Posts Tagged ‘banks’

US agencies banned from using Russia’s Kaspersky software

September 14, 2017

Federal agencies in the US have 90 days to wipe Kaspersky software from their computers. Officials are concerned about the Russian company’s ties to the Kremlin and possible threats to national security.

Headquarters of Internet security giant Kaspersky in Moscow (Getty Images/AFP/K. Kudryavtsev)

The administration of US President Donald Trump has ordered government agencies to remove products made by Russian company Kaspersky Labs from their computers.

The Department of Homeland Security (DHS) said Wednesday it was concerned that the cybersecurity firm was susceptible to pressure from Moscow and thus a potential threat to national security.

Read more: Facebook, Russia and the US elections – what you need to know

DHS said in a statement that it was “concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies,” as well as Russian laws that might compel Kaspersky to hand over information to the government.

But the makers of the popular anti-virus software have said “no credible evidence has been presented publicly by anyone or any organization as the accusations are based on false allegations and inaccurate assumptions.”

US tech retailer Best Buy confirmed earlier Wednesday that it would no longer sell Kaspersky products, but has declined to give further details on the decision.

Ties between Kaspersky, Kremlin ‘alarming’

Civilian government agencies have 90 days to completely remove Kaspersky software from their computers. The products have already been banned in the Pentagon.

US congressional leaders have applauded the move. Democratic Senator Jeanne Shaheen said the “strong ties between Kaspersky Lab and the Kremlin are alarming and well-documented,” and asked the DHS if the company’s products were used for any critical infrastructure, such as for voting systems, banks and energy supply.

Although Kaspersky Labs was founded by a KGB-trained entrepreneur, Eugene Kaspersky, and has done work for Russian intelligence, the company has repeatedly denied carrying out espionage on behalf of President Vladimir Putin and his government.

es/cmk (AP, Reuters)


Briton extradited from Germany for allegedly hacking two UK banks

August 31, 2017


© AFP/File | Services at British banks Lloyds and Barclays were disrupted by cyber attacks in January
LONDON (AFP) – A British man was due in court on Thursday after being extradited from Germany for allegedly launching cyber attacks against two of Britain’s best known high-street banks and attempting to blackmail them.Services at Lloyds and Barclays banks were disrupted by the cyber attacks in January, the National Crime Agency said in a statement following a joint investigation with Germany’s federal crime bureau BKA.

The attack on Lloyds Banking Group lasted three days and prevented some customers using their online accounts, although a bank spokeswoman said that no customer details or accounts were compromised.

Daniel Kaye, 29, allegedly orchestrated so-called distributed denial of service (DDoS) attacks.

He also faces a charge that he “endangered human welfare” with an alleged cyber attack against Lonestar MTN, Liberia’s biggest internet provider, the NCA said in its statement on Wednesday.

He was extradited on Wednesday on a European arrest warrant.

“The investigation leading to these charges was complex and crossed borders,” said Luke Wyllie, senior operations manager at the NCA.

“Cyber crime is not victimless and we are determined to bring suspects before the courts,” he said.

Weakening UK growth outlook as the country negotiates its exit from the European Union

August 4, 2017


© AFP/File / by Jean-Baptiste OUBRIER | British multinationals have delivered upbeat earnings as Brexit looms

LONDON (AFP) – British multinationals delivered upbeat earnings for the first half in contrast to a weakening UK growth outlook as the country negotiates its exit from the European Union.

Banks and energy groups in particular enjoyed a strong earnings season, mirroring the situation in the US, even though it was more a result of cost-cutting and favourable currency movements than underlying strength of individual companies.

“If you look at the big guys they’re doing pretty well,” ETX Capital analyst Neil Wilson told AFP.

“Banks HSBC and Standard Chartered did well, oil majors are turning profits again and miners are enjoying strong recoveries.”

Wilson added: “These are all exposed to international markets heavily so insulated from Brexit pretty much entirely. I think it’s worth noting the international nature of the FTSE 100 and bulk of earnings from abroad.”

No automatic alt text available.

Companies like oil giant BP, mining group Rio Tinto and drugmaker AstraZeneca — which all trade on London’s benchmark FTSE 100 stocks index — report in dollars and so have benefitted from a Brexit-fuelled slump in the pound.

In addition they are not really exposed to happenings in the wider UK economy owing to the international nature of their businesses.

