Posts Tagged ‘ATMs’

Atlanta’s Cyber Attack Shows the New Security Risks the U.S. Needs to Address—and Fast

March 29, 2018

Commentary
Fortune

By PETER J. BESHAR

March 28, 2018
Image result for atlanta, photos

Last week’s ransomware attack on the city of Atlanta’s computer networks offers a chilling reminder that the public sector is directly in the line of fire in the war against cyber terror. With cities and states across the country increasingly relying on artificial intelligence and machine learning to deliver vital services, the risks for residents and businesses are growing exponentially.

Public officials are trying to balance the need to secure infrastructure assets with the need for open government practices. Last August, for instance, in the name of transparency and accountability, a New York City Councilman named James Vacca proposed that the city of New York publicly disclose the source code of all algorithms relied upon in delivering municipal services. These “algos” range from how teachers are evaluated, to when garbage gets collected, to which precincts get the most police officers. The proposal was the first of its kind in any U.S. city—and some privacy advocates assert that it should serve as a model for the rest of the country.

The debate over the management and disclosure of this source code is critical, because governments are increasingly relying on artificial intelligence and machine learning to analyze data and make key decisions. And while these advances offer the promise of better service at a reduced cost to taxpayers, this growing reliance on AI and ML comes with two distinct and potentially conflicting risks.

The first risk is that governments that become overly reliant on AI introduce the potential for bias, particularly racial bias in the criminal justice system. In 2016, a ProPublica investigation found significant racial disparities in criminal justice “risk assessments” produced by algorithms that seek to predict future criminal behavior.

In one notable example, the software wrongly considered a black woman who took a bike from a neighbor’s yard (given a risk score of 8) to be more likely to commit a future crime than a white man arrested for shoplifting who had a lengthy criminal record (he scored a 3). The ProPublica analysis of 7,000 individuals arrested in Broward Country, Florida revealed that this risk assessment tool wrongly identified African-American defendants as potential recidivists at improperly high rates. The software made the inverse mistake of underestimating recidivism rates for whites.

 Image may contain: text

More than 45 states now rely on algorithmic tools to set bond amounts, make parole decisions, or even influence jail sentences. These kinds of automated risk formulas—which have implications for civil liberties and racial inequality—require broad transparency and close scrutiny.

Councilman Vacca’s legislation was aimed squarely at this troubling potential for bias. The challenge, though, is that erring too far on the side of transparency increases the second risk, which is the threat of widespread physical cyberattacks.

When we think about cybersecurity risk, we typically envision attacks on email, networks, websites, and other digital assets. Increasingly, however, we can expect these attacks to target physical assets, and the rise of artificial intelligence and machine learning may provide new and potent vectors for widespread attacks.

Automated systems are rapidly evolving from offering assessments and evaluations to actually delivering implementation. That’s the difference between Waze offering individual drivers the best driving routes and a centralized computer system giving a fleet of autonomous vehicles, or drones, direct instructions.

As cities automate water supply, electricity, mass transit, and hospital services, the cyber threat to these physical assets will rise. We’re already seeing evidence of this. Just before the Atlanta cyberattack, the U.S. Department of Homeland Security and the FBI issued a joint bulletin indicating that Russian hackers successfully penetrated control systems at energy, nuclear, water, aviation, and manufacturing sites.

 Image may contain: text

Herein lies the dilemma with the Vacca bill and similar efforts that have a well-intentioned goal of maximizing transparency to minimize the threat of bias: The more source code governments disclose, the more tools cyber criminals will have at their disposal. Last month, experts from 14 organizations, including OpenAI, Oxford University, and the Center for a New American Security, catalogued the digital, physical, and political risks of AI in a sweeping report. Its core thesis was the “dual-use nature” of AI—the potential for both good—in the form of accelerated scientific discovery and enhanced productivity—and harm from cyberattacks and political disruption.

When weighing the benefits and risks of the Vacca bill, the New York City Council sensibly decided to devote more time to understanding what the city should disclose and how. This is far preferable to diving headfirst into legislating without fully understanding the risks involved. This due diligence—in New York and around the country—must happen quickly.

With his landmark legislation, Councilman Vacca sparked a crucial debate about balancing transparency and security in the new world of artificial intelligence. Citizens deserve to know how their government allocates resources and makes decisions. Yet, governments have an obligation to do all that they can to keep us safe, particularly at a time where cyber hackers too often appear to be one step ahead of the rest of us.

Peter J. Beshar is executive vice president and general counsel of Marsh & McLennanCompanies.

http://fortune.com/2018/03/28/city-of-atlanta-cyber-attack-cybersecurity-risks/

************************************

Cyberattack hits Atlanta computers — ‘Everyone who has done business’ with city may be at risk

In a story first reported by 11Alive, Mayor Keisha Lance Bottoms says, ‘We don’t know the extent of the attack.”

ATLANTA – In a story first reported by 11Alive, city of Atlanta computers have been cyber attacked by ransomware that has encrypted some personal and financial data.

“We don’t know the extent of the attack,” said Atlanta Mayor Keisha Lance Bottoms in a Thursday afternoon press conference.

New Atlanta COO Richard Cox said public safety, water and airport operations departments have not been affected.

READ | What to know about the City of Atlanta cyberattack

Officials also said Thursday afternoon they are working with the FBI, U.S. Department of Homeland Security, Cisco cybersecurity officials and Microsoft to determine what information has been accessed and how to resolve the situation.

Bottoms said everyone who has done business with the city is potentially at risk, and advised businesses and consumers to check their bank accounts.

“City payroll has not been affected,” Cox said, “and we have not determined that City Hall will need to be closed on Friday.”

READ | What to do after a data breach or cyberattack

Multiple sources confirmed to 11Alive earlier on Thursday that various city systems have been impacted by the ransomware attack.

According to a statement from the city, its computers are “currently experiencing outages on various internal and customer facing applications, including some applications that customers use to pay bills or access court-related information.

“At this time, our Atlanta Information Management team is working diligently with support from Microsoft to resolve the issue. We are confident that our team of technology professionals will be able to restore applications soon. Our city website, Atlantaga.gov, remains accessible and we will provide updates as we receive them.”

City of Atlanta, GA

@Cityofatlanta

The City of Atlanta is currently experiencing outages on various customer facing applications, including some that customers may use to pay bills or access court-related information. We will post any updates as we receive them.

According to the FBI, the bureau is aware of the situation and is “coordinating with the city of Atlanta to determine what happened.”

A screenshot sent to 11Alive from a city employee and analyzed by technical expert and Kennesaw State University professor Andrew Green, shows a bitcoin demand of $6,800 per unit, or $51,000 to unlock the entire system.

Emails have been sent to city employees in multiple departments telling them to unplug their computers if they notice suspicious activity. Professor Green said that directive and the note itself is indicative of a serious ransomware attack.

One expert said based on the language used in the message, the attack resembles the “MSIL” or “Samas” (SAMSAM) ransomware strain that has been around since at least 2016.

According to the U.S. Department of Justice, the SAMSAM strain was used to compromise the networks of multiple U.S. victims, including 2016 attacks on healthcare facilities that were running outdated versions of the JBoss content management application.

SAMSAM exploits vulnerable Java-based Web servers, using open-source tools to identify and compile a list of hosts reporting to the victim’s active directory. The actors then use psexec.exe to distribute the malware to each host on the network and encrypt most of the files on the system. The actors charge varying amounts in Bitcoin to provide the decryption keys to the victim.

