Posts Tagged ‘banks’

Senators Support Rollback of Bank Oversight

November 14, 2017

Bipartisan deal raises threshold dictating which banks would face heightened oversight from the Federal Reserve

Dozens of banks received the biggest signal yet that they may soon be freed from some of the most onerous rules put in place after the financial crisis, as lawmakers from both parties agreed to a plan that would enact sweeping changes to current law.

The bipartisan Senate agreement released Monday would relieve small and regional lenders from a number of restrictions meant to limit the damage firms could cause to the economy in the event of another crisis.

In what would be the biggest step to ease the financial rule book since Republicans took control of Washington, the proposal could cut to 12 from 38 the number of banks subject to heightened Federal Reserve oversight by raising a key regulatory threshold to $250 billion in assets from $50 billion. The legislation also would ease red tape affecting credit unions and community banks, allowing them to lend more, supporters said.

The deal will “significantly improve our financial regulatory framework and foster economic growth by right-sizing regulation,” said Senate Banking Committee Chairman Michael Crapo (R., Idaho), who brokered the agreement between Republicans and a group of moderate Democrats.

Monday’s deal shows Republicans’ determination to ease regulations that they say constrain U.S. economic growth by limiting the capacity of banks and other businesses to serve customers and hire new workers. While it isn’t clear that any rule reduction will bolster the economy, efforts to scale back the 2010 Dodd Frank financial overhaul law and other policies amount to a bet that a freer environment will pave the way for increases in investment, spending and hiring.

Analysts said it isn’t clear that lending would actually increase, given that demand for commercial loans this year has been weak. But banks that had been avoiding mergers, such as those that didn’t want to go over the $50 billion line, could be more inclined to deal-making, said Brian Klock, an analyst at Keefe, Bruyette & Woods.

The deal could dramatically lighten the regulatory burden on a wide swath of banks from Utah’s Zions Bancorp oration to M&T Bank Corp. in Buffalo, N.Y. Those banks in recent years have had to submit to detailed financial and risk exams in order to pay dividends to shareholders.

Many banks bristled at this annual “stress test” review done by the Federal Reserve, and some including Zions, Citizens Financial Group Inc., BB&T Corp. and SunTrust Banks Inc., failed the Fed’s annual test previously. The bill would lighten their stress-test load.

For stress tests alone, building a system to meet the Fed’s expectations could cost firms tens of millions of dollars or more. Liquidity rules governing banks’ cash holdings are another expensive regulatory exercise that the legislation could allow the Fed to ease.

Regional banks have said their smaller size and lack of interconnected trading businesses makes it unlikely that their demise could create systemic risk that would threaten the economy as Lehman Brothers’ failure did in 2008. Their critics say regional banks can be risky, pointing to the 2008 failure of IndyMac Bank.

Read More

  • The $50 Billion Question: What Makes a Bank Big? (May 30)
  • See the Banks Affected at Different Thresholds

The deal marks a setback for regional banks with assets above $250 billion, including U.S. Bancorp and PNC Financial Services Group Inc., which have urged policy makers to do away with asset-size thresholds altogether. They favor allowing regulators to apply rules based on their own judgment of firms’ riskiness.

“$50 billion? $250 billion? Why is that number any better than another?” U.S. Bancorp’s chief financial officer Terry Dolan said in an October interview. His firm has about $459 billion in assets.

PNC said in a statement Monday it was disappointed in lawmakers’ proposal. “As a Main Street Bank, PNC’s business model and risk profile are very similar to that of other regional banks, and very different from the systemically important Wall Street banks,” it said.

Monday’s deal is co-sponsored by nine Republicans, including Tim Scott of South Carolina and Bob Corker of Tennessee, along with nine Democrats, including Joe Donnelly of Indiana and Heidi Heitkamp of North Dakota. That is enough to clear both the banking panel and the full Senate, assuming all Republicans in the chamber support the bill.

In brokering the deal, Mr. Crapo left off key Republican goals such as attacking the Volcker rule, a ban on proprietary trading.

“This is the first proposal that has a legitimate shot at making it to the president’s desk,” said Milan Dalal, an attorney at lobbying firm Brownstein Hyatt Farber Schreck in Washington and a former aide to Sen. Mark Warner (D., Va.), who backed Monday’s deal.

Republicans hold just 52 seats in the Senate and generally need support from at least eight Democrats for legislation to pass a needed 60-vote threshold. The House, also controlled by Republicans, would need to act for the plan to clear Congress.

Liberal Senate Democrats, including Ohio Sen. Sherrod Brown, the top Democrat on the banking panel, attacked the legislation, saying it would do little to help “working families.”

Negotiations between Messrs. Brown and Crapo on a similar regulatory rollback broke down last month, prompting Mr. Crapo to seek a deal with moderate Democrats.

