how long. It’s been almost a month now.” In the past week, I’ve spoken to eight companies either based in Ukraine or with large teams who work there. Amidst the horror of war, there were two themes that became apparent during our conversations: their efforts to maintain business continuity, and the Ukrainian spirit of their team members. Business continuity and data security Skylum is a company known for its Luminar and Aurora HDR photo editing products. Many in the Mac community know them by their original name, MacPhun. According to a post by CEO Ivan Kutanin, his team of 130 is currently scattered across Ukraine and the world.  Despite all the pressures he and his company are facing, one of the most important messages he wants his customers to hear is one of reassurance, “Rest assured that we securely host all of our infrastructure and user data on Amazon Web Services. All servers for this cloud service are located in the European Union and are not in Ukraine, so you can be confident that your data is securely stored.” Image: Anna UstynovaThe CEO of a software company is doing his best to reassure his customers about their security, while his own team is working out of “bomb shelters, on the road, or in the homes of relatives and friends in safer locations.” MacPaw is another company very familiar to Mac users. They make CleanMyMac X, Gemini Photos, and the Setapp Mac software subscription service. In a letter to ZDNet, Oleksandr Kosovan, MacPaw’s CEO and founder told us, “MacPaw is a company from Ukraine and operates primarily in Kyiv. Part of our team decided to stay in Ukraine to defend our country and help people in need. Some team members moved abroad to safer places with their families and kids.”
“There are many different situations being experienced by our people. Some have returned to 80-100% work capacity, others are still in shock, while others are experiencing air-raid alarms every few hours.”
— Readdle’s Maria Henyk

According to Kosovan, “Those team members who are already outside of Ukraine are working to maintain MacPaw products and the stability of the company’s services. While preparing for the massive invasion, the company also organized an office in Ivano-Frankivsk, Western Ukraine. We prepared the company to work completely autonomously.” Kosovan told us he is staying in Kyiv, “to protect Ukraine and stop the war in any way possible.” So is MacPaw CTO Vera Tkachenko. In a tweet, she says, “Seventh day of a war. I’m staying in Kyiv and have to move to a shelter several times a day. Food and medicine supplies are limited. Civilians in suburbs are attacked with bombs several times a day. But our defense forces are real heros and we’ll win!” Image: Bohdan ToporivskyReaddle is a Ukrainian-founded company that produces Spark email and PDF Expert. In an email conversation with Maria Henyk, Readdle’s PR & marketing manager, she told us, “We’re equipping a location in Odesa as a shelter for the team, their families, and their pets. The company is providing financial help for all Ukrainian employees, along with assistance for those who can and want to move abroad.” “There are many different situations being experienced by our people,” Henyk told us. “Some have returned to 80-100% work capacity, others are still in shock, while others are experiencing air-raid alarms every few hours.” Henyk asked us to share this message, “As for our customers, nothing has changed for them. For many years, we’ve been investing in the safety and security of our systems and products, so everything customer-facing is up and running. Millions of people worldwide rely on our products, receiving timely updates and customer support.” Anna Ustynova provides communications and global PR for Headway, a maker of a motivational app. In an email, she told ZDNet, “Since the beginning of the invasion, the top priority of Headway has been to ensure the safety and well-being of our employees and their families in Ukraine. We have launched an emergency plan, and now over 95% of the Ukrainian Headway teammates and their families, who desired to move, are in a safe place.” Image: Anna UstynovaShe continued: “Our Kyiv R&D unit settled down partly in the west of Ukraine, partly abroad. No employee was fired; instead, Headway is going to hire more Ukrainian talents and all previously sent offers were secured and already two employees have joined us since 24th February.” Ajax System makes smart alarms popular in Europe. Valentine Hrytsenko, chief marketing officer at Ajax Systems told ZDNet, “Since the outbreak of the war in Ukraine, our company is doing everything necessary to ensure the protection and safety of its people, business, and supplies to partners.”  
“To protect the safety of our team members, we won’t be providing further details of our contingency plans or team member locations.”
— Grammarly’s Jen Dakin

