Business Intelligence
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
North Korean Cyber Capabilities: in Brief
North Korean Cyber Capabilities: In Brief Emma Chanlett-Avery Specialist in Asian Affairs Liana W. Rosen Specialist in International Crime and Narcotics John W. Rollins Specialist in Terrorism and National Security Catherine A. Theohary Specialist in National Security Policy, Cyber and Information Operations August 3, 2017 Congressional Research Service 7-5700 www.crs.gov R44912 North Korean Cyber Capabilities: In Brief Overview As North Korea has accelerated its missile and nuclear programs in spite of international sanctions, Congress and the Trump Administration have elevated North Korea to a top U.S. foreign policy priority. Legislation such as the North Korea Sanctions and Policy Enhancement Act of 2016 (P.L. 114-122) and international sanctions imposed by the United Nations Security Council have focused on North Korea’s WMD and ballistic missile programs and human rights abuses. According to some experts, another threat is emerging from North Korea: an ambitious and well-resourced cyber program. North Korea’s cyberattacks have the potential not only to disrupt international commerce, but to direct resources to its clandestine weapons and delivery system programs, potentially enhancing its ability to evade international sanctions. As Congress addresses the multitude of threats emanating from North Korea, it may need to consider responses to the cyber aspect of North Korea’s repertoire. This would likely involve multiple committees, some of which operate in a classified setting. This report will provide a brief summary of what unclassified open-source reporting has revealed about the secretive program, introduce four case studies in which North Korean operators are suspected of having perpetrated malicious operations, and provide an overview of the international finance messaging service that these hackers may be exploiting. -
Under the Microscope 2018
Under the Microscope A Review of the Maltese Banking Sector for Financial Year 2017/2018 December 2018 kpmg.com.mt Welcome to the fourth edition of Under the Microscope. Under the Microscope remains a one of a kind publication, dedicated towards providing an analysis of the performance of local banks over the last financial period together with a range of insightful articles developed in-house by local KPMG thought leaders. In fact, in this year’s publication one will find an array of thought leadership pieces, aimed at stimulating one’s mind with a view to generating an element of thought and consideration to an ever evolving financial services industry which is now, more than ever, driven by regulatory and technological innovation. FinTech and Regtech today are still in their infancy, despite these buzzwords thrown left, right and centre. In this publication we really seek to explore how the financial services industry has shifted, and how we can expect to be able to change in line with the new landscape we are all currently living. Across the publication, readers will also find a number of QR codes which will provide the user with a visual explanation and representation of the content of the respective article, provided directly by the thought leaders themselves. We encourage readers to make use of this functionality. We trust you find this edition as interesting and of value to read as it was for us to prepare. Sincerely, Mark, Tonio and Noel Noel Mizzi Tonio Zarb Mark Curmi Partner Senior Partner Director Audit Services KPMG in Malta -
Threatscape of the US Election
Gage Mele Threatscape of the US Election Overview of the mainstream highlighting the importance of The cyber attacks targeting political elections is in full free, fair, transparent, and credible elections to the swing as the 115th United States midterm elections preservation of democratic societies. However, what grow closer. The exploitation of vulnerabilities and can arguably be observed as the first large-scale direct cyber attacks targeting election-related entities election meddling operation took place in 2014 are somewhat expected; however, a different form when Russian-attributed threat actors targeted the of cyber attack has the potential to have a disruptive Ukrainian Presidential election. This can be viewed as impact to the elections: disinformation campaigns. the beginning