now browsing by tag


#cyberfraud | #cybercriminals | Cyber threats in financial institutions: Getting the basics right

Source: National Cyber Security – Produced By Gregory Evans

Murali Urs

The WannaCry Ransomware which hit businesses including banks globally didn’t spare India, which was the second-worst affected country in APAC according to reports. It was a reality check for financial institutions as the attack was estimated to have affected more than 150 countries and caused millions of dollars in damage. The banking system often emerges as a sitting duck since it is the softest and most effective target.

In India too, cyber frauds are on the rise. According to a report by the Reserve Bank of India, a total of 2,059 cases of cyber fraud were reported in 2017-18 amounting to Rs 109.6 crore. The recent frauds at Cosmos Bank and State Bank of Mauritius branch based in Mumbai are only the beginning, with rise in digital transactions and their spread to the interiors of the country, cyber frauds at banks are on the rise.

Why Financial services?

The financial services industry is naturally a lucrative target for cyber criminals. The primary targets which are usually compromised in cyberattacks on banks are the SWITCH and SWIFT systems. SWITCH is a group of servers that are responsible for sending approval request from the ATM to the core banking system. SWIFT, on the other hand, is a global provider of a secure inter-banking messaging solution.

The SWITCH and SWIFT are the most sensitive components of the banking infrastructure, as they are responsible for the authorization of fund transfers. Each piece of information hacked—whether it is the data stored on the network, competitive intelligence, access to confidential email or trading strategies–typically has different types of buyers and methods for selling. Many forums and dark web sites exist for this purpose.

It is estimated that over 90% of all successful hacking scams start with a phishing attack. CFOs and finance staff are one of the most targeted employees in the company when it comes to email fraud. Hackers choose finance employees due to their access to company finances and other sensitive information.

Fighting the threat

The industry needs to start thinking cybersecurity from the ground-up and not as an afterthought. Organisations must act more aggressively, constructively and comprehensively to address security threats. There needs have better understanding about simple vulnerabilities such as weak endpoint security and lack of security awareness.

100 percent security is impossible for any organisation; however, the below approach will go a long way in combating financial hacking:

  • Installing Threat Detection: Organizations in India can improve their cybersecurity systems with more focused monitoring of critical servers and the usage of powerful detection technologies.
  • Automation: Automating to optimize incident response and building resiliency.
  • Initiate checkpoints for large fund transfers with manual inspection: As we have seen in the case of multiple financial heists, there are few common errors that could have been easily caught using manual inspection.
  • Train the employees: Employees are primary concern in cyber security. Lack of skilled cybersecurity professionals, unprepared security operations team are all proving to be great challenges. Training the workforce and creating awareness will help prevent a lot of cyber incidents.

The best way to fend off and respond to an attack is to internalize cyber-resiliency and cyber-agility tactics. Additionally, financial services companies must prioritize the value of information assets. Allocating additional budget towards company crown jewels is a good place to start. Leading technologies are only as effective as the company’s cyber-risk culture. Financial institutions must be aware of evolving risks and establish a plan for business continuity.

The author is Country Manager – India at Barracuda Networks. Views are personal.The Great Diwali Discount!
Unlock 75% more savings this festive season. Get Moneycontrol Pro for a year for Rs 289 only.
Coupon code: DIWALI. Offer valid till 10th November, 2019 .

Source link

The post #cyberfraud | #cybercriminals | Cyber threats in financial institutions: Getting the basics right appeared first on National Cyber Security.

View full post on National Cyber Security

#deepweb | Bernie Sanders is right, it’s time to redistribute economic power | Mathew Lawrence | Opinion

Source: National Cyber Security – Produced By Gregory Evans

Oligarchy rules the United States: the republic has been ransacked, its commonwealth privatised, and rentierism runs amok. The richest 10% of Americans capture an estimated 97% of all capital income – including capital gains, corporate dividends and interest payments. Since the financial crisis of 2008, almost half of all new income generated in the US has gone to the top 1%. The three wealthiest people in the US now own more wealth than the bottom 160 million Americans. And the richest family in America – the Walton family, which inherited about half of Walmart’s stock – owns more wealth than the bottom 42% of the American people.