“Seventy percent of FTSE sales are derived outside the UK so earnings are more a reflection of global growth and (the situation with) commodities than the UK economy,” said Caroline Simmons, deputy head of the UK investment office at UBS Wealth Management.

The Bank of England on Thursday cut its UK growth forecasts with governor Mark Carney warning that high inflation triggered by the pound’s slump had hurt consumer spending.

His warning, coming after the BoE left its key interest rate at a record-low 0.25 percent at a regular policy meeting this week, sent the pound tumbling to a nine-month low against the euro, as policymakers appeared to shift away from raising borrowing costs any time soon.

With consumers feeling the pinch, Brexit could still affect some sectors negatively, “especially financials, consumer and beverages and domestic mid-caps, although this is partially priced” in already, Simmons added.

“However if Brexit news deteriorates then it could cause renewed pound weakness which would benefit the international companies in other sectors.”

Among the banks, HSBC and bailed-out RBS stood out, with the latter on Friday rebounding into a second-quarter profit.

“We’re doing what we said we would at our full-year results in February — growing income, reducing cost and improving returns for shareholders, while also starting to deliver a better service for customers,” said RBS chief executive Ross McEwan.

Earlier in the week, HSBC announced rising first-half profits as it slashed costs and as revenues climbed on recovering financial markets.

Thanks to net profit jumping 10 percent to almost $7.0 billion, HSBC said it would buy back about $2.0 billion worth of its shares — news that sent the stock’s price higher.

-Property woes –

Away from the successful multinationals, Britain’s construction and property sectors have found it much harder in recent months.

London estate agent Foxtons recently said it had fallen victim to the lower demand as it reported a 64-percent drop in pre-tax profits for the first six months of the year.

Foxtons boss Nic Budden said in a statement that the company’s performance “has been further impacted by unprecedented economic and political uncertainty”.

The Foxtons announcement was the latest sign of a cooling in Britain’s property market as what happens in London tends to have a knock-on effect around the country.

by Jean-Baptiste OUBRIER

Muslim Clerics offering religious edicts in Cairo metro stir debate

August 1, 2017

The Associated Press

Image result for Al-Azhar clerics, photos

CAIRO (AP) — Reda el-Sebaay was taking the subway while on a short business trip to Cairo from a Nile Delta city when he stumbled upon clerics offering religious advice or fatwas — answers to any question a Muslim follower might have.

The 45-year-old civil servant had been pre-occupied for weeks about how he and his sisters would settle their inheritance. He wanted it to be fair and act according to Muslim teachings but he didn’t want to have to call a religious hotline and wait endlessly for an answer.

Fatwas are religious edicts or pronouncements, often on major issues related to Islamic teachings. But they also provide guidance on matters of everyday life, including starting up a grocery store or any other private business, who to marry and whether it is permissible under Islam to accept banks’ interest rates.

The booth in Cairo’s al-Shohada subway station was set up earlier this month by Egypt’s Al-Azhar, the   Sunni Muslim world’s foremost religious institution, with the idea to offer Muslim worshippers a way to plug in fast to Islamic teachings — even while commuting to work. More booths are planned for later, at other subway stops.

Image may contain: 1 person

Cairo metro station booth to consult with Muslim Al-Azhar clerics for religious advice, to commuters. (AP Photo/Nariman El-Mofty, File)

The idea, however, is also part of a broader push to correct misconceptions and misinterpretations of religious texts seen as fostering Islamic militancy in the country.

The move came after militants killed at least 28 security personnel in two separate attacks in early July in the restive Sinai Peninsula and near some of Egypt’s most famous pyramids outside of Cairo. More than 100 Copts have been killed in four separate attacks — including church suicide bombings — by Egypt’s Islamic State affiliate since December.

“It’s surely a good idea. It saves a lot of time and effort for people,” el-Sebaay told The Associated Press just before stepping into the booth, where three Al-Azhar clerics in white turbans were waiting to hear his question.

But the institute’s decision to set up the booths has sparked a wide controversy, both on social media and offline. Critics argue that rooting out extremist ideology will not happen in metro stations. Many have slammed Al-Azhar for setting up the booth in a public place, used by all sectors of the Egyptian society, to spread the teachings of Islam.

“This is not its place at all,” said Beshoy Mikhail, a 24-year-old Coptic Christian. “I am completely against the idea.”