Typically, if the ransomware virus is not intercepted before it takes control of systems, the user cannot gain access. The hackers demand money in exchange for a decryption key. Tech experts tell us even if that ransom is paid, the key often doesn’t work. Sometimes, the only way to regain access is to rebuild the entire system.

MARTA experienced a technical outage this morning that prevented their breeze cards from working. But, a spokesperson tells 11Alive their computer problems were unrelated and were due to a connectivity issue.

MARTA

@MARTASERVICE

MARTA is currently experiencing a technical outage impacting MARTA Bid, Breeze Card, Reduced Fare and the MARTA On-the-Go sites. This issue is currently being troubleshot by MARTA IT. We do apologize for any inconvenience caused.

Ransomware attacks on cities and companies are becoming more common and damaging.

PREVIOUS | Secret Service investigating hack of Atlanta Public Schools’ employee paychecks

Earlier this year, AL.com reports the city of Leeds, Alabama paid $12,000 in bitcoin, a crypto currency, after their computer systems were taken over. The paper reports that the city was locked out of their systems and were given instructions on sending $12,000 worth of bitcoin to remove the lock.

http://www.11alive.com/article/news/local/cyberattack-hits-atlanta-computers-everyone-who-has-done-business-with-city-may-be-at-risk/85-530947288

Advertisements

ATM cyber heists hit Pakistan banks

December 11, 2017

This photo shows that HBL ATM software license is not genuine. (AN photo)

ISLAMABAD: An ATM scam affecting hundreds of debit card users in Pakistan has led to several arrests by the country’s Federal Investigation Agency (FIA), which apprehended another four suspects on Sunday.

.
FIA official Abdul Ghaffar Mirani told Arab News that investigators have unearthed a scam of about $105,000 and expected the number to rise after digital forensic experts searched confiscated equipment and cloned debit cards used by the scammers.
.
Mirani withheld the exact number of people arrested but said that mostly Chinese nationals had been taken into custody. “Our team is probing further as more complaints are pouring in and data is being compiled from other cities,” he said.
.
The cyber heist is being dealt with by the FIA’s National Response Center for Cyber Crime (NR3C), the country’s only technology-based crime division, which was set up 10 years ago and assists other law enforcement agencies in Pakistan.
.
On Friday, FIA Director Shakeel Durrani said at a press briefing that the investigation had revealed the involvement of Canadian, Nigerian and Italian hackers, as well as an Indian scammer identified as Sorev.
.
The information was divulged by Saqibullah, a Rawalpindi resident running a racketeering business, who as their front man sold stolen financial information to the hackers. He is also involved in identity theft, credit debit card cloning and extortion. His arrest has expanded into a FIA investigation searching for his collaborators.
.
Durrani said, “The prime suspect (Saqibullah) would take photos of ATM machines to match suitable skimming machines that were ordered from other countries.”
.
The cash withdrawals from the hacked accounts were in China, Canada, Italy, Nigeria, Indonesia, Malaysia, US, but were not limited to those countries, he said.
.
Revelations of the ATM-skimming scam were revealed last week by the country’s largest financial institution, Habib Bank Limited (HBL), which confirmed more than $105,000 had been stolen from 559 hacked HBL customers, mostly in the cities of Karachi and Lahore.
.
Image result for Habib Bank Limited, photos, signage
.
“We have more than 10 million customers, which means that the size of the amount missing is not very significant for the HBL, while the number of customers affected is also low, said HBL’s corporate and marketing executive Naveed Asghar, who was reported in a local English daily. “It is a fraud and we must check it and find the culprits … it happens in all the countries that use ATMs,” he said.
.
Banks using outdated technology fitted with aging security protocols attracted a “organized foreign group” to hack the ATM booths, suggests the FIA, which is approaching the State Bank of Pakistan, the country’s banking regulator, to introduce biometric policy and enforce it across the banking spectrum.
.
An HBL official in Islamabad told Arab News: “The practice of skimming is not new,” but the bank’s new biometric security measures, currently being introduced in its ATMs, “will prevent and curb future hacks.” Though HBL seems to be the main target, Standard Chartered Bank, Faysal Bank Limited, Bank Al Habib Limited and other banks have also fallen victim to cybercrime, he said.
.
“Officially the bank hasn’t sent out warning notifications to customers of this continuing fraud but we are compensating the affected account holders. An internal memo has been circulated for each bank branch to check and monitor the ATMs,” the banking officer said.
.

Now Even Money Is Running Out in Storm-Hit Puerto Rico — U.S. reaction to hurricane “catastrophic for Puerto Rico”

September 28, 2017

SAN JUAN, Puerto Rico — First, Hurricane Maria knocked out power and water to Puerto Rico. Then diesel fuel, gas and water became scarce. Now, it’s money.

The aftermath of the powerful storm has resulted in a near-total shutdown of the U.S. territory’s economy that could last for weeks and has many people running seriously low on cash and worrying that it will become even harder to survive on this storm-ravaged island.

There are long lines at the banks that are open with reduced hours or the scattered ATMs that are operational amid an islandwide power outage and near total loss of telecommunications. Many people are unable to work or run their businesses because diesel to run generators is in short supply or they can’t spend all day waiting for gas to fill their car.

Related:

**************************************************

A woman collects water from an open road drainage of a natural spring created by the landslides in a mountain next to a road in Corozal, southwest of San Juan. Ricardo Arduengo/AFP/Getty Images

What every American needs to know about Puerto Rico’s hurricane disaster

9 essential things to know about Puerto Rico’s humanitarian crisis.

People carry water in bottles retrieved from a canal in Toa Alta, Puerto Rico.
 Hector Retamal/AFP/Getty Images

Early on Wednesday, September 20, Hurricane Maria, a powerful Category 4 hurricane with 150 mph winds, made direct landfall on Puerto Rico, bisecting the entire island and drenching it with feet of rain. What’s happened since has been catastrophic for Puerto Rico.

There’s still no power on the island, with the exception of a few generators powering only the highest-priority buildings like hospitals. That means in many places there’s no water to drink or bathe in or to flush toilets. There’s limited food, fuel, and cell service, and it’s taken several days for reporters and rescue workers to reach remote towns and villages.

“Make no mistake — this is a humanitarian disaster involving 3.4 million US citizens,” Puerto Rico Gov. Ricardo Rosselló said Monday.

The initial recovery response from the US federal government has been lackluster, and President Trump’s comments have not inspired confidence. “This is an island sitting in the middle of an ocean,” he said on Tuesday. “And it’s a big ocean; it’s a very big ocean. And we’re doing a really good job.”

This is a disaster that deserves more coverage and a swifter response — and both appear to have been impeded by widespread confusion about Puerto Rico’s relationship to the United States and the severity of its current situation. Here’s what every American needs to know.

1) 3.4 million US citizens live in Puerto Rico, and they are entitled to the same government response as any state. But half of Americans don’t even know that.

Wikimedia Commons

According to a new Morning Consult poll published in the New York Times, only 54 percent of Americans know that Puerto Ricans are US citizens. The poll found 81 percent of those who knew Puerto Ricans were citizens supported sending to aid to the island. Just 44 percent of those who didn’t know said the same.

