The Jim Bakker Show

Kenya opposition leader says election website hacked to show president in lead

Riot policemen deploy after demonstrators supporting opposition leader Raila Odinga, burned tyres after their political leader claimed "massive" fraud in this week's elections, in Kisumu, Kenya August 9, 2017. REUTERS/James Keyi

By Humphrey Malalo and Duncan Miriri

NAIROBI (Reuters) – Kenya’s opposition leader Raila Odinga said on Wednesday the election commission’s computer system was hacked and fake results posted to show President Uhuru Kenyatta with a strong lead in a case of massive fraud.

The election commission said Tuesday’s vote was free and fair and it was investigating whether or not its computer systems and vote-tallying database had been compromised.

Odinga’s comments raised concerns of unrest over the results in Kenya, East Africa’s leading economy and a regional hub. Around 1,200 people died in violence after a disputed election in 2007.

Speaking at a news conference, Odinga urged his supporters to remain calm, but added: “I don’t control the people”. His deputy Kalonzo Musyoka also called for calm but said the opposition might call for “action” at a later date. He gave no details.

Shortly after Odinga spoke, police fired teargas to scatter a group of around 100 supporters in the western city of Kisumu, an opposition stronghold. The unarmed men had been chanting “No Raila, no peace”.

As of 1100 GMT, the election commission website put Kenyatta in front with 54.3 percent of votes counted to 45 percent for Odinga – a margin of nearly 1.4 million ballots with more than 95 percent of polling stations reported.

Odinga published his own party’s assessment of the count on Twitter, saying he had 8.1 million votes against 7.2 million for Kenyatta.

The main local election monitoring group said its parallel vote tally was incomplete so it could not comment on the differing figures. Foreign observer missions declined to comment.

Kenyatta, a 55-year-old businessman seeking a second five-year term, had held a steady lead of around 10 percent since the start of counting after the peaceful vote, the culmination of a hard-fought contest between the heads of Kenya’s two political dynasties.

Odinga, 72, a former political prisoner and self-described leftist, described the reported hack as an attack on Kenya’s democracy and published 50 pages of computer logs on his Facebook page to support his claims.

POLLING STATIONS

Despite its multimillion dollar electronic voting system, the crucial evidence on voting comes from the paper forms signed at each of the country’s 41,000 polling stations.

Results in each polling station are recorded on a form – known as 34A – that observers from each party must sign. These should then be scanned, sent to the election board and posted on a website.

The measure is designed to ensure the elections cannot be rigged and parties can cross-check results.

On Wednesday morning, the commission said it had received 28,000 forms so far and was working to make all forms public. Neither the commission nor Odinga supplied forms to back up their numbers.

The Kenya Human Rights Commission, a well-known non-governmental organization, said it had discovered some discrepancies between provisional results on the election commission website and the paper forms.

It cited five examples, including a polling station in western Nandi county where the electoral board’s website recorded 439 rejected votes but the paper form only showed four.

Odinga ran in Kenya’s last two elections and lost, blaming vote rigging following irregularities at both polls.

In 2007, tallying was stopped and the incumbent president declared the winner, triggering an outcry from Odinga’s camp. The ethnic and political violence that followed killed 1,200 people and displaced 600,000.

International Criminal Court cases against Kenyatta and his now-deputy, William Ruto, for helping direct that violence, collapsed as witnesses died or disappeared.

In 2013, Odinga took his concerns to court. This time, he invoked the unsolved torture and murder of a top election official days before the vote to justify his fears of rigging.

“We fear this was exactly the reason Chris Msando was assassinated, so this could happen,” he said.

Hackers may have used Msando’s identity to access the electronic tallying system, Odinga said. The election commission said its password access system was secure.

Kenya’s shilling firmed and bond prices rose on early results, but analysts said gains could be fragile.

“Kenyatta’s provisional win will soothe those investors who feared a leftist shift in economic policy,” said Hasnain Malik, global head of equities research at Exotix Capital.

“The most important issues are ahead of us: Does Odinga concede peacefully? His initial rhetoric suggests there is a risk he does not.”

Kenya’s B+ credit rating and stable outlook won’t be affected by its election as long as there is no repeat of the 2007 violence, the S&P Global agency said.

(Additional reporting by Maggie Fick in Kisumu and Katharine Houreld, George Obultusa, John Ndiso and Rajiv Golla in Nairobi and Marc Jones in London; Writing by Katharine Houreld and Ed Cropley; Editing by Matthew Mpoke Bigg)

U.S. senators to introduce bill to secure ‘internet of things’

A man takes part in a hacking contest during the Def Con hacker convention in Las Vegas, Nevada, U.S. on July 29, 2017. REUTERS/Steve Marcus

By Dustin Volz

SAN FRANCISCO (Reuters) – A bipartisan group of U.S. senators on Tuesday plans to introduce legislation seeking to address vulnerabilities in computing devices embedded in everyday objects – known in the tech industry as the “internet of things” – which experts have long warned poses a threat to global cyber security.