Mikhail believes that if Muslim clerics can set up advice booths in subways, Coptic priests should be allowed to do the same.

Several human rights activists said the move is somewhat discriminatory.

“We see the government feeding more religious education and interference of religion in the day-to-day life,” activist Sherif Azer said.

Egyptian President Abdel-Fattah el-Sissi has repeatedly blamed what he says is outdated religious discourse for the rising Islamic militancy in the country that has targeted mainly security personnel and Coptic Christians.

He has called on Al-Azhar, which touts itself as the voice of moderation, to lead the “modernization of religious discourse” since he took office in 2014, following the 2013 ouster of Islamist President Mohammed Morsi whose one-year rule proved divisive.

The Ministry of Endowments, which handles religious affairs in Egypt, has taken some measures to exert more control.

Imams have been asked to read standardized government-written sermons during Friday prayers, the high point of the Muslim week. Some small mosques across the country have been closed and any cleric labelled a hard-liner has been barred from preaching in mosques.

Al-Azhar has also tasked a number of clerics to preach in coffee and tea houses across the nation.

Amr Ezzat of the Egyptian Initiative for Personal Rights said Al-Azhar is trying to “market itself in attempts to reach out to people.”

“The state is treating religion as if it is public service,” Ezzat said.

Subway booths won’t root out extremists, he said, and militants “wouldn’t visit Al-Azhar clerics” in metro stations anyway, since they vehemently oppose the institute.

But Al-Azhar’s secretary-general Mohi el-Din Afifi said plans for more booths are continuing.

“They will be everywhere, not only in the metro,” he said.

North Korea’s Army of Hackers Has a New Target: Bank Accounts — “Operates Like Organized Crime”

July 27, 2017

Emphasis on finances represents a significant shift from Pyongyang’s prior patterns of attack

North Korean leader Kim Jong Un watches a military parade in Pyongyang.
North Korean leader Kim Jong Un watches a military parade in Pyongyang. PHOTO: WONG MAYE-E/ASSOCIATED PRESS

July 27, 2017 12:05 a.m. ET

SEOUL—North Korea’s cyberarmy has splintered into multiple groups and is unleashing orchestrated attacks increasingly focused on funneling stolen funds to the secretive nation, according to a government-backed South Korean report released Thursday.

The emphasis on finances represents a significant shift from Pyongyang’s prior patterns of attack seeking to obtain military information, destabilize networks or intimidate. It also shows how North Korea’s fast-evolving—but costly—nuclear-missile program has accelerated its need for cash as it is subjected to financial sanctions.

Pyongyang has been blamed for major cyberattacks including 2014’s Sony Pictures Entertainment hack, last year’s daring cyberheist at Bangladesh’s central bank and this year’s WannaCry global ransomware attack.

Cybersecurity researchers have long suspected the hacking group Lazarus carried out those attacks with the backing of North Korea. Earlier this year, Russian cybersecurity firm Kaspersky Lab AO identified an offshoot of Lazarus, called BlueNoroff, which specializes in heists of foreign financial institutions.

In the new report, the government-funded Korea Financial Security Institute said it had identified a second group linked with Lazarus that has carried out a range of cyberattacks on South Korea. FSI researchers found eight attacks from 2013 to May conducted by this new hacking operative, which they call “Andariel,” and whose coding and internet-protocol address bear similarities to Lazarus attacks.

The efforts include even low-level scams such as planting malware in South Korean ATMs to steal bank-card information, according to the FSI report, the country’s first-ever public report on North Korean cyberattacks, with law enforcement and intelligence officials getting briefed on the findings. That is behavior more typical of an organized-crime ring.

Image may contain: 2 people, people standing

 Kim Jong-un North Korea’s top leader, and his wife Ri Sol-ju in

North Korean operatives then sold the swiped data to people in Taiwan, China and Thailand who would try to withdraw money from ATMs in their own regions. But only several thousand dollars were withdrawn before South Korean law enforcement identified the ruse after six days.

“North Korea now cares more about making money than causing disruptions or cyberterrorism,” said Joon Kim, owner of Naru Security Inc., who has advised South Korean law enforcement on cyber issues.

South Koreans have a unique lens into North Korea’s cyberoffenses, as Pyongyang’s longest-running and most frequent target. South Korean government groups and agencies withstand 1.4 million hacking attempts a day, according to law-enforcement and intelligence officials.