The case for bold action is clear and overwhelming. Only a deep reconstruction of economic and political rights can challenge oligarchic power and halt runaway environmental breakdown. Fortunately, Bernie Sanders has just announced a new plan that matches the scale of the crisis.

His announcement on Monday of the corporate accountability and democracy plan is the latest and boldest proposal for economic democracy in America to emerge from the Democratic presidential race. At its core, it seeks to democratise the company by redistributing economic and political rights within the firm away from external shareholders and executive management toward the workforce as a collective. This is about redistributing wealth and income, but critically, it is also about redistributing power and control. Democratising the company would transform it from an engine of wealth extraction and oligarchic power toward a genuinely purposeful, egalitarian institution, one where workers would have a collective stake and say in how their company operates, and would share in the wealth they create together.

The Sanders plan would transform and democratise economic and political rights by fundamentally rewiring ownership and control of corporate America. Companies would be required to share corporate wealth with their workers, transferring up to 20% of total stock over a decade to democratic employee ownership funds. The monopoly on voting rights that private external shareholders and their financial intermediaries have benefited from would be ended; employees would be guaranteed the right to vote on corporate decision-making at work, and have a voice in setting their pay, regardless of the kind or size of company or firm they work for. Corporate boards would be democratised, with at least 45% of the board of directors in any large corporation directly elected by the firm’s workers. And the outrageous power of asset management – whose actions have done so much to accelerate the climate crisis by continuing to invest heavily in fossil fuel companies – would be ended. Asset managers would be banned from voting on other people’s money – the collective savings of millions of ordinary workers – unless following clear instructions from the savers.

Taken as a whole, Sanders’s plan would radically re-engineer how the company is controlled and for whom. The echoes with Labour’s agenda for democratising economic power is obvious, particularly John McDonnell’s inclusive ownership fund proposal, and further evidence of an increasingly fertile transatlantic pollination of ideas and practice, from the Green New Deal to movement building. Common Wealth, the thinktank that I am the director of, is another example of this, committed to designing ownership models for the democratic economy on both sides of the Atlantic. In this, at least, there is much to learn from the right; Anglo-American conservatism and the new right have long shared intellectual and organisational resources and common aims, from the incubation of neoliberalism, to current salivations over a disaster capitalism-style US-UK trade deal. It is time progressives did the same.

An emphasis on reimagining ownership and governance is a vital step forward. We face two deep crises – environmental breakdown and stark inequalities of status and reward – both sharing a common cause: the deep, undemocratic concentration of power in our economy. Working people lack a meaningful stake and a say in their firm. Corporate voting rights are near-monopolised by a web of extractive financial institutions. The needs of finance are privileged over the interests of labour and nature. Tinkering won’t address this deep imbalance in power. To build an economy that is democratic and sustainable by design, we need to transform how the company operates and for whom.

For the left, remaking corporations must be at the heart of a radical agenda. The company is an extraordinary social institution, an immense engine for coordinating production based on a complex web of relationships. The critical question is who controls how it operates and who has a claim on its surplus. Today, the answer is a combination of shareholders, institutional investors and executive management; the company has been captured by finance and extractive economic practices, but it doesn’t have to be that way.

The company – and the distribution of rights within it – are neither natural nor unchangeable. There is nothing inevitable about the existing, sharply unequal distributions of power and reward within them. The company is a social institution, its rights and privileges publicly defined. We can organise it differently: through social control, not private dominion, via democracy, not oligarchy. Sanders’s announcement is an important step toward that democratisation, and the deeper economic reconstruction that both people and planet deserve.

Mathew Lawrence is director of the thinktank Common Wealth

Source link

The post #deepweb | <p> Bernie Sanders is right, it’s time to redistribute economic power | Mathew Lawrence | Opinion <p> appeared first on National Cyber Security.

View full post on National Cyber Security

Yahoo #hacker feels he’s ‘doing the #right thing’ after #pleading #guilty, #lawyer says

Source: National Cyber Security – Produced By Gregory Evans

After eight months of maintaining his innocence in a massive data breach at Yahoo, Karim Baratov feels like he’s now, his lawyer says, doing the right thing by pleading guilty to charges stemming from his role as a hacker.