Puerto Ricans have been citizens of the United States since 1917, when President Woodrow Wilson signed the Jones-Shafroth Act. Citizens mean citizens. Puerto Ricans can travel freely to and from the continental United States without a passport. They’re protected by the same Bill of Rights as anyone else born in the United States. They vote in presidential primaries.

The island does not get electoral votes in general presidential elections. It also does not have voting representatives in Congress. Jenniffer González-Colón serves as resident commissioner of Puerto Rico, a non-voting member of the US House of Representatives.

If Puerto Rico were a state, it would be the 30th most populated — with more people than Wyoming, Vermont, and Alaska combined.

“[Puerto Ricans] are entitled to the same response from the federal government as the citizens of New York or Kansas would be if they were visited by a natural disaster on the scale of Hurricane Maria,” the editors of America Magazine, a Catholic publication, wrote on Monday. “Although the United States has long benefited from the geographical reach they provide … [island territories] have been taken for granted and denied full political representation. Hurricane Maria is a reminder that this two-tiered system of American citizenship is neither democratic nor tenable.”

2) Hurricane Maria was like a 50-mile-wide tornado that made a direct hit on the island

NASA Earth Observatory images by Joshua Stevens

This hurricane season has been punishing for Puerto Rico. First, it got clipped by Hurricane Irma, a huge Category 5 storm whose eye passed just north of the island. That storm — which had ravaged several Caribbean islands — left 1 million people without power on Puerto Rico. By the time Maria hit, 60,000 people were still without electricity. That means there are many people on the island who haven’t had power for 20 days (Irma passed by on September 7).

Maria was a slightly smaller storm, but it was far, far more devastating. That’s because it charted a course directly over Puerto Rico, hit near its peak intensity, and passed around 25 miles away from San Juan, the capital, which is home to about 400,000 people. No nation or territory could suffer such a direct hit without some damage.

“It was as if a 50- to 60-mile-wide tornado raged across Puerto Rico, like a buzz saw,” Jeff Weber, a meteorologist with the National Center for Atmospheric Research, says. “It’s almost as strong as a hurricane can get in a direct hit.”

The path Maria followed through Puerto Rico.

By the record books, it was the fifth-strongest storm ever to hit the US, and the strongest storm to hit the island in 80 years. “The devastation is vast,” Gov. Rosselló said in a statement. “Our infrastructure and energy distribution systems suffered great damages.”

3) Water, food, and fuel are scarce on the island. The airports are a mess. Power will be out for months in some places.

Exact figures on the extent of the damage and the costs of repairs on the island are not yet known. This is partly due to the fact that communications on the island are strained. But it’s also because many roads are damaged and it’s hard to get around. AIR Worldwide, a catastrophe risk consultancy, estimates the storm caused $40 billion to $85 billion in insurance claims throughout the Caribbean, with 85 percent of those losses in Puerto Rico.

Photos show whole communities with roofs torn off, second floors of houses ripped apart, water flooding the streets, and people resorting to waiting in long lines for clean water and fuel. In reports, the word “apocalyptic” is used often.

More concretely, we do know that Puerto Rico’s infrastructure is severely crippled. These are major problems that will make living even in an intact house more difficult in the coming weeks and months.

Power is out across the island — and Puerto Rico’s energy system was troubled to begin with

The storm knocked out 80 percent of the island’s power transmission lines, the Associated Press reports. And as of Monday, nearly all of the island’s 1.57 million electricity customers were still without power. Generators are being distributed to high-priority hospitals, but most homes and businesses are dark.

In the photos below, NOAA compares what the lights of Puerto Rico looked like from space on a calm night in July, and then compare it to what the island looked like post–Hurricane Maria. The faint lights that remain are powered by gas generators. Also notice the islands St. Thomas, St. Croix, and Tortola are now almost entirely dark.

It could be four to six months before power is restored on the island. That’s half a year with Puerto Rico’s 3.4 million residents relying on generators, half a year without air conditioning in the tropical climate, half a year that electric pumps can’t bring running water into homes, half a year when even the most basic tasks of modern life are made difficult.

PREPA, the electric company on the island, has a massive $9 billion debt, as Vox’s Alexia Fernández Campbell has explained, and in July it defaulted on an interest payment. For years, it hasn’t had the money to invest in modernizing Puerto Rico’s electrical systems. Even without hurricanes, power outages are frequent on the island. Making things worse: There aren’t enough workers to fix the infrastructure. Young people have been leaving the island in droves as the economy has tightened, and older workers have been retiring en masse, securing their pensions.

Rebuilding the system on the island will be a long and difficult process. Getting the power back on in Puerto Rico “will be daunting and expensive,” the New York Times explains. “Transformers, poles and power lines snake from coastal areas across hard-to-access mountains. In some cases, the poles have to be maneuvered in place with helicopters.”

Officials are currently prioritizing getting power back on for hospitals.

Fresh water is scarce

No electricity means no power to pump water into homes, no water to bathe or flush toilets. The Defense Department said Tuesday that only 56 percent of people on the island have potable water. USA Today reported that Arecibo, a town on the northern shore of the island, had only one source of fresh water: a single fire hydrant. Rescue workers have been distributing bottled water, but it’s safe to assume many people haven’t received any yet.

Cellphone towers are knocked out

The storm knocked out 1,360 out of 1,600 cellphone towers on the island. Many communities have been isolated from the outside world for days, relying only on radios for news. National Guard members told the Daily Beast they were struggling to communicate on the ground, making their ability to respond to the disaster exceptionally hard. “There’s no communication, that’s the problem,” said Capt. Jeff Rutkowski.

Javier Zarracina/Vox

The cellular outage also means that family on the mainland, or abroad, can’t get in touch with those on the island to find out if they’re safe.

Few hospitals have power

Only 11 of 69 hospitals on Puerto Rico have power or are running on generators, FEMA reports. That means there’s limited access to X-ray machines, and other diagnostic and life-saving equipment. Few operating rooms are open, which is scary, considering an influx of patients with storm-related injuries.

“Two people died yesterday because there was no diesel in the place where they were… In San Juan, a hospital,” San Juan Mayor Carmen Yulín Cruz told CBS News in an emotional interview Tuesday. “We need to get our shit together.”

“I know that leaders aren’t supposed to cry…But we are having a humanitarian crisis here,” San Juan mayor tells @DavidBegnaud

And the health crisis on the island could grow if power is not soon restored, as Vox’s Julia Belluz reports.

“Just about every interaction with the health system now involves electricity, from calling a hospital for help to accessing electronic medical records and powering lifesaving equipment like hemodialysis machines or ventilators,” Belluz writes.

Farms are decimated

Agriculture is a small part of the Puerto Rican economy, contributing just 0.8 percent to its GDP and employing 1.6 percent of its labor force. But it was decimated — in a nearly literal sense of the word — by Hurricane Maria.

“In a matter of hours, Hurricane Maria wiped out about 80 percent of the crop value in Puerto Rico,” the New York Times reports. That amounts to a $780 million loss. The island imports 85 percent of its food, but the destruction of its agricultural sector is likely to increase prices and exacerbate the scary prospect of continued food shortages on the island.

Weather radar is down, making it harder to forecast new storms

View image on TwitterView image on TwitterView image on Twitter

Actual situation of Doppler radar after Hurricane María.
Situación actual del radar Doppler luego del paso del huracán María.  

