The Jim Bakker Show

Austrian parliament says Turkish Islamist hackers claim cyber attack

VIENNA (Reuters) – Austria’s parliament said on Tuesday that a Turkish Islamist hackers’ group had claimed responsibility for a cyber attack that brought down its website for 20 minutes this weekend.

Aslan Neferler Tim (ANT), or Lion Soldiers Team, whose website says it defends the homeland, Islam, the nation and flag, without any party political links, claimed the attack, a parliamentary spokeswoman said.

Relations between Turkey and Austria soured last year after President Tayyip Erdogan cracked down on dissent following a failed coup, and Vienna has since made a solo charge within the European Union for accession talks to be dropped.

On its Facebook page on Sunday afternoon, above a screenshot indicating the website was not loading, ANT said in Turkish: “Our reaction will be harsh in response to this racism of Austria against Muslims!!! (Parliament down).”

ANT says it has carried out “operations” against the pro-Kurdish Peoples’ Democratic Party (HDP), the Austrian central bank and an Austrian airport.

An Interior Ministry spokesman said on Tuesday that an investigation had begun into the cyber attack and, declining to elaborate further, noted that no data had been lost.

A parliamentary spokeswoman said: “ANT has claimed responsibility.” When asked if ANT was responsible, she said: “We assume so.”

The website was brought down after the server was flooded with service requests, a so-called DDoS-attack, similar to an attack last November that targeted the Foreign Affairs and Defense Ministries’ websites, a statement from parliament said.

DDoS attacks are among the most common cyber threats. One such attack targeted the European Commission’s computers in November.

The Vienna-based Organization for Security and Cooperation in Europe (OSCE) was also recently the target of a cyber attack.

(Reporting by Shadia Nasralla, Francois Murphy in VIENNA and Daren Butler in ISTANBUL; Editing by Louise Ireland)

‘Alphabet soup’ of agencies leave UK exposed to cyber attacks: report

projection of man in binary code representing cyber security or cyber attack

LONDON (Reuters) – Britain’s government has taken too long to coordinate an “alphabet soup” of agencies tasked with protecting the country from an ever-increasing risk of cyber attack, a parliamentary report said on Friday.

The Public Accounts Committee report said that as of last April there were at least 12 separate organizations in Britain responsible for protecting information, with “several lines of accountability with little coherence between them.”

Processes for recording breaches of personal data by government departments are inconsistent and chaotic, the report said, adding that the government is struggling to meet a skills gap in the security profession.

The findings come in the wake of a spate of cyber attacks that have targeted banks, businesses and institutions, including Tesco Bank, Lloyd’s Bank, Talk-Talk, and the National Health Service.

“The threat of cyber-crime is ever-growing yet evidence shows Britain ranks below Brazil, South Africa and China in keeping phones and laptops secure,” said committee chair Meg Hillier.

“Leadership from the center is inadequate and, while the National Cyber Security Centre (NCSC) has the potential to address this, practical aspects of its role must be clarified quickly.”

The NCSC was established by the government last October as part of a 1.9 billion-pound ($2.37 billion) program to tighten cyber security.

An NCSC spokesman said in response to the report: “The government has been clear that the newly formed NCSC is the UK’s definitive authority on cyber security.”

On Thursday night, British defense minister Michael Fallon said Russian president Vladimir Putin was trying to undermine the West by spreading lies and attacking critical infrastructure with hackers.

The Kremlin called the accusation baseless.

Britain launched a cyber security review in January after U.S. intelligence agencies said Putin ordered an effort to help President Donald Trump’s electoral chances by discrediting his rival Hillary Clinton in the 2016 U.S. presidential campaign.

(Reporting by Ritvik Carvalho)

U.S. Treasury holds debt auctions steady, plans cyber test

By Jason Lange

WASHINGTON (Reuters) – The U.S. Treasury announced on Wednesday it will hold the size of coupon auctions steady in the upcoming quarter when it conducts a small “contingency auction” that an official said would test its ability to borrow following a cyber attack.

It was unclear how much of a role, if any, the White House had in crafting the Treasury’s quarterly debt policy statement, which was the first since President Donald Trump took office last month.

The U.S. Senate has yet to confirm Trump’s Treasury secretary nominee, Steven Mnuchin. Several Treasury officials from the Obama administration have left, with their positions filled on a temporary basis by career bureaucrats or political appointees from the last administration.

The latest policy statement was made by Monique Rollins, Treasury’s acting assistant secretary for financial markets and a holdover from the Obama administration. A Treasury official told reporters separately that the new political leadership was aware of the debt policies announced on Wednesday.

Rollins said in the policy statement that Treasury plans to offer $62 billion in notes and bonds next week, raising approximately $17 billion in new cash.

The contingency test was part of regular auction infrastructure testing, Rollins said.