Mr. Crapo released a summary of the legislation Monday, without unveiling its text. It appears to send a message that Congress wants regulators to lighten the burden, though regulators still have broad authority to apply tough rules to banks they view as risky.

Regulators could immediately exempt firms with assets between $50 billion and $100 billion from stress tests and other rules that were mandatory under Dodd Frank, according to the summary of the legislation. Banks with between $100 billion and $250 billion in assets could get that treatment after 18 months, though the Fed could exempt them earlier. Banks in the latter group would still have to take periodic stress tests.

Presumably, banks that are no longer subject to stress-testing and other rules would be able to slash their costs, but Evercore ISI analyst John Pancari said he wasn’t sure if looser regulation would actually materialize into cost savings. “A lot of the banks view much of the cost that they’ve spent on that as sunk costs,” Mr. Pancari said. “So, for example, if they spent money on the robust monitoring of their risks, they are probably going to keep up what they built.”

The effect on each bank would depend on how close it is to the $250 billion threshold, Mr. Pancari said.

The legislation also is expected to include dozens of other provisions, some of which have been previously floated or discussed by lawmakers.

One targets credit bureaus in the wake of the hack of Equifax Inc., according to the summary. It would require credit bureaus to freeze and unfreeze consumers’ credit for free once a year.

https://www.wsj.com/articles/senate-lawmakers-reach-tentative-deal-to-ease-post-crisis-bank-rules-1510593991

Advertisements

Russia’s Kaspersky to Allow Outside Review of Its Cybersecurity Software

October 23, 2017

Company hopes sharing source code will build trust after allegations its software helped Russia spy on Americans

Kaspersky Lab, the Moscow-based cybersecurity firm whose software U.S. officials suspect helped the Russian government spy on Americans, promised to make its source code available for an independent review.

The company said Monday the review is part of a “global transparency initiative” that it hopes will improve the trustworthiness of its products. It said it would hand over the source code for its software in the first quarter of next year but didn’t specify who would undertake the review or how widely the code would be…

 https://www.wsj.com/articles/russian-cybersecurity-firm-kaspersky-to-make-source-code-available-for-review-1508756502
.
Related:
.
.
.

Image result for Eugene Kaspersky, photos

Eugene Kaspersky

*****************************************************

Kaspersky fights spying claims with code review plan

October 23, 2017 — 0745

Apple Pay now in 20 markets, nabs 90% of all mobile contactless transactions where active

Russian cybersecurity software maker Kaspersky Labs has announced what it’s dubbing a “comprehensive transparency initiative” as the company seeks to beat back suspicion that its antivirus software has been hacked or penetrated by the Russian government and used as a route for scooping up US intelligence.

In a post on its website today the Moscow-based company has published a four point plan to try to win back customer trust, saying it will be submitting its source code for independent review, starting in Q1 2018. It hasn’t yet specified who will be conducting the review but says it will be “undertaken with an internationally recognized authority”.

It has also announced an independent review of its internal processes — aimed at verifying the “integrity of our solutions and processes”. And says it will also be establishing three “transparency centers” outside its home turf in the next three years — to enable “clients, government bodies and concerned organizations to review source code, update code and threat detection rules”.

It says the first center will be up and running in 2018, and all three will be live by 2020. The locations are listed generally as: Asia, Europe and the U.S.

No automatic alt text available.

Finally it’s also increasing its bug bounty rewards — saying it will pay up to $100K per discovered vulnerability in its main Kaspersky Lab products.

That’s a substantial ramping up of its current program which — as of April this year — could pay out up to $5,000 per discovered remote code execution bugs. (And, prior to that, up to $2,000 only.)

Kaspersky’s moves follow a ban announced by the US Department of Homeland Security on its software last month, citing concerns about ties between “certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks”.

The US Senate swiftly followed suit, voting to oust Kaspersky software from federal use. While three months earlier the General Services Administration also removed Kaspersky Lab from a list of approved federal vendors.

The extensive system-wide permissions of antivirus software could certainly make it an attractive target for government agents seeking to spy on adversaries and scoop up data, given the trust it demands of its users.

The WSJ has previously reported that Russian hackers working for the government were able to obtain classified documents from an NSA employee who had stored them on a personal computer that ran Kaspersky software.

Earlier this month CEO Eugene Kaspersky blogged at length — rebutting what he dubbed “false allegations in U.S. media”, and writing: “Our mission is to protect our users and their data. Surveillance, snooping, spying, eavesdropping… all that is done by espionage agencies (which we occasionally catch out and tell the world about), not us.”

We’re proud to keep on protecting people against all cyberthreats – no matter of false allegations in U.S. media https://kas.pr/x78t 

Photo published for What’s going on?

What’s going on?

I doubt you’ll have missed how over the last couple months our company has suffered an unrelenting negative-news campaign in the U.S. press.

eugene.kaspersky.com

But when your business relies so firmly on user trust — and is headquartered close to the Kremlin, to boot — words may evidently not be enough. Hence Kaspersky now announcing a raft of “transparency” actions.

