Cyber crime is big business.
Indian Bank
Hit in $13.5M Cyberheist After FBI ATM Cashout Warning
On Sunday, Aug. 12, KrebsOnSecurity carried an
exclusive: The FBI
was warning banks about an imminent “ATM cashout” scheme about to
unfold across the globe, thanks to a data breach at an unknown
financial institution. On Aug. 14, a bank in India disclosed hackers
had broken into its
servers, stealing nearly $2 million in fraudulent bank
transfers and $11.5 million
unauthorized ATM withdrawals from cash machines in more than two
dozen countries.
The FBI put out its alert on Friday, Aug. 10. The
criminals who hacked into Pune, India-based Cosmos
Bank executed their two-pronged heist the following day, sending
co-conspirators to fan out and withdraw a total of about $11.5
million from ATMs in 28 countries.
… Just prior to executing on ATM cashouts, the
intruders will remove many fraud controls at the financial
institution, such as maximum withdrawal amounts and any limits on the
number of customer ATM transactions daily.
The perpetrators alter account balances and
security measures to make an unlimited amount of money available at
the time of the transactions, allowing for large amounts of cash to
be quickly removed from the ATM.
… One final note: Several news outlets have
confused the attack that hit Cosmos Bank with another ATM crime
called “jackpotting,”
which requires thieves to have physical access to the inside of the
cash machine and the ability to install malicious software that makes
the ATM spit out large chunks of cash at once. Like ATM
cashouts/unlimited operations, jackpotting attacks do not directly
affect customer accounts but instead drain ATMs of currency.
Here we go again. If I can teach my students how
to encrypt using RSA public/private keys, (in one hour using tools on
the Internet) why wouldn’t criminals do the same if they suspected
they were being tapped?
Exclusive:
U.S. government seeks Facebook help to wiretap Messenger - sources
The U.S.
government is trying to force Facebook Inc (FB.O)
to break the encryption in its popular Messenger app so law
enforcement may listen to a suspect’s voice conversations in a
criminal probe, three people briefed on the case said, resurrecting
the issue of whether companies can be compelled to alter their
products to enable surveillance.
The previously unreported case in a federal court
in California is proceeding under seal, so no filings are publicly
available, but the three people told Reuters that Facebook is
contesting the U.S. Department of Justice’s demand.
The judge in the Messenger case heard arguments on
Tuesday on a government motion to hold Facebook in contempt of court
for refusing to carry out the surveillance request, according to the
sources, who spoke on condition of anonymity.
Facebook and the Department of Justice declined to
comment.
The Messenger issue arose in Fresno, California,
as part of an investigation of the MS-13 gang, one of the people
said.
… Unlike the San Bernardino case, where the
FBI wanted to crack one iPhone in its possession, prosecutors are
seeking a wiretap of ongoing voice conversations by one person on
Facebook Messenger.
Facebook is arguing in court that Messenger voice
calls are encrypted end-to-end, meaning that only the two parties
have access to the conversation, two of the people briefed on the
case said.
Ordinary Facebook text messages, Alphabet Inc’s
Gmail, and other services are decrypted by the service providers
during transit for targeted advertising or other reasons, making them
available for court-ordered interception.
End-to-end encrypted communications, by contrast,
go directly from one user to another user without revealing anything
intelligible to providers.
Perspective.
When China
Rules the Web
For almost five decades, the United States has
guided
the growth of the Internet. From its origins as a small
Pentagon program to its status as a global platform that connects
more than half of the world’s population and tens of billions of
devices, the Internet has long been an American project. Yet today,
the United States has ceded
leadership in cyberspace to China. Chinese President Xi
Jinping has outlined his plans to turn China into a
“cyber-superpower.” Already, more people in China have access to
the Internet than in any other country, but Xi has grander plans.
Through domestic regulations, technological innovation, and foreign
policy, China aims to build an “impregnable” cyberdefense system,
give itself a greater voice in Internet governance, foster more
world-class companies, and lead the globe in advanced technologies.
China’s continued rise as a cyber-superpower is
not guaranteed. Top-down, state-led efforts at innovation in
artificial intelligence, quantum computing, robotics, and other
ambitious technologies may well fail.
… But given China’s size and technological
sophistication, Beijing has a good
chance of succeeding—thereby remaking cyberspace in its own
image. If this happens, the Internet will be less global and less
open. A major part of it will run Chinese applications over
Chinese-made hardware. And Beijing will reap the economic,
diplomatic, national security, and intelligence benefits that once
flowed to Washington.
No comments:
Post a Comment