The Treasury official who briefed reporters separately said the test would gauge the government’s ability to borrow money if a cyber attack disrupted normal auctions.

On future coupon sizes, Rollins said the department “will continue to monitor projected financing needs and make appropriate adjustments as necessary.”

(Reporting by Jason Lange; Editing by Paul Simao)

Trump expected to sign cyber security executive order Tuesday: source

President Donald Trump signing executive orders

By Dustin Volz and Steve Holland

WASHINGTON (Reuters) – President Donald Trump is expected to sign an executive order on cyber security on Tuesday, two sources familiar with the situation said, marking the first action to address what he has called a top priority of his administration.

The order is expected to commission several different reviews of the government’s offensive and defensive cyber capabilities, according to one of the sources and a third briefed on a draft of the order that circulated last week.

The move follows a presidential campaign that was dominated by running storylines related to cyber security, including the hacking and subsequent leaking of Democratic emails as part of what U.S. intelligence agencies determined was a wide-ranging influence operation intended to help Trump win the White House and denigrate his challenger, Democrat Hillary Clinton.

For months Trump refused to accept the conclusions of the agencies that Russia was responsible, before stating at a press conference on January 11 that, “as far as hacking I think it was Russia.”

In his answer, Trump, then the president-elect, pivoted to say that “we also get hacked by other countries, and other people” while vowing to launch a government-wide review of vulnerabilities to cyber attacks.

The order is expected to also initiate a audit of several federal agencies’ cyber capabilities, seek input on how to improve protections for critical infrastructure, and review government efforts to attract and train a technically sophisticated workforce, according to two of the sources briefed on the draft, which was first published by the Washington Post.

The draft order would also seek ways to give the private sector incentives to adopt strong security measures.

(Reporting by Steve Holland and Dustin Volz; Editing by Chris Reese and Grant McCool)

Hong Kong securities brokers hit by cyber attacks, may face more: regulator

HONG KONG (Reuters) – Hong Kong’s securities regulator said brokers in the city had suffered cyber attacks and warned of possible further incidents across the industry.

Regulators in Hong Kong have been stepping up efforts over the past year to combat the growing menace of cyber attacks on companies. A survey in November showed the average number of such attacks detected by firms in mainland China and Hong Kong grew a whopping 969 percent between 2014 and 2016. [nL4N1DU35T]

In a circular to licensed firms late on Thursday, the Securities and Futures Commission (SFC) said it had been informed by the Hong Kong police that brokers had encountered so-called “distributed denial of service” (DDoS) attacks targeting their websites and received blackmails from criminals.

“The DDoS attacks have caused service disruption to the brokers for a short period. It is possible that similar cyber security incidents would be observed across the securities industry,” the SFC said in the notice.

Distributed denial of service (DDoS) attacks, among the most common on the Internet, involve cyber criminals using hijacked and virus-infected computers to target websites with data requests, until they are overwhelmed and unable to function.

The SFC urged firms in the financial center to implement protective measures, including reviews of the IT systems and DDoS mitigation plans.

(Reporting by Michelle Price; Editing by Himani Sarkar)

Microsoft to continue to invest over $1 billion a year on cyber security

By Tova Cohen

TEL AVIV (Reuters) – U.S. software firm Microsoft Corp <MSFT.O> will continue to invest over $1 billion annually on cyber security research and development in the coming years, a senior executive said.

This amount does not include acquisitions Microsoft may make in the sector, Bharat Shah, Microsoft vice president of security, told Reuters on the sidelines of the firm’s BlueHat cyber security conference in Tel Aviv.

“As more and more people use cloud, that spending has to go up,” Shah said.

While the number of attempted cyber attacks was 20,000 a week two or three years ago, that figure had now risen to 600,000-700,000, according to Microsoft data.

Long known for its Windows software, Microsoft has shifted focus to the cloud where it is dueling with larger rival Amazon.com <AMZN.O> to control the still fledgling market.

In October it said quarterly sales from its flagship cloud product Azure, which businesses can use to host their websites, apps or data, rose 116 percent.

In addition to its internal security investments, Microsoft has bought three security firms, all in Israel, in a little over two years: enterprise security startup Aorato, cloud security firm Adallom, and Secure Islands, whose data and file protection technology has been integrated into cloud service Azure Information Protection.

Financial details of these deals were not disclosed.

“If you are talking about an ecosystem with more than 400 start-ups it’s not really a coincidence. Israel is huge in security,” said Secure Islands founder Yuval Eldar.

Microsoft’s venture arm has also made three cyber security investments in Israel, including this week an undisclosed amount in Illusive Networks, which uses deception technology to detect attacks and has been installed at banks and retailers.

Earlier this month Microsoft said it invested in Israel’s Team8, which created Illusive Networks.