Whether those actions will be enough to restore the confidence of US government agencies in Russian-built software is another matter though.

Kaspersky hasn’t yet named who its external reviewers will be, either. But reached for comment, a company spokeswoman told us: “We will announce selected partners shortly. Kaspersky Lab remains focused on finding independent experts with strong credentials in software security and assurance testing for cybersecurity products. Some recommended competencies include, but are not limited to, technical audits, code base reviews, vulnerability assessments, architectural risk analysis, secure development lifecycle process reviews, etc. Taking a multi-stakeholder approach, we welcome input and recommendations from interested parties at transparency@kaspersky.com

She also sent the following general company statement:

Kaspersky Lab was not involved in and does not possess any knowledge of the situation in question, and the company reiterates its willingness to work alongside U.S. authorities to address any concerns they may have about its products as well as its systems.

As there has not been any evidence presented, Kaspersky Lab cannot investigate these unsubstantiated claims, and if there is any indication that the company’s systems may have been exploited, we respectfully request relevant parties responsibly provide the company with verifiable information. It’s disappointing that these unverified claims continue to perpetuate the narrative of a company which, in its 20 year history, has never helped any government in the world with its cyberespionage efforts.

In addition, with regards to unverified assertions that this situation relates to Duqu2, a sophisticated cyber-attack of which Kaspersky Lab was not the only target, we are confident that we have identified and removed all of the infections that happened during that incident. Furthermore, Kaspersky Lab publicly reported the attack, and the company offered its assistance to affected or interested organisations to help mitigate this threat.

Contrary to erroneous reports, Kaspersky Lab technologies are designed and used for the sole purpose of detecting all kinds of threats, including nation-state sponsored malware, regardless of the origin or purpose. The company tracks more than 100 advanced persistent threat actors and operations, and for 20 years, Kaspersky Lab has been focused on protecting people and organisations from these cyberthreats — its headquarters’ location doesn’t change that mission.

“We want to show how we’re completely open and transparent. We’ve nothing to hide,” added Kaspersky in another statement.

Interestingly enough, the move is pushing in the opposite direction of US-based cybersecurity firm Symantec — which earlier this month announced it would no longer be allowing governments to review the source code of its software because of fears the agreements would compromise the security of its products.

Source:https://techcrunch.com/2017/10/23/kaspersky-fights-spying-claims-with-code-review-plan/

Chinese Banks in Need of a Stiff Quality Check

October 23, 2017

When Chinese banks start reporting their third quarter earnings this week, investors should pay particular attention to their asset quality.

.

By Anjani Trivedi
The Wall Street Journal
Oct. 23, 2017 1:41 a.m. ET

Chinese bank stocks have been on a tear this year, with many now trading close to their book values—a sign that investors trust their financial reports more than they have in some time. With leading Chinese banks due to start reporting their latest earnings this week, it’s time for a more realistic assessment.

China’s banks have been vital forces behind the explosive growth of credit across the economy, with corporate debt now estimated at around 250% of GDP. They have played a critical role in the rise of shadow banking too.

The country’s biggest banks, whose shares are up 21% this year—the likes of ICBC and Bank of China —have also been faithful executors of Beijing’s will, directing credit to sectors the government favors and propping up debt-challenged state-owned enterprises. Chinese President Xi Jinping’s speech to the Communist Party’s congress last week made clear that the state’s role in directing the country’s economy is only set to grow.

Image result for Bank of China, photos

For investors, the question is where this leaves banks’ asset quality—a key driver of their share prices. Over the past 4 ½ years, Chinese banks have recognized some 5 trillion yuan ($760 billion) of bad loans. Even so, official estimates of nonperforming loans in the overall banking system still put them at 1%-2% of assets; the most bearish independent analysts reckon the real figure could be up to 20%. The truth is hard to know but there is plenty of troubling evidence that bad loans are understated and more are at risk of going bad.

Even though state-owned enterprises’ profitability has ticked up, their debt has too—and at a higher interest rate, hampering their ability to repay. Their liabilities continue to rise as well, up 11.4% in the first half of this year. Meanwhile, the amount of so-called special mention loans—those that are overdue but which haven’t yet been written off—that banks record has been rising sharply.

Any correction in China’s frothy property market could spark a rise in nonperforming loans. When property prices in the city of Wenzhou—a wealthy coastal town that has seen dramatic housing price fluctuations—dropped almost 50%, the NPL ratio for banks there surged more than 4 percentage points, according to Deutsche Bank analysts.

For the past year, Beijing has tried to clear out bad debts. It has set up more than a dozen asset managers whose role it is to manage distressed debts bought up from the banks. It has put in place programs that allow banks to swap debt for equity in companies, and let them securitize bad loans.

All this, though, amounts to rotating China’s bad-loan problem around the financial system. It may be time for investors to go back to basics, and question the banks’ original balance sheets harder.