The new bill would require vendors that provide internet-connected equipment to the U.S. government to ensure their products are patchable and conform to industry security standards. It would also prohibit vendors from supplying devices that have unchangeable passwords or possess known security vulnerabilities.

Republicans Cory Gardner and Steve Daines and Democrats Mark Warner and Ron Wyden are sponsoring the legislation, which was drafted with input from technology experts at the Atlantic Council and Harvard University. A Senate aide who helped write the bill said that companion legislation in the House was expected soon.

“We’re trying to take the lightest touch possible,” Warner told Reuters in an interview. He added that the legislation was intended to remedy an “obvious market failure” that has left device manufacturers with little incentive to build with security in mind.

The legislation would allow federal agencies to ask the U.S. Office of Management and Budget for permission to buy some non-compliant devices if other controls, such as network segmentation, are in place.

It would also expand legal protections for cyber researchers working in “good faith” to hack equipment to find vulnerabilities so manufacturers can patch previously unknown flaws.

Security researchers have long said that the ballooning array of online devices including cars, household appliances, speakers and medical equipment are not adequately protected from hackers who might attempt to steal personal information or launch sophisticated cyber attacks.

Between 20 billion and 30 billion devices are expected to be connected to the internet by 2020, researchers estimate, with a large percentage of them insecure.

Though security for the internet of things has been a known problem for years, some manufacturers say they are not well equipped to produce cyber secure devices.

Hundreds of thousands of insecure webcams, digital records and other everyday devices were hijacked last October to support a major attack on internet infrastructure that temporarily knocked some web services offline, including Twitter, PayPal and Spotify.

The new legislation includes “reasonable security recommendations” that would be important to improve protection of federal government networks, said Ray O’Farrell, chief technology officer at cloud computing firm VMware.

(Reporting by Dustin Volz; Editing by Bill Rigby)

Ukraine finally battens down its leaky cyber hatches after attacks

FILE PHOTO: A message demanding money is seen on a monitor of a payment terminal at a branch of Ukraine's state-owned bank Oschadbank after Ukrainian institutions were hit by a wave of cyber attacks earlier in the day, in Kiev, Ukraine, June 27, 2017. REUTERS/Valentyn Ogirenko/File Photo

By Matthias Williams

KIEV (Reuters) – When the chief of Microsoft Ukraine switched jobs to work for President Petro Poroshenko, he found that everyone in the office used the same login password. It wasn’t the only symptom of lax IT security in a country suffering crippling cyber attacks.

Sometimes pressing the spacebar was enough to open a PC, according to Dmytro Shymkiv, who became Deputy Head of the Presidential Administration with a reform brief in 2014.

Today discipline is far tighter in the president’s office. But Ukraine – regarded by some, despite Kremlin denials, as a guinea pig for Russian state-sponsored hacks – is fighting an uphill battle in turning pockets of protection into a national strategy to keep state institutions and systemic companies safe.

As in many aspects of Ukrainian life, corruption is a problem. Most computers run on pirated software, and even when licensed programs are used, they can be years out of date and lack security patches to help keep the hackers at bay.

Three years into the job, Shymkiv is leading the fight back. He has put together a team, led by a former Microsoft colleague, doing drills, sending out email bulletins to educate staff on new viruses and doing practice hacks offsite.

In the early days, staff complacency and resistance to change were as much a problem as insecure equipment.

“I remember the first weeks when we forced people to do a password change,” Shymkiv told Reuters. “My team heard all kind of screams and disrespectful messages … Over three years, it’s a different organization.”

The team’s small office has a screen with dials, charts and a green spider web showing activity on the network. If there is an attack, a voice shouts “major alarm!” in English, a recording the team downloaded from YouTube.

Eliminating bad practices and introducing good ones is the reason, Shymkiv believes, why the presidential administration was immune to a June 27 virus that spread from Ukraine to cause disruption in companies as far away as India and Australia.

But the country still has a long way to go. Since 2014 repeated cyber attacks have knocked out power supplies, frozen supermarket tills, affected radiation monitoring at the stricken Chernobyl nuclear power plant, and forced the authorities to prop up the hryvnia currency after banks’ IT systems crashed.

Even Poroshenko’s election that year was compromised by a hack on the Central Election Commission’s network, trying to proclaim victory for a far-right candidate — a foretaste of alleged meddling in the 2016 U.S. presidential election.

Ukraine believes the attacks are part of Russia’s “hybrid war” waged since protests in 2014 moved Ukraine away from Moscow’s orbit and closer to the West. Moscow has denied running hacks on Ukraine.

Shymkiv said the task is to “invest in my team, and upgrade them, and teach them, and connect them with other organizations who are doing the right things”.