The eight Andariel attacks shared similarities in hacking tools and encrypted codes. To access “web shells,” or servers used by hackers that allow them to control computers remotely, the Andariel group used one of two passwords: “iamboss” or “youaredied,” according to a person familiar with Andariel’s techniques.

Andariel has also recently teamed up with BlueNoroff to target a large South Korean financial institution, according to the FSI report. The institution wasn’t identified.

Korea Internet and Security Agency employees monitor possible ransomware cyberattacks.
Korea Internet and Security Agency employees monitor possible ransomware cyberattacks. PHOTO: YUN DONG-JIN/ASSOCIATED PRESS

The report helps paint a fuller picture over how North Korea’s digital army has grown into a web of specialist teams.

“The problem is that it’s not just simple attacks anymore with North Korea. It’s more orchestrated now, as if it were a military operation,” said Kim Seung-joo, a Korea University professor who sits on a South Korean government cybersecurity advisory team.

The broader Lazarus group, discreet and meticulous in covering its tracks, has specialized in breaching computers or networks, foreign and South Korean cybersecurity experts said. BlueNoroff then follows up with the actual heists or data swipes with less regard for cloaking its moves.

Outside of South Korea, the Lazarus group has recently set its sights on casinos, financial-trade software firms—and even organized-crime rings, said Vitaly Kamluk, a global research and analysis director at Kaspersky Lab, who is focused on the Asia-Pacific region.

“It sounds like a perfect crime,” Mr. Kamluk said. “When you steal from a thief, nobody will go after you. Law-enforcement will focus on the criminal that stole the money in the first place.”

Lazarus and BlueNoroff in recent years have made attempts to breach financial companies or institutions in at least 18 countries, including Mexico, Norway and India, according to Kaspersky.

Write to Timothy W. Martin at






Rigged Debates: Wikileaks Emails Confirm Media in Clinton’s Pocket


Cyberattack: List of victims

June 27, 2017


© AFP/File | Several major companies say they have been targeted in an international cyberattack

PARIS (AFP) – A major cyberattack unfolded on Tuesday, striking banks, corporations and infrastructure in Ukraine and Russia before spreading to western Europe and then the United States.Experts say the virus is a modified version of the so-called Petya ransomware, which hit last year and demanded money from victims in exchange for their data.

A similar virus called WannaCry infected more than 200,000 computers in more than 150 countries last month.

Following is a list of companies and organisations which say they have been a victim of the latest attack:

– Ukraine’s central bank, the National Bank of Ukraine

– Ukrainian bank Oschadbank

– Ukrainian delivery service company Nova Poshta

– Russian state oil giant Rosneft

Image result for Rosneft, photos

– Kyivenergo, Kiev power company

– Radiation monitoring system at Chernobyl

– Website of Kiev’s Boryspil international airport

– Danish sea transport company Maersk

– British advertising giant WPP

– French industrial group Saint-Gobain

– US pharmaceutical giant Merck


Manhunt for hackers behind global cyberattack

May 14, 2017

No automatic alt text available.

LONDON: International investigators hunted on Saturday (May 13) for those behind an unprecedented cyber-attack that affected systems in dozens of countries, including at banks, hospitals and government agencies, as security experts sought to contain the fallout.

The assault, which began Friday and was being described as the biggest-ever cyber ransom attack, struck state agencies and major companies around the world – from Russian banks and British hospitals to FedEx and European car factories.

“The recent attack is at an unprecedented level and will require a complex international investigation to identify the culprits,” said Europol, Europe’s police agency.

Europol said a special task force at its European Cybercrime Centre was “specially designed to assist in such investigations and will play an important role in supporting the investigation”.

The attacks used ransomware that apparently exploited a security flaw in Microsoft operating systems, locking users’ files unless they pay the attackers a designated sum in the virtual currency Bitcoin.

Images appeared on victims’ screens demanding payment of US$300 (€275) in Bitcoin, saying: “Ooops, your files have been encrypted!”

Payment is demanded within three days or the price is doubled, and if none is received within seven days the files will be deleted, according to the screen message.

But experts and government alike warn against ceding to the hackers’ demands.

“Paying the ransom does not guarantee the encrypted files will be released,” the US Department of Homeland Security’s computer emergency response team said.

“It only guarantees that the malicious actors receive the victim’s money, and in some cases, their banking information.”


Experts and officials offered differing estimates of the scope of the attacks, but all agreed it was huge.