On Monday, the National Weather Service reported that its Doppler radar station on the island had been destroyed. That’s the radar that helps meteorologists see where thunderstorms and other weather systems are moving in real time. “Not having radar does make future storms more hazardous,” says Weber.

Airports are a hot, sticky mess

Residents of Puerto Rico have had a difficult time getting off the island. Luis Muñoz Marín International Airport — the island’s main airport in San Juan — reopened to commercial flights Sunday. But residents can expect to wait a long time in uncomfortable conditions if they want a flight.

There’s no air conditioning in the airport, the Miami Herald reports, ticketing computers are out, and passengers have to be checked in to flights via telephone. And due to damage to FAA radar, only a limited number of planes can take off and land in San Juan each day. Hundreds of flights have been canceled, according to the Washington Post.

Fuel is hard to find

People wait in line to purchase petrol in Arecibo, northwestern Puerto Rico, on September 22, 2017. 
Hector Retamal/AFP/Getty Images

Without a working electrical grid, Puerto Ricans have had to turn to gas-powered electric generators for energy. But it’s very, very difficult to get fuel on the island. NPR reports on people waiting for six-plus hours in lines for gas. Other stations are completely out of fuel and have been for days.

“Authorities in Puerto Rico say there isn’t a gas shortage,” NPR reports. “Instead, they say that distribution has been disrupted by the storm.”

When fuel runs low, lives are put in danger.

The Washington Post reported from Juncos, a municipality in the central eastern region of the island. There, they found a diabetic woman afraid that the refrigeration that keeps her insulin preserved will soon run out, and that there won’t be fuel to restart the generator.

4) Puerto Rico’s economy is in shambles, and the storm will make it worse

Hector Retamal/AFP/Getty Images

As Vox’s Fernández Campbell explains, Puerto Rico’s government is broke. Its infrastructure is aging and in disrepair on a good day. And it can’t borrow money to fix it. In May, Puerto Rico — which has a $103 billion economy — declared bankruptcy, and it has since then been trying to restructure more than $70 billion in debt.

Certain US policies have contributed to Puerto Rico’s economic deterioration. One of them is the Jones Act (different from the Jones-Shafroth Act mentioned above), an antiquated law that forces Puerto Ricans to pay nearly double for US goods through various tariffs, fees, and taxes. The act stipulates that any goods shipped from one American port to another must be on American-made-and-operated ships. As Matthew Yglesias explains, it means shipping to Puerto Rico is more costly because there’s little competition among freighters.

It’s a “a shakedown, a mob protection racket, with Puerto Rico a captive market,” as Nelson A. Denis, a former New York State Assembly member and author of War Against All Puerto Ricans: Revolution and Terror in America’s Colonywrote in the New York Times. He and others are calling for the Jones Act to be suspended immediately, to bring energy costs and consumer prices down.

Meanwhile, economic woes have contributed to severe brain drain over the years: The population has dropped by more than 8 percent since 2010. According to the Times: “the cost of living in Puerto Rico is 13 percent higher than in 325 urban areas elsewhere in the United States, even though per capita income in Puerto Rico is about $18,000, close to half that of Mississippi, the poorest of all 50 states.”

The population drain in turn makes it harder and harder for Puerto Rico’s economy to recover. People will likely migrate on account of the storm, which will make recovery more difficult. It’s a classic vicious cycle.

5) Experts believe the death toll could reach into the hundreds

Carolyn Cole/Los Angeles Times via Getty Images

The storm has claimed at least 16 lives in Puerto Rico so far, according to the AP. But John Mutter, a Columbia University professor who specializes in natural disasters and studied the death toll from Hurricane Katrina, expects in the coming days it could reach into the hundreds.

“Being without power is huge,” he says. “Just how quickly they can get it back is still an unknown thing. But it’s extremely important they get it going to suppress the chances of illness following the storm.” Still, he says, we are probably not looking at a tragedy on the scale of Hurricane Katrina, where 1,400 to 2,000 people (depending on whom you ask) died as a result of the storm.

In Puerto Rico, as in any disaster situation, health hinges on electric power: Dialysis, refrigeration for insulin and other medicine, and nebulizers for people with asthma all need electricity to be useful.

But it goes deeper than that: Electricity provides for the sanitation that prevents many illnesses like typhoid from spreading in the first place.

“Across Puerto Rico, people need electricity to get clean water from the faucet and flush the toilet,” Vox’s Julia Belluz writes. “They also need it to keep their air conditioning systems running. Without it, there’s the looming risk of people getting sick from dirty water, waste that can’t be disposed, or heatstroke.”

In 2014, researchers combed through the medical literature and charted the worst impacts of electric grid failures. 
PLOS

And the storm will be a strain not just on physical health but mental health as well. “Expect a burden of mental health problems which will include depression, post traumatic stress disorder, and it’s particularly going to impact groups who don’t have access to rapid opportunities for recovery,” Sandro Galea, dean of the Boston University School of Public Health, told Vox after Hurricane Harvey hit Texas.

After a major disaster, studies find a 5 to 15 percent increase in the incidence of mental health problems among survivors.

“We all have a threshold that if we watch a loved one swept away in rushing water and drown, that can definitely create post-traumatic stress disorder,” Charles Benight, who studies trauma at the University of Colorado, said.

6) The US government is responding to the disaster, but it’s going slow

US Coast Guard personnel offload relief supplies at the San Juan International Airport on September 22, 2017.
 Joe Raedle/Getty Images

Puerto Rico is an island, which complicates recovery efforts. Supplies have to be flown in or arrive via ship. Residents can’t drive to a nearby state or city for shelter to wait out the worst of it.

But help is on the island, and more is on the way. Some 5,000 active-duty troops and National Guardsmen members have been deployed to Puerto Rico and the US Virgin Islands. The Coast Guard and Army Corps of Engineers are working to reopen more ports on the islands.

FEMA has 600 people on the ground coordinating relief efforts. “More than 4.4 million meals, 6.5 million liters of water, nearly 300 infant and toddler kits [have been sent] to support 3,000 infants for a full week, 70,000 tarps, and 15,000 rolls of roof sheeting to the US Virgin Islands and Puerto Rico since Hurricane Maria’s landfall,” FEMA reports.

On Tuesday, FEMA administrator Brock Long announced the USNS Comfort, a Navy hospital ship, was on its way to Puerto Rico.

Still, the relief efforts will take time to make their way to communities across the island. “We need more resources from the Department of Defense so we can get helicopters and resources,” Rosselló told Politico Sunday. He also implored Congress to pass a special aid and relief package for the US territory.

“Whatever relief package we have, whatever impact we have, we are U.S. citizens,” Rosselló said. The island’s finances are currently controlled by a federal board, which made just $1 billion available for relief, the AP reports.

And many are arguing that help isn’t coming fast enough, or in high enough quantities.

“Given the size of Puerto Rico and the U.S. Virgin Islands, and the scale of devastation, it may take a task force of 50,000 service members to fully meet the needs of Americans suffering after Maria’s passage,” Phillip Carter, a fellow at the Center for a New American Security, argues at Slate.

Vox’s Fernández Campbell points out that the initial federal response to Maria has been similar to the response to Hurricanes Irma and Harvey. But “the devastation in Puerto Rico is far worse and the obstacles are far greater.”