Though Microsoft does not have any near-term plans to implement deception technology, “we look at lots of different technologies that might be of use in the future,” Shah said.

Shah believes that in the next year or so progress should be made in moving toward broader implementation of user authentication without need for a password.

Microsoft’s Windows 10 operating system includes Windows Hello, which allows users to scan their face, iris or fingerprints to verify their identity and sign in.

(Reporting by Tova Cohen; Editing by Steven Scheer and Adrian Croft)

French central bank chief urges insurers to step up cyber risk coverage

PARIS (Reuters) – France’s central bank governor called on French insurers to enhance cyber risk coverage for their clients, as hack attacks and data privacy laws in Europe spur rising demand.

“With the help of reinsurers, insurers should be able to meet demands of cyber risk coverage, a concern that affects all businesses,” Francois Villeroy de Galhau said during a conference in Paris.

Though growing fast, the European cyber insurance market remains dwarfed by that in the United States, but is likely to expand in the coming years as new EU regulations come into force requiring firms to disclose when they have been the victim of an attack.

Around 28 percent of companies in Europe have been subject to a cyber attack over the past 12 months, but only 13 percent of companies have purchased cyber insurance, Marsh & McLennan Co’s (MMC.N) Marsh broker unit said in a survey, published in October 2016.

The value of global cyber insurance premiums outstanding is estimated by Marsh & McLennan Co’s (MMC.N) Marsh broker unit to be around $3.5 billion with 3 billion coming from the United States, and around $300 million coming from Europe.

“Insurance companies should learn from their own experience … in order to create a more mature market in France and Europe for insurance against cyber risks,” Villeroy added.

(Reporting by Maya Nikolaeva and Myriam Rivet; Editing by Leigh Thomas)

Saudi Arabia warns on cyber defense as Shamoon resurfaces

KHOBAR, Saudi Arabia (Reuters) – Saudi Arabia on Monday warned organizations in the kingdom to be on the alert for the Shamoon virus, which cripples computers by wiping their disks, as the labor ministry said it had been attacked and a chemicals firm reported a network disruption.

An alert from the telecoms authority seen by Reuters advised all parties to be vigilant for attacks from the Shamoon 2 variant of the virus that in 2012 crippled tens thousands of computers at oil giant Saudi Aramco.

Shamoon disrupts computers by overwriting the master book record, making it impossible for them to start up. Former U.S. Defense Secretary Leon Panetta said the 2012 Shamoon attack on Saudi Aramco was probably the most destructive cyber attack on a private business.

In the 2012 hacks, images of a burning U.S. flag were used to overwrite the drives of victims including Saudi Aramco and RasGas Co Ltd. In the recent attacks, an image of the body of 3-year-old drowned Syrian refugee Alan Kurdi was used in recent attacks, according to U.S. security researchers.

The Shamoon hackers were likely working on behalf of the Iranian government in the 2012 campaign and the more-recent attacks, said Adam Meyers, vice president with cyber security firm CrowdStrike. “It’s likely they will continue,” he said.

State-controlled Al Ekhbariya TV said on Twitter, using the hash tag #Shamoon, that several Saudi organizations had been targeted in recent cyber attacks.

The state news agency, meanwhile, said the labor ministry had been hit by a cyber attack, but that it did not impact its data.

Jubail-based Sadara Chemical Co, a joint venture firm owned by Saudi Aramco and U.S. company Dow Chemical, said it had experienced a network disruption on Monday morning and was working to resolve the issue.

The company made the disclosure on its official Twitter account after the warning by Al Ekhbariya TV, which cited the telecoms authority.

It did not say whether the disruption was due to a cyber attack but said as a precautionary measure it had stopped all services related to the network.

Other companies in Jubail, the hub of the Saudi petrochemicals industry, also experienced network disruptions, according to sources who were not authorized to publicly discuss the matter.

Those companies sought to protect themselves from the virus by shutting down their networks, said the sources, who declined to identify specific firms.

(Reporting by Reem Shamseddine. Additional reporting by Jim Finkle.; Writing By Maha El Dahan; Editing by Mark Potter and Andrew Hay)

As attacks grow, EU mulls banking stress tests for cyber risks

file graphic of man using a computer representing cyber attacks

By Francesco Guarascio

BRUSSELS (Reuters) – The European Union is considering testing banks’ defenses against cyber attacks, EU officials and sources said, as concerns grow about the industry’s vulnerability to hacking.

Cyber attacks against banks have increased in numbers and sophistication in recent years, with criminals finding new ways to target banks beyond trying to illicitly obtain details of their customers’ online accounts. Last February $81 million was taken from the Bangladesh central bank when hackers broke into its system and gained access to the SWIFT international transactions network.

Global regulators have tightened security requirements for banks after that giant cyber fraud, one of the biggest in history, and in some countries have carried out checks on lenders’ security systems.