Mikko Hypponen, chief research officer at the Helsinki-based cyber security company F-Secure, told AFP it was the biggest ransomware outbreak in history, saying that 130,000 systems in more than 100 countries had been affected.

He said Russia and India were hit particularly hard, largely because Microsoft’s Windows XP – one of the operating systems most at risk – was still widely used there.

French police said there were “more than 75,000 victims” around the globe, but cautioned that the number could increase “significantly”.

The virus spread quickly because the culprits used a digital code believed to have been developed by the US National Security Agency – and subsequently leaked as part of a document dump, according to researchers at the Moscow-based computer security firm Kaspersky Lab.

Microsoft said the situation was “painful” and that it was taking “all possible actions to protect our customers”.

It issued guidance for people to protect their systems, while taking the highly unusual step of reissuing security patches first made available in March for Windows XP and other older versions of its operating system.


US software firm Symantec said the majority of organisations affected were in Europe, and the attack was believed to be indiscriminate.

The companies and government agencies targeted were diverse.

In the United States, package delivery group FedEx said it was “implementing remediation steps as quickly as possible,” while French carmaker Renault was forced to stop production at sites in France, Slovenia and Romania.

Russia’s interior ministry said some of its computers had been hit by a “virus attack” and that efforts were underway to destroy it. The country’s banking system was also attacked, although no problems were detected, as was the railway system.

Germany’s rail operator Deutsche Bahn said its station display panels were affected. Universities in Greece and Italy also were hit.


Kaspersky said it was “trying to determine whether it is possible to decrypt data locked in the attack – with the aim of developing a decryption tool as soon as possible.”

On Saturday, a cyber security researcher told AFP he had accidentally discovered a “kill switch” that could prevent the spread of the ransomware.

The researcher, tweeting as @MalwareTechBlog, said registering a domain name used by the malware stops it from spreading, though it cannot help computers already affected.

“If you have anything to patch, patch it,” the researcher said in a blog post. “Now I should probably sleep.”


A hacking group called Shadow Brokers released the malware in April claiming to have discovered the flaw from the NSA, Kaspersky said.

“Unlike most other attacks, this malware is spreading primarily by direct infection from machine to machine on local networks, rather than purely by email,” said Lance Cottrell, chief scientist at the US technology group Ntrepid.

G7 finance ministers meeting in Italy vowed to unite against cyber crime, as it represented a growing threat to their economies and should be tackled as a priority. The danger will be discussed at the G7 leaders’ summit next month.

In Britain, the attack disrupted care at National Health Service facilities, forcing ambulances to divert and hospitals to postpone operations.

“There will be lessons to learn from what appears to be the biggest criminal cyber-attack in history,” Interior minister Amber Rudd said.

“But our immediate priority as a government is to disrupt the attack, restore affected services as soon as possible, and establish who was behind it so we can bring them to justice.”

Source: AFP/dl/ec



China Shakes Up Financial Regulators in Scramble for Stability

April 20, 2017

After encouraging liberalization to fuel a slowing economy, Beijing is becoming increasingly anxious about financial shock

For President Xi Jinping, a financial flare-up could detract from the Communist Party’s once-in-five-years leadership conclave expected this fall.

For President Xi Jinping, a financial flare-up could detract from the Communist Party’s once-in-five-years leadership conclave expected this fall. PHOTO: FRED DUFOUR/AGENCE FRANCE-PRESSE/GETTY IMAGES

April 20, 2017 4:53 a.m. ET

SHANGHAI—The Chinese government is trying to ensure financial-system stability in a pivotal political year by focusing on the officials who do the regulating.

China has removed three of its four top financial-industry regulators over the past year or so as it also tightens the reins on banks, brokerages and insurers. The latest to fall was liberalizing insurance regulator Xiang Junbo, who jazzed up a stodgy business but caused ripples beyond his agency’s purview.

After encouraging liberalization for banks, brokers and insurers in hopes of fueling a slowing economy, Beijing is becoming increasingly anxious about possible financial shock.

The new message for its regulators: back to basics.

Until recently, China’s leadership promoted broadening the financial sphere, from wider equity ownership and peer-to-peer lending to online insurance sales. The idea was to spur new consumption and business activity, open access to investments and loans and, in the case of insurance, energize a moribund industry.