7) Trump could be doing much more to help

President Trump approved a disaster declaration for Puerto Rico the day after the storm hit, freeing up federal resources for the recovery. Then for several days through the weekend, he remained silent on the issue, focusing his Twitter feed on a mounting feud with professional athletes.

On Tuesday night, he broke his silence with a series of tweets that focused not on the shocking situation on the ground and the need for aid, but on Puerto Rico’s troubled recent history.

Texas & Florida are doing great but Puerto Rico, which was already suffering from broken infrastructure & massive debt, is in deep trouble..

…It’s old electrical grid, which was in terrible shape, was devastated. Much of the Island was destroyed, with billions of dollars….

…owed to Wall Street and the banks which, sadly, must be dealt with. Food, water and medical are top priorities – and doing well. 

On Tuesday, Trump told reporters he’d travel to Puerto Rico on October 3. “It’s the earliest I can go because of the first responders, and we don’t want to disrupt the relief efforts,” he said. He also said the disaster response on Puerto Rico will be tougher than the one in Texas for Hurricane Harvey or in Florida for Irma “because it’s an island.”

Trump also amended the disaster declaration Tuesday, increasing the amount of funds available for recovery in Puerto Rico.

But as first responders on the ground in Puerto Rico told Fernández Campbell, this isn’t enough. Trump should also ask Congress to pass a relief package for Puerto Rico to give FEMA and the island more money to rebuild. He could deploy more military resources to help with search and rescue operations.

“We can’t do this whole thing by ourselves,” Ken Buell, director of emergency response for the US Department of Energy, told her.

8) Other Caribbean islands are hurting too

U.S. Virgin Islands Continues Major Recovery Efforts After Hurricane Irma Devastated The Islands
St. Thomas.
 Photo by Chip Somodevilla/Getty Images

As Vox’s Julia Belluz summarizes here, many Caribbean islands are going through similar crises after being hit by Hurricanes Maria and Irma. The island of Barbuda has been completely abandoned, and residents still can’t return home. Twenty-seven people died in Dominica. And 48,000 people are still without power in the US Virgin Islands.

Throughout these islands, homes are destroyed and people are displaced. And lives will have to start over.

9) You can help

It’s easy to feel overwhelmed and numb in the face of such destruction. In fact, it’s a frustrating psychological tendency inside all of us: When the number of victims in a disaster rises, our compassion doesn’t always rise with it. But remember, “even partial solutions can save whole lives,” as psychologist Paul Slovic has said.

Here’s how you can help, at least in part. My colleagues Dylan Scott and Ella Nilsen have complied this list of charities accepting donations to help Puerto Rico.

ConPRmetidos: The Puerto Rican organization focused on public-private partnership is aiming to raise $150,000 for relief and recovery. You can give here.

American Red Cross: Usually the first group people think of when giving after a disaster. It says it is providing shelters for those displaced by Irma, and it has thousands of volunteers on the ground. You can give here. (3/4 stars from Charity Navigator.)

Global Giving: A charity crowdfunding site that is attempting to raise $2 million to be used exclusively for local relief and recovery efforts. You can give here. (4/4 stars from Charity Navigator.)

Salvation Army: The Christian charity is emphasizing its intentions to help with long-term recovery. You can give here.

Americares: The nonprofit focused on medicine and health is seeking to provide emergency medical supplies and other basic resources to first responders and others. You can give here. (4/4 stars from Charity Navigator.)

It’s also a good idea to do some research before giving to a charity. Not all of them have a great track record of making sure your money directly goes to helping others. Vox’s Dylan Matthews has a great list of advice here.

https://www.vox.com/science-and-health/2017/9/26/16365994/hurricane-maria-2017-puerto-rico-san-juan-humanitarian-disaster-electricty-fuel-flights-facts

N. Korea hackers ‘suspected of stealing bitcoins’

September 12, 2017

AFP

© AFP/File | Experts suspect North Korean hackers of trying to steal bitcoins and other virtual currencies

SEOUL (AFP) – North Korea is suspected of intensifying cyber-attacks to steal virtual currency in order to obtain funds and avert tightening sanctions, according to security experts.North Korean hackers have mounted attacks on at least three South Korean cryptocurrency exchanges since May, security researcher FireEye said in a report Monday.

The attacks include an apparently successful one when four wallets at Seoul-based exchange Yapizon were compromised.

Local news reports said that in May Yapizon had more than 3,800 bitcoins worth $15 million stolen — although FireEye said there were no clear indications of North Korean involvement in that case.

South Korea’s opposition Bareun Party lawmaker Ha Tae-Kyung, who has followed North Korean hacking attempts, said it had apparently stolen more than 90 billion won ($80 million) from South Korea through hacking attacks in the four years to June, including cyber-attacks on ATMs.

“North Korea has set its sights on the so-called next generation financial markets, including virtual currencies, pin-tech and blockchains,” he told journalists last week.

“Alongside the UN-imposed sanctions, international cooperation is also required to curb the North’s cyber-hacking which can be used to finance its nuclear and missile programmes”, he said.

South Korea has become one of the world’s busiest trading hubs for cryptocurrencies, with Seoul-based Bithumb ranking as the world’s largest exchange for the ethereum virtual currency.

In June Bithumb was hit by cyber attacks, possibly linked to the North, in which information about 30,000 customers was leaked.

Some 160 customers are preparing a class action suit against Bithumb, claiming they lost around $10 million in total.

North Korean actors used “spearphishing” attacks targeting the personal email accounts of employees at digital currency exchanges, FireEye said in its report published Monday.

They frequently use tax-themed lures and deployed malware and variants linked to the North Koreans who are suspected of being behind intrusions into global banks in 2016, FireEye said.

“It should be no surprise that cryptocurencies, as an emerging asset class, are becoming a target of interest by a regime that operates in many ways like a criminal enterprise”, it said.

Why China’s New Cybersecurity Law Is Bad News for Business

December 6, 2016

By Commentary

DECEMBER 1, 2016, 1:00 AM EST

Fortune

U.S. companies have already begun to lobby against it.

China’s new cybersecurity law, expected to take effect next June, could hurt any foreign firm looking to do business in the world’s second-largest economy. Though the law is intended to fight non-Chinese and Chinese hackers, it also requires that foreign companies provide China’s government with potentially sensitive information about network equipment and software. Given the weaknesses of China’s enforcement of laws around intellectual property, it’s easy to see how trade secrets can fall into the hands of Chinese competitors at the expense of the best interests of foreign firms.

Businesses most at risk will be those with special hardware and systems for network management, which could well include ATMs. Because new-generation ATMs have a much higher level of connectivity, they’re more vulnerable to hacking, which is why they require sophisticated encryption devices and software to secure transactions. This cybersecurity law thus provides the government with the legal tool to obtain all such anti-hacking proprietary security hardware and software, which could then be passed on to relevant Chinese firms. And having access to the hardware and software means firms would have access to individuals’ personal banking information, as well.

The new law is also counterproductive because the scope of information that foreign companies will be required to provide to Chinese officials is worryingly broad. Complying with this requirement will force U.S. firms to make expensive investments to build duplicate facilities within China. This is in total contradiction with the free flow of data, expected to swell in 2020 after the introduction of 5G.