But complex cyber attacks have kept rising, as revealed in November by SWIFT in a letter to client banks and by the theft of 2.5 million pounds ($3 million) from Tesco Plc’s banking arm in the first mass hacking of accounts at a Western lender.

Banks “are struggling to demonstrate their ability to cope with the rising threat of intruders gaining unauthorized access to their critical systems and data,” a report of the European Banking Authority (EBA) warned in December.

The next step from European regulators to boost security could be an EU-wide stress test.

The European executive commission is assessing additional initiatives to counter cyber attacks, a commission official told Reuters. “These include cyber-threat information sharing or penetration and resilience testing of systems.”

The European Central Bank announced last year it would set up a database to register incidents of cyber crime at commercial banks in the 19-country euro zone. But exchanges of information among national authorities on cyber incidents remains scant.

The Commission is studying whether EU-wide tests would help step up security, a source at the EU executive said. This would be in addition to controls already carried out by national authorities.

EBA, which is in charge of stress-testing the bloc’s banks, is expected to detail in summer the checks it intends to conduct in the next exercise planned in mid 2018.

EBA tests banks’ capital cushions and can conduct checks on specific issues. Last year it monitored risks caused by fines, as EU lenders faced sanctions from U.S. regulators.

An EBA official said cyber security was on the agency’s radar but no decision had been made on a possible stress test. The body’s chairman, Andrea Enria, has urged EU states to stress-test their financial institutions for cyber risks.

Lloyds Banking Group is working with law enforcement agencies to trace who was behind a cyber attack that caused intermittent outages for customers of its personal banking websites almost two weeks ago, according to a source familiar with the incident. Lloyds said it would not speculate on the cause of the attack. No customers suffered any losses.

BLOCKCHAIN

As European banks keep relying on digital infrastructure that is “rigid and outdated”, according to EBA, regulators are considering new technologies that could boost security.

Blockchain, the technology behind the most successful virtual currency, Bitcoin, is being closely monitored in Brussels “to establish the advantages and possible risks” but also to weigh possible moves to enable blockchain where it is hindered, the Commission source said.

More than 1 billion euros have been invested in blockchain startups, a World Economic Forum report said.

The EU agency for network and information security (ENISA) said in a report last week the technology offered new opportunities and could cut costs, but may also pose new cyber security challenges, mostly caused by its decentralized network.

Ukraine’s power outage was a cyber attack: Ukrenergo

Dispatchers at Ukraine's national power company

By Pavel Polityuk, Oleg Vukmanovic and Stephen Jewkes

KIEV/MILAN (Reuters) – A power blackout in Ukraine’s capital Kiev last month was caused by a cyber attack and investigators are trying to trace other potentially infected computers and establish the source of the breach, utility Ukrenergo told Reuters on Wednesday.

When the lights went out in northern Kiev on Dec. 17-18, power supplier Ukrenergo suspected a cyber attack and hired investigators to help it determine the cause following a series of breaches across Ukraine.

Preliminary findings indicate that workstations and Supervisory Control and Data Acquisition (SCADA) systems, linked to the 330 kilowatt sub-station “North”, were influenced by external sources outside normal parameters, Ukrenergo said in comments emailed to Reuters.

“The analysis of the impact of symptoms on the initial data of these systems indicates a premeditated and multi-level invasion,” Ukrenergo said.

Law enforcement officials and cyber experts are still working to compile a chronology of events, draw up a list of compromised accounts, and determine the penetration point, while tracing computers potentially infected with malware in sleep mode, it said.

The comments make no mention of which individual, group or country may have been behind the attack.

“It was an intentional cyber incident not meant to be on a large scale… they actually attacked more but couldn’t achieve all their goals,” said Marina Krotofil, lead cyber-security researcher at Honeywell, who assisted in the investigation.

In December 2015, a first-of-its-kind cyber attack cut the lights to 225,000 people in western Ukraine, with hackers also sabotaging power distribution equipment, complicating attempts to restore power.

Ukrainian security services blamed that attack on Russia.

In the latest attack, hackers are thought to have hidden in Ukrenergo’s IT network undetected for six months, acquiring privileges to access systems and figure out their workings, before taking methodical steps to take the power offline, Krotofil said.

“The team involved had quite a few people working in it, with very serious tools and an engineer who understands the power infrastructure,” she said.

The attacks against Ukraine’s power grid are widely seen by experts as the first examples of hackers shutting off critical energy systems supplying heat and light to millions of homes.

(Writing by Oleg Vukmanovic; reporting by Pavel Polityuk in Kiev, Oleg Vukmanovic and Stephen Jewkes in Milan; editing by Susan Fenton/Ruth Pitchford)

Sign up for Jim Bakker Show