Write to Anjani Trivedi at anjani.trivedi@wsj.com

https://www.wsj.com/articles/chinese-banks-in-need-of-a-stiff-quality-check-1508737264

Millions caught in South Africa’s cyber breach — Called “the worst data breach in history”

October 21, 2017
  • 20 October 2017
Photograph of local website running cyber breach article
South Africa has been hit by what is described as the worst data breach in history

Authorities in South Africa are investigating a data breach which has seen the personal details of more than 30 million citizens leaked on the internet – placing them at risk of identity theft.

The information contained in a 27GB file was discovered by Australia-based internet security expert Tony Hunt earlier this week.

It contains their names, full identity numbers, income, gender, employment history, contact numbers and even home addresses.

South Africa’s population is about 54 million, so more than half of the country is affected by what has been described as the country’s worst leak of private data.

The country’s State Security Agency (SSA) would not be drawn into discussing the implications of such a breach and whether it could threaten security.

“We are looking in to the matter. There is an investigation. We are obviously very concerned,” SSA spokesperson Brian Dube told the BBC.

“It’s important to us to get to the bottom of this, see how it came about and do whatever we have to do, to deal with it,” he said.

Local newspaper, The Times, is reporting that the breach has even reached senior politicians, including President Jacob Zuma, but this has not been confirmed.

What could go wrong?

There are many unknowns.

According to Mr Hunt, the file dates back to April 2015 but it is not clear how long the information was on the internet prior to his find.

Fingers on keyboard
The file has since been removed but it is not clear how many people have already accessed it

The information could have been accessed by anyone from anywhere in the world if they knew what to look for.

Experts say this is the sort of data that companies would pay good money for.

Mr Hunt said on Twitter this week that the data breach “is one of the worst I’ve ever seen on many levels”.

The server of a property company called Jigsaw Holdings appears to be the source of the breach, this was traced through an IP address, according to local reports.

While Jigsaw has not been available for comment, it is not believed the cyber breach was a result of malice or negligence.

What happens now?

Some local newspapers have been calling for South Africans to use Mr Hunt’s website haveibeenpwned which works by checking one’s email address to see if their account has been compromised.

I took his advice. I’ve been using a private email address for years which I have always believed to be secure – but it turns out I’m in the 30 million.

It is not clear what happens now and perhaps that is the part that is most unnerving – do you wait until you are a target? Will you be a target? Do you warn your credit providers? Or simply do nothing?

So what’s the risk?

The publisher of Stuff Magazine, a technology magazine in South Africa, says in the wrong hands, the information could be used to impersonate people.

“All of this information could be used to open a bank account, a credit card account and they would use it knowing that someone will else have to pay for it when the bill comes,” Radio 702 quotes Toby Shapshak as saying.

He also speculated in the same interview that as many as 60 million people have had their personal data compromised, if you include the details of people who have died.

Time to panic?

South Africa’s banking institutions are said to be among the safest in the world, but they could be caught off-guard if the information was misused.

Cyber crime graphic image
Experts say cyber crime is still not taken as seriously as conventional crime despite its links in some cases to terrorism. ISTOCK photo

It is said to be the largest leak of the details of private citizens in the country’s history – and yet it seems to have gone largely undetected.

There is no outcry.

But Mr Shapshak says South Africans “should panic”.

“Yes the data may be five years old but our ID numbers stay the same, our employment history stays the same and these are the sort of things that make it possible to create fake identities. It is a serious problem and I’m not being paranoid.”

Experts say cyber crime is still not taken as seriously as conventional crime, even though it can be used to fund all sorts of illicit activities including terrorism. While the possibility of identity theft could open a whole new door for criminals here.

“It’s too early to say anything at this moment… There are a lot of reports going around, but we are concerned and looking into it,” said Mr Dube.

And so we wait – and hope that the right people are doing all the right things to protect the country’s citizens from those who live on the dark web.

http://www.bbc.com/news/world-africa-41696703

Qatar crisis sends tremors through banking in the Gulf

October 13, 2017

Image may contain: skyscraper, sky, night and outdoor

By Simeon Kerr

.
While north Africa and the Levant have been beset by revolt and civil war in Syria and Libya in recent years, the Gulf states have remained a haven of relative stability. However, the political isolation of gas-rich Qatar this year has brought uncertainty to oil-wealthy Gulf Cooperation Council nations already suffering economic damage from the crude price collapse three years ago.

In June, Saudi Arabia and the United Arab Emirates led Bahrain and Egypt in closing airports and seaports to Qatar, claiming it fostered terrorism. Doha denies this but is now isolated from the leading GCC powers.

Travel and trade restrictions leave Qatar facing significant costs, with credit rating agency Moody’s saying the its future depends on the outcome of the crisis. “The severity of the diplomatic dispute between Gulf countries is unprecedented, which magnifies the uncertainty over the ultimate economic, fiscal and social impact on the GCC as a whole,” says Steffen Dyck, a senior credit officer at Moody’s.