U.S. companies will have to weigh this risk against the opportunity to do business in China, which has developed a reputation for ‘copying’ without getting insider access. For international companies, there is no easy way forward, as the choice is black or white. Either foreign companies will comply, knowing China has a way to peek into what was previously private, or they will choose to stand by principles of privacy at the risk of being excluded from the Chinese market. Despite the challenging dilemma, companies are likely to comply and give in to China’s demands. The market is too huge and far too ripe for future growth to be ignored, especially when compared to more stagnant outlooks in Europe and the U.S.

In addition to creating barriers for international business in China, this kind of legislative move could stall innovation. It could well be considered to be part of what is called “indigenous innovation” in China, which consists of favoring Chinese firms by establishing non-tariff barriers—such as specific standards or regulations on products—in order to prevent non-Chinese firms the access to China’s large and dynamic market. And the impact would be wide-ranging, from consumer electronics to products, such as equipment to produce renewable energy, including windmills and solar panels.

Innovation involves a complex process, but it requires a society to be as open as possible and to allow vibrant exchanges between people. While cybersecurity is important, this law will wrap around the free market as it grips security. Within China, entrepreneurs are, by and large, not bothered by their government’s management of the Internet, called the “great firewall.” However, this new law is a new step to tighten the government’s grip on Internet. Furthermore, far from favoring China’s champions in this very dynamic area, such as Huawei, Lenovo, or Tencent, this law will handicap them in the long term. Maybe the hope is that these companies themselves will fight to alter the law and mitigate the negative implications for China’s Internet landscape.

U.S. companies have already begun to strongly lobby against the law, as well as China’s position that the Internet must be managed by authorities. But despite the efforts of any company, American, Chinese, or other, the cybersecurity law is just a piece of a larger ongoing political puzzle that companies will have to deal with. In the end, agility will be key for companies to succeed in the tense political environment.

Georges Haour is a professor of technology and innovation management at IMD business school and co-author of the new book, Created in China: How China is Becoming a Global Innovator (Bloomsbury, London, 2016).

Source: http://fortune.com/2016/12/01/china-cybersecurity-law-business/

***************************

(CNN)About a year ago, China and the United States formally agreed not to conduct or knowingly support the cyber theft of each other’s intellectual property.

So, how is that agreement working out?
.
Not great, said Adm. Mike Rogers, head of US Cyber Command.
.
“Cyber operations from China are still targeting and exploiting US government, defense industry, academic and private computer networks,” Rogers said last April during testimony before a US Senate committee.
.
Cyber theft of US trade secrets can easily ruin American businesses and result in higher prices for consumers. Even more worrisome, stolen American military secrets could put US servicemen and women at risk during combat.
.
.
“Russia and China are growing more assertive and sophisticated in their cyber operations,” White House spokesman Josh Earnest told reporters last July.
.
China’s cyber tactics may be getting “more assertive,” but the number of China-based hacking instances against the US government and American companies has declined in the past two years, according to US cyber security firm FireEye.
.
Despite all the fingers pointed in its direction, Beijing has long denied any responsibility for hacks and attacks — instead blaming internal “criminals” and rogues.
.
.
In 2004, an FBI probe nabbed an American engineer named Chi Mak who was convicted of trying to send digital information about secret US Navy technology to the Chinese government. The investigation is detailed in CNN’s Original Series “Declassified.”
.

Declassified Ep. 7 Chi Mak 2 _00001419

How the US searched a Chinese spy’s home without leaving a trace 01:16

How cyber spies operate

Sometimes cyber-spy targets might surprise you. A June New York Times report described how Chinese hackers took over a “dusty old computer” at a small welding company in Belleville, Wisconsin, to stage global assaults.
.
“We were totally freaked out,” co-owner Lori Cate told The Times. “We had no idea we could be used as an infiltration unit for Chinese attacks.”
.
CBS News reported on how China-based spies use malware and spear phishing to allow hackers to watch you at your desk without your knowledge. Spear phishing is harmful email disguised to look like it’s from a familiar business or someone you know.
.
The bad guys want you to open the email, click on an attachment and boom — your computer is now working for the spies.
.
.
.
Countries like China are turning “to proxies (to) do their bidding in order to provide plausible deniability,” said Frank J. Cilluffo the director of the Center for Cyber & Homeland Security, during testimony last February before a US House committee.
.
Hacker groups known by names like Deep Panda, C0d0so0 (aka Codoso) have been blamed for raiding computer systems at law firms, banks and Forbes.
.
One group which has been “attributed to China” has been dubbed “Mofang,” reports Wired.
.
“Mofang has targeted government agencies in the US, military agencies in India and Myanmar, critical infrastructure in Singapore, research and development departments of automotive companies in Germany, and the weapons industry in India,” Wired reported in June.
.
Not only could stolen data be used to copy new American products and secret military technology, Cilluffo warned it could be used as a weapon “to blackmail and recruit Americans” — potentially to be forced to act as Chinese agents.
.
Sometimes the espionage is about defending against an enemy.
.
“Beijing also selectively uses cyber attacks against targets it believes threaten Chinese domestic stability or regime legitimacy,” said James Clapper, US director of national intelligence, during congressional testimony last February.
.

What cyber spies want

.

“China’s aggressive collection efforts appear to be intended to amass data and secrets (military, commercial/proprietary, etc.) that will support and further the country’s economic growth, scientific and technological capacities, military power, etc. — all with an eye to securing strategic advantage,” Cilluffo said.
Sometimes the spying may be about getting the inside track.
.
Cyber spying malware has been linked to China in arbitration over islands in the South China Sea claimed by the Philippines but occupied by China, according to a report in The Hill.
.
An antivirus firm called F-Secure found malware linked to China on computers in the Philippines’ justice department, a law firm representing a party in the dispute and members of the Asia Pacific Economic Cooperation Summit, The Hill reported.
.
Sometimes it’s simply about copying hardware.
.
Countries can save untold money and time by stealing information that will help them duplicate rival products and weapons, instead of developing them legitimately. Last March, a 50-year-old Chinese citizen named Su Bin pleaded guilty to conspiring to hack into the computer networks of top US military contractors to pilfer sensitive information to send to China.
.

Last March a man admitted trying to steal data for China about Boeing's C-17 military transport.

He worked with two unidentified people for more than five years to target military data, including information about Boeing’s C-17 transport plane and certain fighter jets, the Justice Department said.
.
.
Clapper: Cyber intrusions blur war and peace
.
Director of National Intelligence James Clapper listens on Capitol Hill in Washington, Tuesday, Feb. 9, 2016, while testifying before a Senate Armed Services Committee hearing on worldwide threats. (AP Photo/Evan Vucci)
.
Overall, China has been successful in using cyber espionage against the US government, its allies and American companies, said Clapper.
.
He predicts China will continue to challenge the US at “lower levels of competition,” including “cyber intrusions, proxies and other indirect applications of military power — that intentionally blur the distinction between peace and wartime operations.”
.
In other words, get used to looking over your shoulder, because it’s likely that the threat of cyber espionage blamed on China will be with us for a long, long time.

http://www.cnn.com/2016/08/23/us/declassified-china-cyber-espionage/

Chinese Curb Cyberattacks on U.S. Interests, Report Finds

WASHINGTON — Nine months after President Obama and President Xi Jinping of China agreed to a broad crackdown on cyberespionage aimed at curbing the theft of intellectual property, the first detailed study of Chinese hacking has found a sharp drop-off in almost daily raids on Silicon Valley firms, military contractors and other commercial targets.