But then came the $5 trillion stock meltdown of 2015. The government responded to the debacle by pumping in hundreds of billions of dollars in emergency support, restricting speculative instruments and firing the top market regulator. Since then, authorities have toppled the country’s leading hedge-fund manager, the head of the largest brokerage and the chairman of one of China’s Big Four banks on allegations of corruption. A billionaire with holdings across the financial sector, Xiao Jianhua, is presumed to be in custody.

New regulators are emphasizing tougher fundamental risk control by trying to clearly delineate responsibilities.

As they let financial firms experiment, China’s various regulatory agencies failed to coordinate. The International Monetary Fund highlighted gray areas in regulation as a medium-term economic risk in a mid-2016 report that described “the increasingly large, opaque and interconnected financial sector.”

The back-to-basics push is meant to neutralize chances a financial flare-up could detract from the Communist Party’s once-in-five-years leadership conclave expected late this year, when President Xi Jinping needs support to increase his power.

“This is completely defensive,” says Anthony Neoh, a longtime adviser to Chinese financial policy makers and a board member of giant Industrial and Commercial Bank of China Ltd. “Markets have a way of running away from governments all the time.”

The agencies didn’t respond to questions.

In a January address to the World Economic Forum where he lauded globalization, Mr. Xi displayed his distrust of financial markets and their monitors. He blamed the 2008 global economic crisis on “excessive” pursuit of profit and the “grave failure of financial regulation.”

By then a shake-up of Chinese financial regulation was well under way. One agency after another has issued rules meant to rein in use of financial instruments for speculative purposes, admonishing firms that innovative activity must benefit the real economy, not merely spin new fortunes.

Insurance is one industry widely viewed as running amok, as companies—often newly formed insurance arms of property businesses—raised cash fast by peddling policies that doubled as short-term high-yield deposits. Anbang Insurance Group Co. had defined the trends, bulking up and making bold plays like the purchase of New York’s Waldorf Astoria hotel.

Wielding increasing financial clout that made waves for banks and stock markets, the insurers drew attention—and name-calling, including by regulators of other segments of the financial sector.

In December, the new stock regulator, Liu Shiyu, criticized insurers’ stock-buying. “Using improperly sourced money for leveraged buyouts, turning from strangers into barbarians, and finally robbing the industry is not OK,” he said.

Under fire itself, the Insurance Regulatory Commission quickly dialed back support for the deposit-like insurance products and banned a developer-turned-insurer from the sector for a decade. The agency’s No. 2 official, Chen Wenhui, seemed to give Anbang’s high-profile chairman, Wu Xiaohui, the cold shoulder at a Beijing conference, nearly sprinting down a hallway as he waved off Mr. Wu, who was trotting behind asking to chat.

Anbang and the insurance regulator declined to comment.

On April 9, the Communist Party’s anticorruption watchdog announced an investigation into Mr. Xiang, the top insurance regulator and industry champion. Details of the probe aren’t known and he isn’t available for comment.

Mr. Xiang had made no secret of his inclination to reduce scrutiny of insurers, saying in a 2013 interview published in The Wall Street Journal that the industry had been ”regulated to death.”

To give insurers room to grow, he said, “We have relaxed regulations in almost every area possible.”

Mr. Xiang’s downfall was reported in Chinese state media together with warnings from Premier Li Keqiang that “the financial sector is vulnerable to risks such as bad assets, shadow banking and illegal internet financing.” According to the chief executive of one insurer that benefited from Mr. Xiang’s regulatory loosening, whoever succeeds him is likely to “put on hold anything that jumps out of line.”

The lone Chinese financial-regulatory chief who so far has retained his title is central-bank Gov. Zhou Xiaochuan, who at 69 is already four years overdue for retirement. But the People’s Bank of China has joined the shift toward stability, and efforts to internationalize the yuan have turned into a quest to keep the currency from weakening too fast.

The focus on stability was also a factor in the November ouster of Finance Minister Lou Jiwei, whose focus on economic overhauls threatened China’s short-term growth.

Politics appear to be weighing on stock regulator Mr. Liu, a banker installed at the helm of the China Securities Regulatory Commission just over a year ago following the firing of his predecessor, who had led the agency during the 2015 stock crash.

In a speech last weekend, Mr. Liu said the need to crack down on financiers who disturb market order and maintain stable capital markets is currently “particularly weighty,” describing the coming party conclave as “the top priority of the party and political life of the nation.”