Bankers are adjusting to a likely protracted dispute, in addition to lower government spending that has constrained growth in the region since oil prices collapsed.

As banks from the four nations began removing term deposits held in Qatar, Doha drew on its vast wealth to sustain its economy. Moody’s says Qatar injected almost $40bn out of reserves of $340bn to support its economy and financial system during the first two months of the dispute.

Before the crisis, overseas customer deposits made up about a quarter of all deposit funding in the banking sector but that has fallen to an estimated 18-19 per cent, according to Fitch, the rating agency. In June and July, there were large net outflows of non-domestic customer deposits of $8bn and of overseas deposits and borrowings of $15bn, according to official data. More outflows of GCC money are expected as deposits mature, Fitch says.

However, in that period the government and public sector have placed deposits in the banking system of about $19bn, while central bank support amounted to $9bn, Fitch says.

“Fundamentally, the outflow of non-domestic money is being replaced by an inflow of domestic money,” says Redmond Ramsdale, a senior director of financial institutions at Fitch Ratings. Fitch says overseas money is starting to return. Central bank statistics show overall funding for the Qatari banking sector rose in August, up 1 per cent on July.

Asian banks have been rolling over deposits, albeit at higher premiums of 25 to 30 basis points. Qatar National Bank closed a $630m Formosa bond issue in Taiwan in September, signalling confidence among many Asian investors. “We are extending our lines of credit to Qatari clients,” says one banker with an Asian institution. “There is good money to be made.”

Image result for Qatar National Bank, photos

Most international lenders have continued normal relations with Qatar. “We are a global bank operating across a broad political spectrum, we are not party to any dispute,” says a senior banker with a European lender. “So we will abide by any international sanctions, but beyond that it is business as usual.”

As global finance adjusts to the new geopolitical realities, Qatar will have to pay five to 10 basis points more than before the crisis to raise money on capital markets, says one banker with a US institution. “The credit needs to be reset and the sovereign needs to issue first. But Qatar is a small country, sitting on large reserves . . . so we aren’t concerned.”

Some officials in Abu Dhabi, the UAE capital, have called on international companies to choose between the UAE and Qatar. Bankers say UAE-owned institutions are reluctant to grant mandates to banks with significant Qatari shareholders. And some foreign bankers are worried about losing business in Saudi Arabia and the UAE. “We have to be very careful about being seen to do business with Qatar,” says another Asian banker.

The sense that regional businesses are being forced to take sides is a problem for some bankers in the Dubai International Financial Centre. “No one wins from this situation and we all pay a price . . . there is a regional impact,” says the European banker.

The DIFC, a special economic zone that is a base for more than 21,000 workers and 1,750 companies, positions itself as the regional launch pad for international financiers. The centre grew at 6 per cent in the first half of 2017, despite fears that the cost of doing business in Dubai makes the city less competitive in the tougher trading climate with lower oil prices.

Doha airport, once an hour’s hop from Dubai, is now reached via Oman or Kuwait. This means Qatari clients cannot travel to the UAE to meet financiers and manage portfolios.

Executives fear that Dubai will be hit by the collapse in trade with Qatar, once a main export destination for construction materials. Qatar is in the middle of a $200bn infrastructure investment for the 2022 World Cup.

Qatar’s imports slumped by 40 per cent year on year for June 2017 as the boycott bit. Imports from the UAE fell by two-thirds in the same month, illustrating its importance as an import-export hub for Doha.

Much of this re-export business has moved to Oman, which — like Kuwait — has remained neutral. Imports rebounded in August, showing Qatar’s ability to limit the embargo’s impact by switching supply routes. “The Qatar crisis will not bring Dubai down, but it is natural to expect an impact,” says the European banker.

Officials concede that Dubai cannot disentangle itself from the UAE’s role in the embargo. The UAE central bank ordered lenders in the federation to impose enhanced due diligence measures on six Qatari lenders. The DIFC’s regulator has also told entities operating in the centre to follow these measures, according to a document seen by the FT.

Some DIFC entities have expressed concern about a requirement to detail compliance procedures relating to their dealings with well-known lenders including Qatar National Bank, one of the region’s largest. “I thought we’d signed up to an international financial centre,” says one western banker. “Not one exposed to local politics.”

https://www.ft.com/content/8a1dc1dc-87df-11e7-8bb1-5ba57d47eff7

US agencies banned from using Russia’s Kaspersky software

September 14, 2017

Federal agencies in the US have 90 days to wipe Kaspersky software from their computers. Officials are concerned about the Russian company’s ties to the Kremlin and possible threats to national security.

Headquarters of Internet security giant Kaspersky in Moscow (Getty Images/AFP/K. Kudryavtsev)

The administration of US President Donald Trump has ordered government agencies to remove products made by Russian company Kaspersky Labs from their computers.

