Looks
like this is going to rattle some teller cages.
In late 2013, an
A.T.M. in Kiev started dispensing cash at seemingly random times of
day. No one had put in a card or touched a button. Cameras showed
that the piles of money had been swept up by customers who appeared
lucky to be there at the right moment.
But
when a Russian cybersecurity firm, Kaspersky Lab, was called to
Ukraine to investigate, it discovered that the errant machine was the
least of the bank’s problems.
The
bank’s internal computers, used by employees who process daily
transfers and conduct bookkeeping, had been penetrated by malware
that allowed cybercriminals to record their every move. The
malicious software lurked for months, sending back video
feeds and images that told a criminal group — including Russians,
Chinese and Europeans — how the bank conducted its daily routines,
according to the investigators.
Then the group impersonated bank officers, not only turning on
various cash machines, but also transferring millions of dollars from
banks in Russia, Japan, Switzerland, the United States and the
Netherlands into dummy accounts set up in other countries.
In a report to be published on Monday, and provided in advance to The
New York Times, Kaspersky Lab says that the scope of this attack on
more than 100 banks and
other financial institutions in 30 nations could make it
one of the largest bank thefts ever — and one conducted without the
usual signs of robbery.
…
Kaspersky Lab says it has seen evidence of $300
million in theft through clients, and believes the total could be
triple that. But that projection is impossible to verify
because the thefts were limited to $10 million a transaction, though
some banks were hit several times.
… The majority of the
targets were in Russia, [Does
this suggest the hackers were Russian and started at home, OR the
hackers were Ukrainian and were taking revenge, OR they wanted to
drain assets from Russia before the were all lost to devaluation of
the ruble? Bob] but many were in Japan, the United States
and Europe.
…
The managing director of the Kaspersky North America office in
Boston, Chris Doggett, argued that the “Carbanak cybergang,”
named for the malware it deployed, represents an increase in the
sophistication of cyberattacks on financial firms.
“This is likely the most sophisticated attack the world has seen to
date in terms of the tactics and methods that cybercriminals have
used to remain covert,” Mr. Doggett said.
… But the largest sums were stolen by hacking into a bank’s
accounting systems and briefly manipulating account balances. Using
the access gained by impersonating the banking officers, the
criminals first would inflate a balance — for example, an account
with $1,000 would be altered to show $10,000. Then $9,000 would be
transferred outside the bank. The actual account holder would not
suspect a problem, and it would take the bank some time to figure out
what had happened.
“We
found that many banks only check the accounts every 10 hours or so,”
Mr. Golovanov of Kaspersky Lab said. “So in the interim, you could
change the numbers and transfer the money.”
Can't
wait until the government has it all lumped together to make it
easier to steal in bulk.
Aarti
Shahani sat down with Greg Virgin, CEO of the security firm RedJack,
to discuss the black market for stolen health care data:
After poking around for about an hour, we come across an
advertisement by someone selling Medicare IDs.
We’re not revealing the site address or name because we don’t
want the dealer to know we’re watching.
According to the online rating system — similar to Yelp, but for
criminal sales — the dealer delivers what’s promised and gets 5
out of 5 stars. “He definitely seems legit” — to the
underworld, Virgin says.
The dealer is selling a value pack that includes 10 people’s
Medicare numbers – only it’s not cheap. It costs 22 bitcoin —
about $4,700 according to today’s exchange rate.
Security experts say health data is showing up in the black market
more and more.
Read
more on NPR.
Analyzing
Big Data. “If you build it, IBM will market it!”
IBM
Extends Reach of Watson API Portfolio
As
part of an ongoing effort to build a developer ecosystem around the
IBM
Watson platform for creating cognitive computing applications,
IBM
is now beta testing five additional Watson APIs.
Lauri
Saft, director of the Watson ecosystem for IBM, says IBM has now
defined eight APIs for Watson. The new API services provide access
to functions such as speech-to-text; text to speech; visual
recognition of various types of media content; conceptual search to
identify explicit and implicit links between data; and tradeoff
analytics that enable an application to balance conflicting goals
against several sets of criteria.
The
IBM
Watson Developer Cloud running on the IBM Bluemix cloud platform,
says Saft, has already spawned 6,000 application projects — 147 of
which IBM has committed to support and sell. As a result, Saft notes
that IBM is not only committed to helping developers build
applications, it also is enabling
developers to take advantage of multiple routes to market that IBM
and its business partners can provide. In fact, IBM has
created an entire business unit dedicated to the IBM Watson platform.
An
alternate alternative. Interesting that Apple (a day late) even
bothered.
Apple
offers free iWork for iCloud to all Windows users
Apple
has opened the beta of its iWork for iCloud application suite to
Windows-only users, letting people without an iOS device or OS
X-powered Mac create an Apple ID needed to access the Web apps.
…
iWork for iCloud, which has been in beta for more than a year and a
half, is Apple's productivity answer to Microsoft's Office. Starting
in the fall of 2013, Apple began giving away the iOS and OS X iWork
apps to new buyers of iPhones, iPads and Macs; iWork for iCloud is
the browser-based side of those apps.
The
availability of iWork for iCloud will tempt few if any Windows-only
consumers: They have free access to Microsoft's own Web apps, dubbed
Office Online.
Although
analysts thought that Apple's move might
draw some Windows users when the Cupertino, Calif. company
launched the free iWork and iWork for iCloud, that was before
Microsoft started giving away its Office iOS apps to consumers.
…
Interested Windows users can create an Apple ID from the banner
notification on the iCloud
beta website.
For
my gamers...
No
Hidden Cost: 7 Free-To-Play Games That Are Actually Free
No comments:
Post a Comment