of election cyber attacks because since The use of disinformation tactics in today’s social that time, it is difficult to go through election cycles media-obsessed society is the most prominent threat around the globe, particularly presidential elections, to the democratic process. This form of attack is at without hearing or seeing the possibility of Russian a significant and troublesome level that the average and other state-sponsored or threat group activity. voter may not be fully aware of. The presence and Fast-forward to the US 2018 midterm election, and overall use of social media on a global scale allows one would be hard-pressed to avoid seeing security the sharing of information at astounding speeds, and researchers and media outlets discuss threats posed threat actors can take advantage of this data sharing to nation’s election infrastructure. A wide range to propagate false narratives and influence the of threat actors pose a risk to the elections from masses. -
PRESS RELEASE Basic Payment Account – Your Right to Basic
PRESS RELEASE Basic Payment Account – Your right to Basic Banking Services Citizens legally residing in Malta have the right to open a basic payment account, for personal use, in a number of Maltese banks. Banking services are today considered as essential and consumers depend upon access to modern payment services. The right to open a basic payment account seeks to eliminate financial exclusion being experienced at EU level. In line with the Payment Accounts Regulations, enacted through Legal Notice 411 of 2016, the Malta Financial Services Authority (MFSA) is ensuring that this right is enjoyed by all persons legally resident in Malta or another EU Member State and is striving to achieve this objective two-fold: it is communicating directly with the banks to ensure that citizens’ rights are respected when it comes to payment accounts with basic features. Concurrently, in line with its obligations to raise awareness among the public about the availability of payment accounts with basic features, the MFSA has launched an educational campaign on the features of this account. Dr Michelle Mizzi Buontempo, Head of the Conduct Supervisory Unit remarked that “the MFSA is committed towards taking the necessary steps to ensure that the legitimate expectations of customers making use of banking services are promoted and protected. The Authority’s efforts are intended to safeguard the right to access basic banking services thus ensuring that Malta’s growth in this sector is truly enjoyed by all sectors of the population”. A payment account with basic features allows consumers to: • deposit funds • withdraw cash at the counters of the bank or at ATMs in Malta, Gozo and other EU Member States • pay by direct debits within the European Union • effect payments with a debit card, including online payments • receive and order credit transfers • set-up standing orders Persons with no fixed address, refugees, stateless persons and asylum seekers can also apply for a payment account with basic features. -
Malta's EU Story
MALTA’S EU STORY HOW TEN YEARS OF EU MEMBERSHIP HAVE CHANGED THE COUNTRY MALTA’S EU STORY HOW TEN YEARS OF EU MEMBERSHIP HAVE CHANGED THE COUNTRY A Discussion Paper June 2014 Lead Author - Patrick Tabone Research - Veronica Nardelli MALTA’S EU STORY: HOW TEN YEARS OF EU MEMBERSHIP HAVE CHANGED THE COUNTRY A Discussion Paper Published by The Today Public Policy Institute Lead Author: Patrick Tabone Presented to the Prime Minister, June 2014 The Today Public Policy Institute is an autonomous, not-for-profit, non-governmental organisation. Its mission is to promote wide understanding of strategic issues of national importance and to help in the development and implementation of sound public policies. In pursuit of this mission, it sponsors or initiates research on specific national problems, encourages solutions to those problems and facilitates public debate on them. It is not affiliated to any political party or movement. Its Board is made up of the following individuals: Martin Scicluna (Director General), Michael Bonello, Sina Bugeja, Stephen Calleya, Juanito Camilleri, Petra Caruana Dingli, John Cassar White, George Debono, Mark Anthony Falzon, Michael Frendo, Martin Galea, Joseph Sammut, Joseph V. Tabone, Clare Vassallo, John Vassallo and Joseph F.X. Zahra. Board members participate in The Today Public Policy Institute on a voluntary basis and in their personal capacity. Their association with the Institute and with the specific reports produced for the Institute by Lead Authors in the think-tank is without prejudice to the policies and positions of their respective institutions or organisations, nor does it necessarily imply the endorsement by each Board member of the conclusions and recommendations presented in such reports. -