Write to James T. Areddy at




‘Project Scalpel’: Behind Big Banks’ Plan to Save $2 Billion

March 27, 2017

Wall Street firms discuss joint venture to process transactions

Banks’ hope is that ‘Project Scalpel’ eventually would trim at least $2 billion from their annual spending.

Big banks have cut more than $40 billion of costs since the financial crisis.

They aren’t done.

While prospects for revenue growth at banks have brightened since the election, a handful of the biggest firms are considering ways to slash still more from their back-office budgets. One effort, dubbed “Project Scalpel,” is aimed at cutting the administrative and operational costs involved with processing stock and bond transactions after a trade is struck, according to people familiar with the discussions.

Talks around this effort are at an early stage but so far have included a number of banks, such as Goldman Sachs Group Inc., Morgan Stanley and Bank of America Corp., the people said. If the idea materializes, it could create a joint venture that allows banks to share trade processes and technology.

The hope is this would be widely used by the industry and eventually trim at least $2 billion from the banks’ annual spending, the people said. In the past, banks viewed their ability to efficiently process trades, and handle transfers of ownership and associated activities like dividend and interest payments, as a competitive advantage.

Now, the processes and systems around these functions have become commoditized. Competing banks have redundant systems handling the same functions.

A joint system would eliminate the duplication, spread the cost burden and make it simpler to upgrade technology, according to the people familiar with the discussions. It also would free up resources for revenue-generating investments, they said.

There are plenty of obstacles. These include questions around data privacy and ownership stakes in the venture, and whether to use existing technology systems or build a new one. Some bankers also fear a for-profit service provider could eventually grow too powerful and boost fees.

Despite the hurdles, banks for decades have cooperated in other areas such as creating transaction venues and building clearinghouses. The recent discussions represent a possible extension of that cooperation and underscore that banks remain obsessively focused on keeping expenses in check.

The six biggest U.S. banks have eliminated more than 100,000 jobs since 2009, while shedding less-profitable business lines and trimming compensation.

This is the result of a relatively fallow period on Wall Street in which banks’ returns on equity have been held down by a combination of more-stringent capital requirements, lackluster economic growth, superlow interest rates, and more subdued trading.

On cost-cutting, “much of the easy stuff is done,” said Mark Alexander, a former senior technology and operations executive at Bank of America. “Banks now need to think about doing something different and transformational.”

European banks including Barclays PLC and Société Générale SA have said they are working with technology providers to outsource and share some trading back-office operations in Europe.

Financial-services firms spend as much as $24 billion annually on post-trade operations, or what is known in the industry as activity that occurs “south of the trade blotter,” according to a study by technology firm Broadridge Financial Solutions Inc.

A shared-processing venture would potentially allow banks to cut or reassign thousands of back-office workers. Each firm would keep scores of risk managers, programmers and traders focused on making trades happen.

Joint ventures involving rival banks are complex, though. A couple of years ago, about 10 banks tried to create just such a post-trade with clearinghouses including the Depository Trust & Clearing Corp. Those talks foundered because there were too many different views about what the finished product would do and the technology that would underpin it.

The latest idea is to narrow the group. The Scalpel discussions also involve a recently formed investment firm called Motive Partners, the people familiar with the matter said. Motive is led by bank-technology veterans including Morgan Stanley and Goldman alum Stephen Daffron,  and former Fidelity National Information Services Inc. executives Rob Heyvaert and Michael Hayford.

Banks have previously collaborated on combining back-office functions. In the 1970s, securities firms created a clearinghouse to reduce and then computerize mountains of paper trading tickets. The result was the DTCC, which handles trillions of dollars of securities transactions daily.

Over the past two years, collaboration has accelerated again. Banks recently created joint utilities for things like anti-money-laundering compliance procedures and sharing basic underlying information about stocks and bonds.

“The banking industry must find ways to structurally lower costs,” UBS Group AG Chief Executive Sergio Ermotti told analysts last year. He says the way to achieve it is “closer collaboration between financial institutions.”

Cyberattacks on International Banks Show Links to Hackers Who Hit Sony

February 13, 2017

Hacks began late last year, installing unauthorized code on websites belonging to financial regulators

Researchers at Symantec and BAE Systems say that some of the software and internet infrastructure in the global hacking effort was also used in the Sony attack and—more recently—other attacks on banks in Asia.