But the study, conducted by the iSight intelligence unit of FireEye, a company that manages large network breaches, also concluded that the drop-off began a year before Mr. Obama and Mr. Xi announced their accord in the White House Rose Garden. In a conclusion that is largely echoed by American intelligence officials, the study said the change is part of Mr. Xi’s broad effort to bring the Chinese military, which is considered one of the main sponsors of the attacks, further under his control.

As a result, the same political forces that may be alleviating the theft of data from American companies are also responsible for Mr. Xi’s stunningly swift crackdown on the Chinese media, bloggers and others who could challenge the Communist Party.

Source (read it all): http://www.nytimes.com/2016/06/21/us/politics/china-us-cyber-spying.html

India note demonetisation ‘legalised plunder’, says former prime minister Manmohan Singh

November 24, 2016

NEW DELHI (AFP) – India’s former prime minister said on Thursday (Nov 24) the government’s shock move to withdraw all high-value notes from circulation would slow growth in the world’s fastest expanding major economy, calling it “legalised plunder”.

Mr Manmohan Singh, whose economic reforms are credited with rescuing the country from the brink of bankruptcy in the early 1990s, said the two-week-old scheme had been a “monumental management failure” that would knock two percentage points off growth.

“The way this scheme has been implemented is a monumental management failure and in fact, it is a case of organised loot and legalised plunder,” Mr Singh told the Upper House of Parliament to applause from fellow opposition MPs.

“The GDP of the country can decline by about two percentage points as a result of what has been done, and this is an underestimate and not an overestimate.”

The government has said the withdrawal of all 500 rupee (S$10.41) and 1,000 rupee notes will bring billions of unaccounted money into the formal banking system and ultimately boost the economy.

But it has faced criticism over the slow pace of introducing the new notes, with banks running out of cash and ATMs having to be recalibrated to cope with the different sized bills – a process that is still incomplete.

Economists have warned this will hit the largely cash-based economy, with consumers unable to make purchases, supply chains disrupted and farmers unable to buy seeds.

“I do not disagree with these objectives, but in the process of demonetisation, monumental mismanagement has been undertaken,” said Mr Singh, who headed the Congress-led government until it was ousted from power in 2014.

India’s gross domestic product expanded 7.1 per cent year-on-year in the three months from April-June, making it the world’s fastest growing major economy.

 Related:
.
.
.
.

India abolished the country’s largest currency notes in a fight against unaccounted wealth and corruption, Prime Minister Narendra Modi said in an unscheduled address to the nation

Cyber hackers target ATMs, Europe and Malaysia hit

November 22, 2016

Tuesday, 22 November 2016

CYBER criminals have remotely attacked cash machines in more than a dozen countries across Europe this year, using malicious software that forces machines to spit out cash, according to Russian cyber security firm Group IB.

Diebold Nixdorf and NCR Corp, the world’s two largest ATM makers, said they were aware of the attacks and have been working with customers to mitigate the threat. The newly disclosed heists across Europe follow the hacking of ATMs in Taiwan and Thailand that were widely reported over the summer.

Although cyber criminals have been attacking cash machines for at least five years, the early campaigns mostly involved small numbers of ATMs because hackers needed to have physical access to cash out machines.

The recent heists in Europe and Asia were run from central, remote command centres, enabling criminals to target large numbers of machines in “smash and grab” operations that seek to drain large amounts of cash before banks uncover the hacks.

“They are taking this to the next level in being able to attack a large number of machines at once,” said Nicholas Billett, Diebold Nixdorf’s senior director of core software and ATM Security. “They know they will be caught fairly quickly, so they stage it in such a way that they can get cash from as many ATMs as they can before they get shut down.”

Group IB declined to name banks that were “jackpotted,” a term used to describe forcing ATMs to spit out cash, but said the victims were located in Armenia, Belarus, Bulgaria, Estonia, Georgia, Kyrgyzstan, Moldova, the Netherlands, Poland, Romania, Russia, Spain, Britain and Malaysia.Indeed, Dmitry Volkov, head of threat intelligence with Group IB, told Reuters he expects more heists on ATMs.

MORE HEISTS EXPECTED

Hackers have moved from stealing payment card numbers and online banking credentials to more lucrative hacks on bank networks, giving them access not only to ATM machines, but also to electronic payment networks.

A February attack on servers at Bangladesh’s central bank that controlled access to the SWIFT messaging system yielded more than $81 million (64.98 million pounds) in one of the biggest digital heists on record. Russian banks lost over $28 million in a series of wire-fraud cases that were identified earlier this year.

“What we are seeing demonstrated is the new model of organised crime,” said Shane Shook, an independent security consultant who helps banks and governments investigate cyber attacks and reviewed Group IB’s findings.

Diebold Nixdorf and NCR both said they had provided banks with information on how to thwart the new types of attacks.

“We have been working actively with customers, including those who have been impacted, as well as developing proactive security solutions and strategies to help prevent and minimize the impact of these attacks,” said Owen Wild, NCR’s global marketing director for enterprise fraud and security.

Disclosure of the campaign follows two ATM hacks in July: $2.5 million was stolen from Taiwan’s First Bank and $350,000 from Thailand’s state-run Government Savings Bank.

Hackers remotely infected ATMs at both banks, forcing them to spit out cash that was collected by teams of “money mules,” who authorities say travelled to Asia from Eastern Europe.

ONE CRIMINAL GROUP?

The U.S. Federal Bureau of Investigation earlier this month sent a private alert to American banks, warning them to be on the lookout for attacks on ATMs following the heists in Taiwan and Thailand, the Wall Street Journal reported on Monday.

An FBI spokesman declined to comment on the attacks in Europe.

Group IB released a report describing its findings late on Monday, saying it believed the attacks across Europe were conducted by a single criminal group which it dubbed Cobalt.

It named them after a security-testing tool known as Cobalt Strike, which the perpetrators used in the heists to help them move from computers in the bank network that were infected with tainted emails to specialised servers that control ATMs.

Group IB believes that Cobalt is linked to a well-known cyber crime gang dubbed Buhtrap, which stole 1.8 billion roubles (22.46 million pounds) from Russian banks from August 2015 to January 2016, because the two groups use similar tools and techniques.

Buhtrap stole money through fraudulent wire transfers, not ATM jackpotting.

The ATM Security Association declined to comment on Group IB’s findings.

Members of the group, which works to improve ATM security, include ATM maker Diebold Nixdorf as well as banks ABN Amro, Bank of America Corp, Royal Bank of Scotland Group and Wells Fargo & Co.

Representatives of Europol, which coordinates investigations of cyber crimes across Europe, had no immediate comment. – Reuters

Related:

Cashing Out: ATMs Try to Stop Wave of Cyberattacks

October 15, 2016

The ATM is the newest front in the war against cyberthieves

Banks hope chip-card technology will help foil fraud at the ATM.
Banks hope chip-card technology will help foil fraud at the ATM. PHOTO: MATT ROURKE/ASSOCIATED PRESS
.

Oct. 15, 2016 7:00 a.m. ET

The ATM is the newest front in the war against cyberthieves.

A year after millions of U.S. merchants began installing equipment at the check-out line to accept credit and debit cards with security chips, the automated teller machine is getting similar technology.