North Korean Cyber Activity 03/25/2021
North Korean Cyber Activity 03/25/2021 TLP: WHITE, ID# 202103251030 Agenda • DPRK National Interests • Timeline of Recent Activity • Overview of DPRK APT Groups • APT Threat Actor Profiles o HIDDEN COBRA o Andariel o APT37 o APT38 o TEMP.Hermit o TEMP.Firework o Kimsuky o Bureau 121 Bureau 325 o Slides Key: • Recommendations Non-Technical: Managerial, strategic and high- • Outlook level (general audience) Technical: Tactical / IOCs; requiring in-depth knowledge (sysadmins, IRT) 2 DPRK National Interests • North Korea, officially the Democratic People’s Republic of Korea (DPRK) • Supreme leader: Kim Jong-un (since 2011) • Primary strategic goal: perpetual Kim family rule via development of economy and nuclear weapons • Primary drivers of security strategy: o Deterring foreign intervention by obtaining nuclear capabilities o Eliminating perceived threats to Kim regime o Belief that North Korea is entitled to respect as a world power • “Cyberwarfare is an all-purpose sword that guarantees the North Korean People’s Armed Forces ruthless striking capability, along with nuclear weapons and missiles.” – Kim Jong-un (2013) • Reportedly has 7,000 cyber warriors • 300% increase in the volume of activity to and from North Korean networks since 2017 3 Timeline of Recent Activity Jan 2020 Feb 2021 Two distinct Aug 2020 Nov 2020 South Korean Feb 2021 clusters of USG exposed North Korean Intelligence North Korean DPRK cyber DPRK hackers claims DPRK Lazarus activity begin malware used targeted a targeted Group targeting in fake job major COVID- COVID-19 -
Digital Methods for Circumventing UN Sanctions a Case Study of the Democratic People’S Republic of Korea’S Cyber Force
Compliance & Capacity Skills International, LLC Sanctions Practitioners 12 July 2019 Compliance Trainers Digital Methods for Circumventing UN Sanctions A Case Study of the Democratic People’s Republic of Korea’s Cyber Force By Ashley Taylor Introduction The cyber sphere is a new frontline in the implementation and circumvention of UN sanctions. Because the Internet provides a virtual space for instantaneous communication and transaction, it inherently opens cheaper and unregulated avenues for rogue actors to violate international norms. Illicit uses of digital technologies outpace the advancements of licit technologists, who generally do not prioritize international security in their business. The Democratic People’s Republic of Korea (DPRK) in particular has become increasingly adept at employing digital tools to circumvent sanctions. They have developed digital techniques to generate revenues to fund their illegal proliferation efforts, gain intelligence and technical know- how, and harm the business and reputation of their foreign adversaries, including to disrupt those that monitor the implementation of the DPRK sanctions regime adopted with UN resolution 1718 in October 2006. Kim Jong-un recently boasted that “cyber warfare, along with nuclear weapons and missiles, is an ‘all-purpose sword’ that guarantees our military’s capability to strike relentlessly."1 A North Korean military defector has reported that the cyber force is viewed as the strongest weapon in the “Secret War”2 and its members are considered part of the elite, being one of few well-paid positions. Where will they go from here? Evidence suggests that North Korean state actors and non-state proxies are increasingly making use of new anonymizing technologies like cryptocurrencies, the dark web, encryption, and advanced hard-to-detect cyberattacks. -
Threat Landscape Report – 1St Quarter 2018