The Department of Homeland Security (DHS) said Wednesday it was concerned that the cybersecurity firm was susceptible to pressure from Moscow and thus a potential threat to national security.

Read more: Facebook, Russia and the US elections – what you need to know

DHS said in a statement that it was “concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies,” as well as Russian laws that might compel Kaspersky to hand over information to the government.

But the makers of the popular anti-virus software have said “no credible evidence has been presented publicly by anyone or any organization as the accusations are based on false allegations and inaccurate assumptions.”

US tech retailer Best Buy confirmed earlier Wednesday that it would no longer sell Kaspersky products, but has declined to give further details on the decision.

Ties between Kaspersky, Kremlin ‘alarming’

Civilian government agencies have 90 days to completely remove Kaspersky software from their computers. The products have already been banned in the Pentagon.

US congressional leaders have applauded the move. Democratic Senator Jeanne Shaheen said the “strong ties between Kaspersky Lab and the Kremlin are alarming and well-documented,” and asked the DHS if the company’s products were used for any critical infrastructure, such as for voting systems, banks and energy supply.

Although Kaspersky Labs was founded by a KGB-trained entrepreneur, Eugene Kaspersky, and has done work for Russian intelligence, the company has repeatedly denied carrying out espionage on behalf of President Vladimir Putin and his government.

es/cmk (AP, Reuters)

http://www.dw.com/en/us-agencies-banned-from-using-russias-kaspersky-software/a-40500232

Briton extradited from Germany for allegedly hacking two UK banks

August 31, 2017

AFP

© AFP/File | Services at British banks Lloyds and Barclays were disrupted by cyber attacks in January
LONDON (AFP) – A British man was due in court on Thursday after being extradited from Germany for allegedly launching cyber attacks against two of Britain’s best known high-street banks and attempting to blackmail them.Services at Lloyds and Barclays banks were disrupted by the cyber attacks in January, the National Crime Agency said in a statement following a joint investigation with Germany’s federal crime bureau BKA.

The attack on Lloyds Banking Group lasted three days and prevented some customers using their online accounts, although a bank spokeswoman said that no customer details or accounts were compromised.

Daniel Kaye, 29, allegedly orchestrated so-called distributed denial of service (DDoS) attacks.

He also faces a charge that he “endangered human welfare” with an alleged cyber attack against Lonestar MTN, Liberia’s biggest internet provider, the NCA said in its statement on Wednesday.

He was extradited on Wednesday on a European arrest warrant.

“The investigation leading to these charges was complex and crossed borders,” said Luke Wyllie, senior operations manager at the NCA.

“Cyber crime is not victimless and we are determined to bring suspects before the courts,” he said.

Weakening UK growth outlook as the country negotiates its exit from the European Union

August 4, 2017

AFP

© AFP/File / by Jean-Baptiste OUBRIER | British multinationals have delivered upbeat earnings as Brexit looms

LONDON (AFP) – British multinationals delivered upbeat earnings for the first half in contrast to a weakening UK growth outlook as the country negotiates its exit from the European Union.

Banks and energy groups in particular enjoyed a strong earnings season, mirroring the situation in the US, even though it was more a result of cost-cutting and favourable currency movements than underlying strength of individual companies.

“If you look at the big guys they’re doing pretty well,” ETX Capital analyst Neil Wilson told AFP.

“Banks HSBC and Standard Chartered did well, oil majors are turning profits again and miners are enjoying strong recoveries.”

Wilson added: “These are all exposed to international markets heavily so insulated from Brexit pretty much entirely. I think it’s worth noting the international nature of the FTSE 100 and bulk of earnings from abroad.”

No automatic alt text available.

Companies like oil giant BP, mining group Rio Tinto and drugmaker AstraZeneca — which all trade on London’s benchmark FTSE 100 stocks index — report in dollars and so have benefitted from a Brexit-fuelled slump in the pound.

In addition they are not really exposed to happenings in the wider UK economy owing to the international nature of their businesses.

“Seventy percent of FTSE sales are derived outside the UK so earnings are more a reflection of global growth and (the situation with) commodities than the UK economy,” said Caroline Simmons, deputy head of the UK investment office at UBS Wealth Management.

The Bank of England on Thursday cut its UK growth forecasts with governor Mark Carney warning that high inflation triggered by the pound’s slump had hurt consumer spending.

His warning, coming after the BoE left its key interest rate at a record-low 0.25 percent at a regular policy meeting this week, sent the pound tumbling to a nine-month low against the euro, as policymakers appeared to shift away from raising borrowing costs any time soon.

With consumers feeling the pinch, Brexit could still affect some sectors negatively, “especially financials, consumer and beverages and domestic mid-caps, although this is partially priced” in already, Simmons added.

“However if Brexit news deteriorates then it could cause renewed pound weakness which would benefit the international companies in other sectors.”