The move comes as thieves increasingly target ATMs. While chip-enabled credit cards are expected to slow growth in fraud at the checkout counter, the number of ATMs compromised by criminals jumped more than sixfold from 2014, according to a recent report from FICO, a credit-score provider and analytics firm. FICO says the number of 2015 compromises was the highest it ever recorded, though it declined to disclose specific numbers.
The burst of ATM-related fraud also was the largest one-year increase since FICO started keeping track of such data about a dozen years ago. Meanwhile, rates of credit-card fraud, a more popular scheme for criminals, have largely leveled off.

The push to make ATMs more secure takes on added significance this month: Under MasterCard Inc.’s network rules, ATM operators on Oct. 21 will become liable for any fraud costs that occur if a MasterCard chip-enabled card is used at a machine that isn’t equipped with chip technology. That cost is currently borne by the card-issuing bank. Visa makes a similar shift next October.

The shift to more secure ATMs is expected to tackle the growing problem known as skimming, by which criminals rig a machine with a surreptitious device that can steal a customer’s card data, often including the personal identification number. The crook can then use the data to make a counterfeit card and drain the associated bank account.


The computer chip embedded in many new U.S. credit and debit cards fights such fraud by creating a one-time code for each transaction, limiting the ability of a thief to steal and replicate data.

“The U.S. market is definitely being targeted with card skimming,” says Owen Wild, global marketing director for enterprise fraud and security at NCR Corp., one of the largest makers of ATMs. Nonbank ATMs account for 60% of recent incidents, up from 39% in 2014, the FICO analysis found.

Cyberthieves make at least 1.5 million illicit ATM cash withdrawals in the U.S. each year, according to consulting firm Tremont Capital Group. That figure represents a tiny fraction of the 5.8 billion ATM withdrawals consumers made in 2013, according to a Federal Reserve estimate.

Still, theft from ATM skimming can be more dangerous to consumers than credit-card fraud because the debit card is tied directly to a consumer’s checking account. Banks will typically reimburse customers for losses, but the process can be complicated

Cost is an issue for ATM operators; It typically costs between $300 and $700 to upgrade an existing ATM to accept chip cards, says Brad Daniel, president at America’s ATM, a Plantation, Fla., company that maintains a fleet of the machines.

Everything ATM, an ATM operator and supplier based in Brooklyn, N.Y., has requested 5,000 upgrade kits from a supplier, but has only received 1,000 so far, says Jim Shrayef, principal at the firm. “I cannot get the product I need to satisfy the demand,” he said.

So far, it appears that ATM operators are better prepared for the transition to chip cards than merchants that have grappled with challenges to get the equipment ready at the check-out line.

In part, that is because many of the nation’s 420,000 ATMs are owned and operated by large financial institutions or independent companies that manage thousands of machines.

MasterCard estimates that 40% of ATMs will be chip-ready by the end of October. That compares with industry estimates that fewer than 20% of merchants were ready to process chip cards when their liability shift took place last year. Millions of smaller merchants—and some big grocery chains—still haven’t upgraded their equipment.

J.P. Morgan Chase & Co. and Bank of America Corp., which operate about 34,000 ATMs between them, say that most of their machines are ready to accept chip cards.

PNC Financial Services Group Inc.’s 9,000 ATMs are already accepting chip cards. “We have been preparing for this for a few years,” says Ken Justice, head of the ATM network at the Pittsburgh bank.

However, many consumers still don’t have chip-enabled debit cards since card-issuing banks initially concentrated on credit cards.

MasterCard says that close to one-third of its branded U.S. debit cards are embedded with chips, well below the 88% of its U.S. consumer credit cards. Visa says that 42% of its branded debit cards have chips, compared with 64% for its credit-card portfolio.

“We’re continuing to see a rise,” in the percentage of debit cards with chips, says Chiro Aikat, senior vice president for chip-card delivery at MasterCard. “But there is no doubt that debit was a laggard.”

http://www.wsj.com/articles/cashing-out-atms-try-to-stop-wave-of-cyberattacks-1476529201

Russian man suspected of using malware to withdraw millions from ATMs sought

August 31, 2016

Thailand is looking for a Russian suspect who is believed to have used malware to withdraw 12 million baht (S$473,000) from ATMs across the country. PHOTO: EPA

BANGKOK (Reuters) – Thai police investigators on Wednesday (Aug 31) said they are seeking a Russian man suspected of using malware to withdraw 12 million baht (S$473,000) from dozens of cash machines across the country.

Police earlier said a group of foreign hackers made off with around the cash by inserting cards installed with malware into at least 18 cash machines run by Thailand’s state-run Government Savings Bank in July.

It follows similar attacks in Taiwan in July, which saw thieves withdraw more than US$2 million from First Bank ATMs, and is part of growing attacks on ATMs across Asia. “We have a warrant for a 29-year-old man from Russia but from our investigations at least another two are involved,” Thai Police General Panya Mamen told reporters.

“He travelled from Beijing, China, and came to Thailand on July 14 and withdrew money in ATMs in Phuket and Bangkok, altogether in 18 locations, before flying out to Moscow,” said Panya, adding that police have not yet arrested the suspect.

The Government Savings Bank said customers’ money was not affected by the thefts.

FireEye, a California-based cyber security company, said in a statement last Friday that it had detected a potentially new ATM malware sample that may be linked to the Thailand attacks.

The malware, dubbed Ripper, interacts with the ATM by inserting a specially manufactured ATM card with a chip that serves as an authentication mechanism, the security firm said.

“We’ve identified a family of malware that may have been used in recent ATM robberies,” said FireEye. “In addition to requiring technical sophistication, attacks such as that affecting the ATMs in Thailand require coordination of both the virtual and the physical. This speaks to the formidable nature of the thieves.”

Thailand has long been a hub for both Thai and foreign cyber criminals.

Thieves trick Taiwan cash machines to wrongfully pay out $2 mn — Police suspect malware computer code — Crooks walked away “with bags packed with cash”

July 12, 2016

AFP

© AFP | A sign notifying customers about the suspension of ATM machines at a branch of Taiwan’s First Commercial Bank in Taipei on July 12, 2016

TAIPEI (AFP) – Thieves suspected of installing a computer programme that forced cash machines in Taiwan to churn out more than $2 million were being hunted by police on Tuesday, officials said.

The masked robbers ransacked more than 30 ATMs at the Taipei-based First Commercial Bank, walking away “with bags packed with cash”, the bank said in a statement.

It suggested that a malware programme may have been installed on the ATMs, adding that the suspects stole the money without having to operate the machines directly.

Surveillance images showed “two men wearing face masks and hats walking away with bags packed with cash directly withdrawn from ATMs”, First Commercial said in the statement.

At least two suspects were involved — one Russian man, and another foreign suspect whose nationality remains unknown, according to Taipei police.

“It is still not clear how the suspects stole such a large amount of money from the ATMs. My understanding is this is the first time such a criminal method has been discovered here,” an officer told AFP.

It took the duo five to 10 minutes to steal money from each of the 34 ATMs over the weekend, the bank said, adding that the theft spanned machines at 20 branches.

It said more than 400 of its ATMs of the same type had been shut down following the heist, which cost the bank Tw$70 million ($2.2 million).

Police said the Russian suspect escaped Taiwan on Sunday, adding that they had sought assistance from Interpol.

“ATM crimes were not uncommon, most of them using fake cards or cheating people out of their money using their debit or credit cards on ATMs,” the officer said.

More than 700 other cash machines of the same type operated by six other banks have also been shut down.