TLP-AMBER Threat Landscape Report – 1st Quarter 2018 (FINAL) V1.0 – 10/04/2018 This quarterly report summarises the most significant direct cyber threats to EU institutions, bodies, and agencies (EU-I or 'Constituents') in Part I, the development of cyber-threats on a broader scale in Part II, and recent technical trends in Part III. KEY FINDINGS Direct Threats • In Europe, APT28 / Sofacy threat actor (likely affiliated to Russia military intelligence GRU) targeted government institutions related to foreign affairs and attendees of a military conference. Another threat actor, Turla (likely affiliated to Russia’s security service FSB) executed a cyber-operation against foreign affairs entities in a European country. • A spear-phishing campaign that targeted European foreign ministries in the end of 2017 was attributed to a China-based threat actor (Ke3chang) which has a long track record of targeting EU institutions (since 2011). As regards cyber-criminality against EU institutions, attempts to deliver banking trojans are stable, ransomware activities are still in decline and cryptojacking on the rise. Phishing lures involve generic matters (’invoice’, ‘payment’, ‘purchase’, ‘wire transfer’, ‘personal banking’, ‘job application’) and more specific ones (foreign affairs issues, European think tanks matters, energy contracts, EU delegation, EU watch keeper). Almost all EU-I are affected by credential leaks (email address | password) on pastebin-like websites. Several credential- harvesting attempts have also been detected. Attackers keep attempting to lure EU-I staff by employing custom methods such as spoofed EU-I email addresses or weaponisation of EU-I documents. Broader Threats • Critical infrastructure. In the energy sector, the US authorities have accused Russian actors of targeting critical infrastructure (including nuclear) for several years and are expecting this to continue in 2018. -
BOV/175 COMPANY ANNOUNCEMENT the Following Is
Bank of Valletta p.l.c. OFFICE OF THE COMPANY SECRETARY 58, Zachary Street, Valletta VLT 1130 - Malta Telephone: (356) 2275 3032, 2275 3231 Fax: (356) 2275 3711 BOV/175 COMPANY ANNOUNCEMENT The following is a company announcement issued by Bank of Valletta p.l.c. pursuant to Malta Financial Services Authority Listing Rules Chapters 8 and 9: Quote The Board of Directors of Bank of Valletta p.l.c. (the Bank) has today, the 30th October 2009, approved the audited financial statements for the financial year ended 30th September 2009. The Board resolved that these audited financial statements be submitted for the approval of the shareholders at the forthcoming Annual General Meeting which is scheduled for Wednesday 16th December 2009. A preliminary statement of annual results is being attached herewith in terms of the Listing Rules. The Board of Directors further resolved to recommend for the approval of the Annual General Meeting: 1. The payment of a final Gross Dividend of €0.215 per share making for a final Net Dividend of €0.13975 per share which, if approved by the Annual General Meeting, would make for a total gross dividend for the year of €0.250 per share (total net dividend per share €0.1625). 2. A bonus share issue of one share for every four shares held which will be allotted to shareholders on the Bank’s share register as at close of business on 15th January 20101. The bonus issue will be funded by a capitalisation of reserves amounting to €40 million. Application will be made for the necessary authorisations concerning the listing of the bonus share issue on the Malta Stock Exchange. -
Who Targets/Attacks the Japanese Financial Sector & Why?
DSEI - Combating Threats of the New Era Measures against Cyber Who Targets Japan & Why? Ideas to Combat! Cartan McLaughlin CEO Nihon Cyber Defence Co., Ltd. © Nihon Cyber Defence Co., Ltd, 2019. All rights reserved. Warning! Hacking without permission is a criminal offence. COMMON NATION STATE THREAT ACTORS Russia - BEAR China - PANDA North Korea - CHOLLIMA • Fancy Bear (APT 28) • Emissary Panda (APT 27) • Lazarus • Cozy Bear (APT 29) • Stone Panda (APT 10) • Bluenoroff • Voodoo Bear • Comment Crew (APT 1) • Andariel • Energetic Bear • Ke3Chang • Deep Panda © Nihon Cyber Defence Co., Ltd, 2019. All rights reserved. Warning! Hacking without permission is a criminal offence. MISSION - NATION STATE THREAT ACTORS Russia – BEAR China – PANDA North Korea – CHOLLIMA • Political • Military • Financial • Military • Intellectual Property • Intellectual Property • Financial • Financial © Nihon Cyber Defence Co., Ltd, 2019. All rights reserved. Warning! Hacking without permission is a criminal offence. UN Report: North Korean virtual currency hackers have earned up to $2 billion