Baratov, who is from Hamilton, is scheduled for sentencing in February, after pleading guilty, in a U.S. court on Tuesday, to one count of conspiracy to commit computer fraud and abuse and eight counts of aggravated identity theft.

“He’s feeling like he’s doing the right thing … he’s happy that he’s doing the right thing, he’s happy that he’s opening up, and he’s not holding back,” said Amedeo DiCarlo, one of Baratov’s lawyers. “I think that’s what the justice system expects of him.”

Authorities say the hack affected at least a half billion user accounts, and was directed by two Russian intelligence agents. U.S. law enforcement officials call the 22-year-old Baratov a “hacker-for-hire” and say he was paid by members of Russia’s Federal Security Service to access more than 80 accounts.

DiCarlo wouldn’t say if Baratov turned over information on the two Russians linked to the case, but did say he has been “very forthcoming with his information” and “very transparent.”

“He told them everything they needed to know,” DiCarlo said.

Another one of his attorneys, Andrew Mancilla, echoed that sentiment outside of court after the guilty plea was made. “He’s been transparent and forthright with the government since he got here,” Mancilla said.

The Russian agents, Dmitry Dokuchaev and Igor Sushchin, used the information they stole from Yahoo to spy on Russian journalists, U.S. and Russian government officials and employees of financial services and other private businesses, according to prosecutors.

Dokuchaev, Sushchin and a third Russian national, Alexsey Belan, were also named in the indictment filed in February, though it’s not clear whether they will ever step foot in an American courtroom since there’s no extradition treaty with Russia.

Yahoo user accounts began being compromised at least as early as 2014. Prosecutors say Dokuchaev and Sushchin turned to Baratov after learning that one of their targets had accounts at webmail providers other than Yahoo.

After Baratov’s arrest, his parents said that their son was a “scapegoat.” DiCarlo said they are now finally seeing some sense of closure.

“It’s a big strain on everybody — it’s kind of like you’re biting your fingernails, waiting for the result. Now, here is a final result in their opinion … they see an end in the future.”

Baratov’s sentencing is set to happen in February, and the threshold for how much jail time he could face ranges from zero to 20 years, DiCarlo said — though he would not disclose what sentence the defence will submit as appropriate. It’s also not clear if Baratov would serve a sentence in Canada or the United States.

“We’ve got our ranges to work with, and that’s where the lawyering takes place,” DiCarlo said.

The post Yahoo #hacker feels he’s ‘doing the #right thing’ after #pleading #guilty, #lawyer says appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Unthinkable! #Hackers Loot #Charity’s Funds #Right Before #Christmas Season

Source: National Cyber Security – Produced By Gregory Evans

Hackers have done the unthinkable by making off with a charity’s funds right before the start of the 2017 Christmas season.

The Utah Association for Intellectual Disabilities (UAID) first noticed something was wrong when it had not received any new email applications for help since 22 October. Typically, the charity gets numerous applications in preparation for the Christmas season. It’s when UAID buys and distributes gifts for between 1,200 and 1,400 adults who are intellectually disabled, who often don’t have family, and who live in assisted living facilities.

Suspicious of the lack of activity, UAID decided to look into the matter. Laura Henderson, who serves as vice president of the charity, says she realized the full extent of the hack shortly thereafter. As she told Good4Utah:

“As we investigating the email issue, I opened the bank statements and started seeing things that just weren’t right.”

According to their bank records, unauthorized individuals had used multiple apps and services to transfer or steal $5,000 from the charity. They also took over its PayPal account, opened new accounts, and seized control of its website and email. Even when Henderson and her staff attempted to reset the passwords for those compromised services, the hackers regained control in no time.

UAID co-founder Katherine Scott can’t believe someone would take from a charity that provides for individuals who mostly don’t receive anything else at Christmas. In her mind, the worst part is the seizure of the charity’s email. Without access, she can’t determine who needs assistance this year:

“That’s one of the things that’s making us real sad this year is we don’t know who needs help.”