As with the other companies seeking to retain some level of normality in the midst of war, Hrytsenko sought to reassure customers, “The Ajax server infrastructure functions without interruption, so users and partners don’t have to worry about the stability of already installed systems. Ajax’s servers are geographically dispersed throughout Europe in Amazon data centers in Ireland and Germany.” Grammarly makes a well-known cloud-based writing assistant. According to Jen Dakin, consumer PR manager, “Grammarly’s first priority remains the safety and well-being of our team members. We have implemented our contingency plans that include relocating team members and their families to help them remain safe.” Beyond that, Dakin was keeping operational security for Grammarly, telling us only, “To protect the safety of our team members, we won’t be providing further details of our contingency plans or team member locations.” These developers are doing their best to reassure their customers that their services will continue, even as their world is being blown apart around them. Each of these teams spent years building their companies and products into successes, and ensuring continuity of their businesses – in the worst and most scary of conditions — is also about survival. If their companies suffer or shutter, they lose their livelihoods too. But there’s so much more. Each of these companies shared with me their contributions to the war effort. Ukrainian spirit Jen Dakin told us, “Grammarly will donate all of the net revenue earned from Russia and Belarus since the war started in 2014 through 2022 to causes supporting Ukraine—totaling over $5 million.” Hrytsenko of Ajax Systems told us about work the company is doing with the Ministry of Digital Transformation of Ukraine. He described an app Ajax built called Air Alert that “instantly informs about the beginning and end of a civil defense alert. The app generates a loud critical alert warning of an airstrike, chemical attack, or other types of civil defense alerts. The app receives signals first-hand from Ukrainian regional administrations, allowing people to react as quickly as possible.” Image: Anna UstynovaReaddle’s Henyk told ZDNet about the dedication of the company’s employees and how the company is supporting them, “Many people are taking part in volunteering projects, and some have joined territorial defense forces. We are proud of our team and such strength and bravery and are keeping their positions open and paying all salaries for all people as normal.” In her email to us, she continued: “Readdle employees themselves have donated tens of  thousands of dollars to the Ukrainian defense, and the company has matched this amount.” MacPaw’s Kosovan shared his pride in his team: “MacPaw team members volunteer to provide food and medicine, support Ukrainian Army, donate blood and money to Ukrainian charities like other Ukrainian citizens all over the country. Some of us are fighting in the Ukrainian Army, Territorial Defense, and the Ukrainian IT Army.”
“We try and do what we can. Our warriors need all the support they can get, on all fronts.”  
— Bohdan Toporivsky  

Kosovan also tells us that since the beginning of the war, MacPaw has been actively involved in delivering humanitarian aid to Ukrainians in need through the MacPaw Development Fund. In an email to ZDNet he said, “The MacPaw Development Fund is able to quickly source and distribute large quantities of food, medical supplies, hygiene products, and other humanitarian aid to those in need. The Fund can do it faster than most larger organizations and this can help save lives when every moment counts. Through the Fund, to date, MacPaw has spent over $4M to provide food, medical supplies, and other necessities to Ukrainians in the war zones.” BeLight’s Vert told us a little more about how her team is supporting the war effort: “We keep working from home now and help Ukraine in every way we can. Some with donations, others are helping Territorial Defense with supplies, or with the preparation of Molotov cocktails (a special explosive substance used by civilians to fight the occupants), some joined the regional branch of the Red Cross in Uzhhorod, Western Ukraine, as a volunteer.” For Unclutter’s Toporivsky, it’s all about volunteering. He told ZDNet, “A few days after the war began and we moved to that safer place, we understood that we could not just wait, read awful news, and take no action anymore.” “And four of us began doing whatever we could to somehow help our Ukrainian defenders and victims of war. Then six of us, then many more in different cities of Ukraine and beyond,” Toporivsky said in an email. “Thanks to various friends with connections to the Ukrainian army, volunteers, and funds, we started arranging humanitarian help from Poland, Slovakia, Czech Republic, and other European countries. Food, medicines, clothes, hygiene products, etc. Military equipment and protection too, when possible.”

“There aren’t many of us, and the scale could be much bigger – we still try and do what we can,” says Toporivsky. “It’s hardly possible to do regular work nowadays. Hoping I’ll get back to it later, when things slow down. After all, our warriors need all the support they can get, on all fronts.” Life in Ukraine Unclutter CEO Krupnov told us, “We’ve been planning to release a major update this fall. And minor updates this spring. But now all the development has come to a halt. We’re only able to provide user support.” “Imagine that your life has completely changed in just a few days,” Krupnov said. “It’s emptiness, fear for your loved ones, and shame you feel because you don’t do enough for your country. It’s a sensation of overwhelming despair each time you read about murdered civilians and children or soldiers who died protecting their homeland. It’s also destroyed cities – the places you loved and felt connected to.” Still, he’s hopeful. “Though we’re scattered across the globe now, we still keep in touch and support each other. Some day, after the victory, we will get together once again to continue our work after a great celebration.” If you want to help, we’ve provided a number of donation sites and resources you can explore in the companion article, “Ukraine: How you can help.”

Ukraine Crisis

You can follow my day-to-day project updates on social media. Be sure to follow me on Twitter at @DavidGewirtz, on Facebook at Facebook.com/DavidGewirtz, on Instagram at Instagram.com/DavidGewirtz, and on YouTube at YouTube.com/DavidGewirtzTV. More