Among the banks, HSBC and bailed-out RBS stood out, with the latter on Friday rebounding into a second-quarter profit.

“We’re doing what we said we would at our full-year results in February — growing income, reducing cost and improving returns for shareholders, while also starting to deliver a better service for customers,” said RBS chief executive Ross McEwan.

Earlier in the week, HSBC announced rising first-half profits as it slashed costs and as revenues climbed on recovering financial markets.

Thanks to net profit jumping 10 percent to almost $7.0 billion, HSBC said it would buy back about $2.0 billion worth of its shares — news that sent the stock’s price higher.

-Property woes –

Away from the successful multinationals, Britain’s construction and property sectors have found it much harder in recent months.

London estate agent Foxtons recently said it had fallen victim to the lower demand as it reported a 64-percent drop in pre-tax profits for the first six months of the year.

Foxtons boss Nic Budden said in a statement that the company’s performance “has been further impacted by unprecedented economic and political uncertainty”.

The Foxtons announcement was the latest sign of a cooling in Britain’s property market as what happens in London tends to have a knock-on effect around the country.

by Jean-Baptiste OUBRIER

Muslim Clerics offering religious edicts in Cairo metro stir debate

August 1, 2017

The Associated Press

Image result for Al-Azhar clerics, photos

CAIRO (AP) — Reda el-Sebaay was taking the subway while on a short business trip to Cairo from a Nile Delta city when he stumbled upon clerics offering religious advice or fatwas — answers to any question a Muslim follower might have.

The 45-year-old civil servant had been pre-occupied for weeks about how he and his sisters would settle their inheritance. He wanted it to be fair and act according to Muslim teachings but he didn’t want to have to call a religious hotline and wait endlessly for an answer.

Fatwas are religious edicts or pronouncements, often on major issues related to Islamic teachings. But they also provide guidance on matters of everyday life, including starting up a grocery store or any other private business, who to marry and whether it is permissible under Islam to accept banks’ interest rates.

The booth in Cairo’s al-Shohada subway station was set up earlier this month by Egypt’s Al-Azhar, the   Sunni Muslim world’s foremost religious institution, with the idea to offer Muslim worshippers a way to plug in fast to Islamic teachings — even while commuting to work. More booths are planned for later, at other subway stops.

Image may contain: 1 person

Cairo metro station booth to consult with Muslim Al-Azhar clerics for religious advice, to commuters. (AP Photo/Nariman El-Mofty, File)

The idea, however, is also part of a broader push to correct misconceptions and misinterpretations of religious texts seen as fostering Islamic militancy in the country.

The move came after militants killed at least 28 security personnel in two separate attacks in early July in the restive Sinai Peninsula and near some of Egypt’s most famous pyramids outside of Cairo. More than 100 Copts have been killed in four separate attacks — including church suicide bombings — by Egypt’s Islamic State affiliate since December.

“It’s surely a good idea. It saves a lot of time and effort for people,” el-Sebaay told The Associated Press just before stepping into the booth, where three Al-Azhar clerics in white turbans were waiting to hear his question.

But the institute’s decision to set up the booths has sparked a wide controversy, both on social media and offline. Critics argue that rooting out extremist ideology will not happen in metro stations. Many have slammed Al-Azhar for setting up the booth in a public place, used by all sectors of the Egyptian society, to spread the teachings of Islam.

“This is not its place at all,” said Beshoy Mikhail, a 24-year-old Coptic Christian. “I am completely against the idea.”

Mikhail believes that if Muslim clerics can set up advice booths in subways, Coptic priests should be allowed to do the same.

Several human rights activists said the move is somewhat discriminatory.

“We see the government feeding more religious education and interference of religion in the day-to-day life,” activist Sherif Azer said.

Egyptian President Abdel-Fattah el-Sissi has repeatedly blamed what he says is outdated religious discourse for the rising Islamic militancy in the country that has targeted mainly security personnel and Coptic Christians.

He has called on Al-Azhar, which touts itself as the voice of moderation, to lead the “modernization of religious discourse” since he took office in 2014, following the 2013 ouster of Islamist President Mohammed Morsi whose one-year rule proved divisive.

The Ministry of Endowments, which handles religious affairs in Egypt, has taken some measures to exert more control.

Imams have been asked to read standardized government-written sermons during Friday prayers, the high point of the Muslim week. Some small mosques across the country have been closed and any cleric labelled a hard-liner has been barred from preaching in mosques.

Al-Azhar has also tasked a number of clerics to preach in coffee and tea houses across the nation.

Amr Ezzat of the Egyptian Initiative for Personal Rights said Al-Azhar is trying to “market itself in attempts to reach out to people.”

“The state is treating religion as if it is public service,” Ezzat said.

Subway booths won’t root out extremists, he said, and militants “wouldn’t visit Al-Azhar clerics” in metro stations anyway, since they vehemently oppose the institute.