It’s unclear how the hackers first struck UAID or what security measures the charity had in place at the time of attack.

Overall, charities can do more to ensure the resilience of their services. A 2016 survey of non-profit organizations conducted by US accounting firm CohnReznick found that nearly half of respondents had not performed a security risk assessment in the past year. Two-thirds also said they had no plans to increase their spending on digital security.

Ken Montenegro, IT director at advocacy group Asian Americans Advancing Justice, tells Financial Times that’s not a good thing:

“That puts us in a precarious position because we’re not used to spending on something like a patch management tool that keeps our software up to date.”

Organizations of all sizes need to protect themselves against digital attackers by patching their systems. To learn how Tripwire’s solution can help safeguard your organization’s financial accounts and critical services, please click here.

In the meantime, UAID is asking for donations of money and clothes so that it can still serve people this holiday season. Anyone wishing to donate should call its main telephone number: 385-887-4145.

The post Unthinkable! #Hackers Loot #Charity’s Funds #Right Before #Christmas Season appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Trump’s order to strengthen cybersecurity is a step in right direction

Source: National Cyber Security – Produced By Gregory Evans

More regulations are needed to ensure that software and hardware creators make their products as safe as possible before going to market. On May 11, 111 days after taking office, President Donald Trump signed the Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure. When data…

The post Trump’s order to strengthen cybersecurity is a step in right direction appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

ICS Companies Are Worried About Cybersecurity, But Are They Worried About the Right Things?

Source: National Cyber Security – Produced By Gregory Evans

ICS Companies Are Worried About Cybersecurity, But Are They Worried About the Right Things?

Companies operating Industrial Control Systems (ICS) have a special set of challenges to deal with. Which is the state of the art? The equipment was expected to be installed and left alone for a long time. Pressures to reduce operating costs led to this equipment being connected, and the easiest…

The post ICS Companies Are Worried About Cybersecurity, But Are They Worried About the Right Things? appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Swipe right on this dating app for everyone Grindr forgot

To Purchase This Product/Services, Go To The Store Link Above Or Go To http://www.become007.com/store/ Gender variant and giving up on Grindr? Tired of Tinder ignoring you? Are you no longer okay with OKCupid’s binary world? Hush now, babe. S’okay. We got you. The options are …

The post Swipe right on this dating app for everyone Grindr forgot appeared first on Become007.com.

View full post on Become007.com

EU students swipe right on dating apps

Four years ago, the phrases “swipe right” and “swipe left” typically meant nothing. Now, they seem to be part of millennials’ common vernacular, as the rise of online dating apps have become prevalent. Before dating apps such as Tinder and Bumble, most online dating services were occupied by those people who were typically older than 30 years old. However, according to a 2015 report from the Pew Research Center, the number of 18 to 24 year olds who use dating apps has nearly tripled since 2013. Read More….

The post EU students swipe right on dating apps appeared first on Dating Scams 101.

View full post on Dating Scams 101

Swipe Right to Like Dating Apps Are Ruining all the Fun

Finding the perfect significant other is extremely difficult especially when taking into account that UK online dating has taken a huge surge in terms of popularity. Online dating apps which are based on swipe right to right are ruining our dating lives and are turning them into opportunities for people to be selfish and shallow when it comes to finding the perfect match. Thanks to mobile devices as well as location sensing apps, people are becoming connected extremely easy and anyone will have access to your details which you have shared on such dating apps. Read More….

The post Swipe Right to Like Dating Apps Are Ruining all the Fun appeared first on Dating Scams 101.

View full post on Dating Scams 101

Swiping Right: What do men want?

Have you ever interviewed your dating app match? Like sat down, had a face-to-face conversation, and asked them what they’re looking for in a partner and are they having trouble finding one? I decided to have a chat with mine, Jeffrey, a pretty chill guy who didn’t look creepy in his Bumble profile picture. Thanks to a string of dating app disappointments, my swipe right standards are so low, if a guy’s not half naked pushing a CrossFit tire, I’ll likely give him a chance. Read More….

The post Swiping Right: What do men want? appeared first on Dating Scams 101.

View full post on Dating Scams 101