Researchers at Symantec and BAE Systems say that some of the software and internet infrastructure in the global hacking effort was also used in the Sony attack and—more recently—other attacks on banks in Asia. PHOTO: DAVID BECKER/REUTERS

Updated Feb. 12, 2017 12:01 p.m. ET

Cybersecurity specialists have found evidence suggesting that recent attacks on institutions in Poland are part of an international hacking effort targeting financial institutions in the U.S., Mexico and the United Kingdom—an attack that shares traits with the 2014 attack on Sony Corp.

The hacks began late last year, installing unauthorized code on websites belonging to financial regulators, then using those to attack computers belonging to a select list of global financial institutions, according to researchers who have examined the attacks at security vendors Symantec Corp. and BAE Systems PLC.

It is unclear to the researchers exactly how many banks were compromised or whether any suffered financial losses. But the researchers say it appears to be part of a well-organized and broad hacking effort that shares links to other attacks including the devastating 2014 hack that destroyed systems and exposed email messages at Sony Pictures Entertainment. U.S. officials have said North Korea was responsible for that attack. North Korea has denied that, though said its supporters might have done it.

Researchers at BAE Systems and Symantec say that some of the software and internet infrastructure in the global effort was also used in the Sony attack and—more recently—other attacks on banks in Asia. Security researchers call the North Korea-linked group they believe is behind these attacks “Lazarus.” It has been active since 2009, according to Kaspersky Lab ZAO, a Russian cybersecurity company.

If the recent attacks are indeed by Lazarus, it suggests the group is broadening its banking attacks. The group’s bank hacking previously had focused on Asia, said Eric Chien, technical director of Symantec’s Security Technology and Response division. “We never saw them do anything, for example, to the U.S., let alone Europe,” he said. “Now we see them targeting the U.S. and Europe.”

In November the Federal Bureau of Investigation warned U.S. financial institutions that it was “monitoring emerging reports indicating that well-resourced and organized malicious cyber actors have intentions to target the U.S. financial sector.”

The FBI didn’t respond to requests for comment about the latest attacks.

The attacks started in October by compromising the website of the Polish Financial Supervision Authority, an incident that was reported last week by the blog. The hackers programmed that website to attack banking computers that visited the site, the researchers say.

Security investigators call this technique a “watering hole.” It lets criminals use one common access point to break into a range of other organizations. In this case, by infecting a website commonly visited by banking employees, the hackers could hope to spread malicious software onto computers within the financial institutions on their list, said Adrian Nish, head of BAE Systems’ Threat Intelligence team.

A Polish Financial Supervision Authority spokesman confirmed that the regulator had “identified an external attempt to interfere in the operating IT system,” and had turned over evidence of the incident to law enforcement after restoring the website. The Polish National Police Agency didn’t immediately respond to a request for comment Friday.

The hackers programmed the hacked web servers to attack computers only if they originated from a short-list of approximately 75 institutions—an apparent effort to keep a lower profile and help evade detection, the researchers say.

This list includes 19 financial institutions in Poland, 15 in the U.S., nine in Mexico, and seven in the U.K., said BAE Systems, which declined to name the institutions.

The attacks also compromised a website belonging to Mexico’s financial regulator, the National Banking and Securities Commission, and a state-run bank in Uruguay, Dr. Nish said. A spokeswoman for the National Banking and Securities Commission said that it has seen no evidence that its computers were compromised. “During the past weekend, we received notice of a coordinated attack addressed to banking institutions world-wide,” she said. “Our Security Operations Center performed a thorough inspection, from which no abnormal behavior was detected.” The Commission’s investigation is continuing she said.

The attacks, with their use of the “water hole” technique, appear to be more sophisticated than previous Lazarus attacks, Dr. Nish and Mr. Chien said. In the shadowy world of cybersecurity, code can be stolen and reused, which makes the business of linking attacks to specific actors time consuming and often inexact. Dr. Nish, at BAE, said he has a “high confidence” that the group involved is Lazarus. “We know the tools that they’re using very well and we know the infrastructure they’re using and their tactics,” Dr. Nish said. “And we can strongly confirm that the tools that have been found on the bank networks and in these [website] attacks are part of the group’s tool kit.”

Mr. Chien said that Symantec hadn’t yet done analysis required to definitively make the connection, but that the tools used in these latest attacks are linked to Lazarus tools used in the past.

Write to Robert McMillan at