But Al-Azhar’s secretary-general Mohi el-Din Afifi said plans for more booths are continuing.

“They will be everywhere, not only in the metro,” he said.

North Korea’s Army of Hackers Has a New Target: Bank Accounts — “Operates Like Organized Crime”

July 27, 2017

Emphasis on finances represents a significant shift from Pyongyang’s prior patterns of attack

North Korean leader Kim Jong Un watches a military parade in Pyongyang.
North Korean leader Kim Jong Un watches a military parade in Pyongyang. PHOTO: WONG MAYE-E/ASSOCIATED PRESS
.

July 27, 2017 12:05 a.m. ET

SEOUL—North Korea’s cyberarmy has splintered into multiple groups and is unleashing orchestrated attacks increasingly focused on funneling stolen funds to the secretive nation, according to a government-backed South Korean report released Thursday.

The emphasis on finances represents a significant shift from Pyongyang’s prior patterns of attack seeking to obtain military information, destabilize networks or intimidate. It also shows how North Korea’s fast-evolving—but costly—nuclear-missile program has accelerated its need for cash as it is subjected to financial sanctions.

Pyongyang has been blamed for major cyberattacks including 2014’s Sony Pictures Entertainment hack, last year’s daring cyberheist at Bangladesh’s central bank and this year’s WannaCry global ransomware attack.

Cybersecurity researchers have long suspected the hacking group Lazarus carried out those attacks with the backing of North Korea. Earlier this year, Russian cybersecurity firm Kaspersky Lab AO identified an offshoot of Lazarus, called BlueNoroff, which specializes in heists of foreign financial institutions.

In the new report, the government-funded Korea Financial Security Institute said it had identified a second group linked with Lazarus that has carried out a range of cyberattacks on South Korea. FSI researchers found eight attacks from 2013 to May conducted by this new hacking operative, which they call “Andariel,” and whose coding and internet-protocol address bear similarities to Lazarus attacks.

The efforts include even low-level scams such as planting malware in South Korean ATMs to steal bank-card information, according to the FSI report, the country’s first-ever public report on North Korean cyberattacks, with law enforcement and intelligence officials getting briefed on the findings. That is behavior more typical of an organized-crime ring.

Image may contain: 2 people, people standing

 Kim Jong-un North Korea’s top leader, and his wife Ri Sol-ju in

North Korean operatives then sold the swiped data to people in Taiwan, China and Thailand who would try to withdraw money from ATMs in their own regions. But only several thousand dollars were withdrawn before South Korean law enforcement identified the ruse after six days.

“North Korea now cares more about making money than causing disruptions or cyberterrorism,” said Joon Kim, owner of Naru Security Inc., who has advised South Korean law enforcement on cyber issues.

South Koreans have a unique lens into North Korea’s cyberoffenses, as Pyongyang’s longest-running and most frequent target. South Korean government groups and agencies withstand 1.4 million hacking attempts a day, according to law-enforcement and intelligence officials.

The eight Andariel attacks shared similarities in hacking tools and encrypted codes. To access “web shells,” or servers used by hackers that allow them to control computers remotely, the Andariel group used one of two passwords: “iamboss” or “youaredied,” according to a person familiar with Andariel’s techniques.

Andariel has also recently teamed up with BlueNoroff to target a large South Korean financial institution, according to the FSI report. The institution wasn’t identified.

Korea Internet and Security Agency employees monitor possible ransomware cyberattacks.
Korea Internet and Security Agency employees monitor possible ransomware cyberattacks. PHOTO: YUN DONG-JIN/ASSOCIATED PRESS
.

The report helps paint a fuller picture over how North Korea’s digital army has grown into a web of specialist teams.

“The problem is that it’s not just simple attacks anymore with North Korea. It’s more orchestrated now, as if it were a military operation,” said Kim Seung-joo, a Korea University professor who sits on a South Korean government cybersecurity advisory team.

The broader Lazarus group, discreet and meticulous in covering its tracks, has specialized in breaching computers or networks, foreign and South Korean cybersecurity experts said. BlueNoroff then follows up with the actual heists or data swipes with less regard for cloaking its moves.

Outside of South Korea, the Lazarus group has recently set its sights on casinos, financial-trade software firms—and even organized-crime rings, said Vitaly Kamluk, a global research and analysis director at Kaspersky Lab, who is focused on the Asia-Pacific region.

“It sounds like a perfect crime,” Mr. Kamluk said. “When you steal from a thief, nobody will go after you. Law-enforcement will focus on the criminal that stole the money in the first place.”

Lazarus and BlueNoroff in recent years have made attempts to breach financial companies or institutions in at least 18 countries, including Mexico, Norway and India, according to Kaspersky.

Write to Timothy W. Martin at timothy.martin@wsj.com

 

.
Related:
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.

 

 

Rigged Debates: Wikileaks Emails Confirm Media in Clinton’s Pocket