“If you do nothing like this, you probably will be wiped out,” he added.

The head of Shymkiv’s IT team, Roman Borodin, said the administration is hit by denial-of-service (DDoS) attacks around once every two weeks, and by viruses specifically designed to target it. The hackers seem mainly interested in stealing information from the defense and foreign relations departments, Borodin told Reuters in his first ever media interview.

HONOR AT STAKE

Bruised by past experiences, Ukraine is protecting itself better.

Finance Minister Oleksandr Danylyuk told Reuters his ministry overhauled security after a hack in November crashed 90 percent of its network at the height of budget preparations.

Officials couldn’t log into the system that manages budget transactions for 48 hours, something that played on Danylyuk’s mind as he addressed the Verkhovna Rada or parliament.

“Imagine that, knowing this, I went to the Verkhovna Rada to present the budget – the main financial document on which 45 million people live – and at the same time I was thinking about how to save not only the document itself, but also the honor of the ministry,” he said.

“I understood that if I showed even the slightest hint of our nervousness, the organizers of the attack would achieve their goal.”

Consultants uncovered familiar weaknesses: the budget system operated on a platform dating from 2000, and the version of the database management system should have been upgraded in 2006.

The ministry is introducing new systems to detect anomalies and to improve data protection. “We’re completely revising and restructuring the ministry’s IT landscape,” Danylyuk said.

The ministry emerged unscathed from the June 27 attack. Others weren’t so lucky: Deputy Prime Minister Pavlo Rozenko tweeted a picture of a crashed computer in the cabinet office that same day.

Ukraine is also benefiting from help from abroad.

A cyber police force was set up in 2015 with British funding and training in a project coordinated by the Organization for Security and Co-operation in Europe (OSCE).

While Ukraine is not a NATO member, the Western alliance supplied equipment to help piece together who was behind the June attack and is helping the army set up a cyber defense unit.

Ukraine shares intelligence with neighboring Moldova, another ex-Soviet state that has antagonized Moscow by moving closer to the West and complains of persistent Russian cyber attacks on its institutions.

“At the beginning of this year we had attacks on state-owned enterprises. If it were not for cooperation with the guys from Moldova, we would not have identified these criminals,” Serhiy Demedyuk, the head of the Ukrainian cyber police, told Reuters.

Demedyuk said the attack had been staged by a Russian citizen using a server in Moldova, but declined to give further details.

LAYING DOWN THE LAW

While there has been progress in some areas, Ukraine is still fighting entrenched problems. No less than 82 percent of software is unlicensed, compared with 17 percent in the United States, according to a 2016 survey by the Business Software Alliance, a Washington-based industry group.

Experts say pirated software was not the only factor in the June attack, which also hit up-to-date computers, but the use of unlicensed programs means security patches which could limit the rapid spread of such infections cannot be applied.

Ukraine ranked 60 out of 63 economies in a 2017 survey on digital competitiveness by the International Institute for Management Development. The low ranking is tied to factors such as a weak regulatory framework.

Another problem is that Ukraine has no single agency in charge of ensuring that state bodies and companies of national importance, such as banks, are protected.

This surfaced on June 27, when the NotPetya virus penetrated the company that produces M.E.Doc, an accounting software used by around 80 percent of Ukrainian businesses.

“Locally, the weak spot is accounting, but more generally it is the lack of cyber defenses at a government level. There aren’t agencies analyzing risks at a government level,” said Aleksey Kleschevnikov, the owner of internet provider Wnet, which hosted M.E.Doc’s servers.

Valentyn Petrov, head of the information security department at the National Security and Defence Council, said the state cannot interfere with companies’ security.

“It’s a total disaster from our perspective,” he told Reuters. “All state companies, including state banks, have suffered from attacks, and we really have no influence on them – neither on issuing regulations or checking how they fulfill these regulations.”

Poroshenko signed a decree in February to improve protection of critical institutions. This proposed legislation to spell out which body was in charge of coordinating cyber security and a unified methodology for assessing threats.

The law failed to gather enough votes the day before parliament’s summer recess in July, and MPs voted against extending the session. Shymkiv called that a “big disgrace”.

He added that in many ministries and firms, “we’ve seen very little attention to the IT infrastructures, and it’s something that’s been lagging behind for years”.

Attitudes can be slow to change. Borodin said a policy at the administration to lock computer screens after 15 minutes of inactivity was greeted with indignation. One staffer pointed out that their room was protected by an armed guard.

The staffer said “‘I have a guy with a weapon in my room. Who can steal information from this computer?'” Borodin recounted.