so far © Nihon Cyber Defence Co., Ltd, 2019. All rights reserved. Warning! Hacking without permission is a criminal offence. RGB: NORTH KOREAN CYBER ESPIONAGE • The Reconnaissance General Bureau of AGENCY/GROUP North Korea • Prime Agency for North Korea cyber activities BUREAU 121: • North Korean cyberwarfare agency • Suspected/Alleged for Sony Hack 2014 • Suspected 1,800 specialists or more UNIT 180: • North Korean cyberwarfare cell • Suspected/Alleged for : - • Bangladesh Bank robbery in 2016 • the WannaCry ransomware attack 2017 LAZARUS GROUP: • Suspected for Bitpoint (2019) and Coincheck(2018) hack • Suspected groups under the hood: • Financially motivated © Nihon Cyber Defence Co., Ltd, 2019. All rights reserved. Warning! Hacking without permission is a criminal offence. -
Covert Action and Cyber Offensive Operations: Revisiting Traditional Approaches in Light of New Technology
Covert Action and Cyber Offensive Operations: Revisiting Traditional Approaches in Light of New Technology WILLIAM ROBERT CARRUTHERS Submitted in Partial Fulfilment of the Requirements of the Degree of Doctor of Philosophy University of Salford, School of Arts and Media 2018 TABLE OF CONTENTS FIGURE LIST ______________________________________________________ VI ACKNOWLEDGMENTS ____________________________________________ VII ABSTRACT ______________________________________________________ VIII INTRODUCTION ____________________________________________________ 1 RESEARCH AIMS ____________________________________________________ 8 LITERATURE REVIEW _________________________________________________ 9 METHODOLOGY AND SOURCES ________________________________________ 15 Interviews ______________________________________________________ 19 Newspaper Articles _______________________________________________ 21 Official Primary Documents: Contemporary and Archived ________________ 23 Leaks __________________________________________________________ 24 Cyber Security Reports ____________________________________________ 28 STRUCTURE OF THE THESIS ___________________________________________ 28 CYBER OFFENSIVE OPERATIONS AND COVERT ACTION ______________ 31 CYBER OFFENSIVE OPERATIONS ARE NOT CYBER WAR. _____________________ 32 UNDERSTANDING COVERT ACTION _____________________________________ 50 CYBER OFFENSIVE OPERATIONS AND COVERT ACTION: A COMPARISON ________ 54 CONCLUSION ______________________________________________________ 60 COVERT ACTION AND CYBER -
Bank of Valletta Suspends Services After Hackers Falsify Transactions to Steal EUR 13 Million
ORX News reference: 8312 ORX Standard: Banking Bank of Valletta EUR Not Identifiable Loss | Euro USD Not Identifiable Loss | US Dollar EUR Not Identifiable Loss | Euro BL0301 - Retail Banking EL0201 - External Theft & Fraud MT - Malta Western Europe Loss Event Published in media 13 February 2019 Bank of Valletta suspends services after hackers falsify transactions to steal EUR 13 million On 13 February 2019, Bank of Valletta announced on its website that it had suffered a cyberattack involving the fraudulent transfer of EUR 13 million, and had temporarily suspended its operations, including branches. Services resumed during the night of 13 February 2019, and the fraudulent transactions are in the process of being reversed as of 13 February 2019. According to prime minister of Malta, Joseph Muscat, at the start of business on 13 February 2019, Bank of Valletta noticed discrepancies in the reconciliation of 11 payments to the value of around EUR 13 million from its foreign payment accounts, MaltaToday reports. According to MaltaToday, Malta Security Services confirmed to the bank that it had been the victim of a cyberattack which had originated overseas. EUR 13 million in fake payments had been made to accounts in the UK, the US, the Czech Republic and Hong Kong. Muscat stated that Bank of Valletta immediately contacted its correspondent banks, advising them to block the transactions, and began the process to reverse the payments. Within 30 minutes of the confirmation, Bank of Valletta decided to shut down its systems, including ATMs, branch services, online banking, mobile banking and card services. Muscat told Parliament that although shutting down the bank that controls “half the economy” was a serious matter, the decision to do so was made because “caution trumped every other consideration”, MaltaToday reports.