(Additional reporting by Pavel Polityuk, Jack Stubbs, Natalia Zinets and Margaryta Chornokondratenko in Kiev, Eric Auchard in Frankfurt and David Mardiste in Tallinn; editing by David Stamp)

North Korea hacking increasingly focused on making money more than espionage: South Korea study

A projection of cyber code on a hooded man is pictured in this illustration picture taken on May 13, 2017. REUTERS/Kacper Pempel/Illustration

By Christine Kim

SEOUL (Reuters) – North Korea is behind an increasingly orchestrated effort at hacking into computers of financial institutions in South Korea and around the world to steal cash for the impoverished country, a South Korean state-backed agency said in a report.

In the past, suspected hacking attempts by North Korea appeared intended to cause social disruption or steal classified military or government data, but the focus seems to have shifted in recent years to raising foreign currency, the South’s Financial Security Institute (FSI) said.

The isolated regime is suspected to be behind a hacking group called Lazarus, which global cybersecurity firms have linked to last year’s $81 million cyber heist at the Bangladesh central bank and the 2014 attack on Sony’s Hollywood studio.

The U.S. government has blamed North Korea for the Sony hack and some U.S. officials have said prosecutors are building a case against Pyongyang in the Bangladesh Bank theft.

In April, Russian cybersecurity firm Kaspersky Lab also identified a hacking group called Bluenoroff, a spin off of Lazarus, as focused on attacking mostly foreign financial institutions.

The new report, which analyzed suspected cyber attacks between 2015 and 2017 on South Korean government and commercial institutions, identified another Lazarus spinoff named Andariel.

“Bluenoroff and Andariel share their common root, but they have different targets and motives,” the report said. “Andariel focuses on attacking South Korean businesses and government agencies using methods tailored for the country.”

Pyongyang has been stepping up its online hacking capabilities as one way of earning hard currency under the chokehold of international sanctions imposed to stop the development of its nuclear weapons program.

Cyber security researchers have also said they have found technical evidence that could link North Korea with the global WannaCry “ransomware” cyber attack that infected more than 300,000 computers in 150 countries in May.

“We’ve seen an increasing trend of North Korea using its cyber espionage capabilities for financial gain. With the pressure from sanctions and the price growth in cryptocurrencies like Bitcoin and Ethereum – these exchanges likely present an attractive target,” said Luke McNamara, senior analyst at FireEye, a cybersecurity company.

North Korea has routinely denied involvement in cyber attacks against other countries. The North Korean mission to the United Nations was not immediately available for comment.

ATM, ONLINE POKER

The report said the North Korean hacking group Andariel has been spotted attempting to steal bank card information by hacking into automated teller machines, and then using it to withdraw cash or sell the bank information on the black market. It also created malware to hack into online poker and other gambling sites and steal cash.

“South Korea prefers to use local ATM vendors and these attackers managed to analyze and compromise SK ATMs from at least two vendors earlier this year,” said Vitaly Kamluk, director of the APAC research center at Kaspersky.

“We believe this subgroup (Andariel) has been active since at least May 2016.”

The latest report lined up eight different hacking instances spotted within the South in the last few years, which North Korea was suspected to be behind, by tracking down the same code patterns within the malware used for the attacks.

One case spotted last September was an attack on the personal computer of South Korea’s defense minister as well as the ministry’s intranet to extract military operations intelligence.

North Korean hackers used IP addresses in Shenyang, China to access the defense ministry’s server, the report said.

Established in 2015, the FSI was launched by the South Korean government in order to boost information management and protection in the country’s financial sector following attacks on major South Korean banks in previous years.

The report said some of the content has not been proven fully and is not an official view of the government.

(Additional reporting by Jeremy Wagstaff in SINGAPORE; Editing by Soyoung Kim and Michael Perry)

Flush times for hackers in booming cyber security job market

A recruiter advertises a QR code to attract hackers to apply for jobs at the Black Hat security conference in Las Vegas, Nevada, U.S. July27, 2017. REUTERS/Joseph Menn

By Joseph Menn and Jim Finkle

LAS VEGAS (Reuters) – The surge in far-flung and destructive cyber attacks is not good for national security, but for an increasing number of hackers and researchers, it is great for job security.

The new reality is on display in Las Vegas this week at the annual Black Hat and Def Con security conferences, which now have a booming side business in recruiting.

“Hosting big parties has enabled us to meet more talent in the community, helping fill key positions and also retain great people,” said Jen Ellis, a vice president with cybersecurity firm Rapid7 Inc, which filled the hip Hakkasan nightclub on Wednesday at one of the week’s most popular parties.

Twenty or even 10 years ago, career options for technology tinkerers were mostly limited to security firms, handfuls of jobs inside mainstream companies, and in government agencies.

But as tech has taken over the world, the opportunities in the security field have exploded.

Whole industries that used to have little to do with technology now need protection, including automobiles, medical devices and the ever-expanding Internet of Things, from thermostats and fish tanks to home security devices.

More insurance companies now cover breaches, with premiums reduced for strong security practices. And lawyers are making sure that cloud providers are held responsible if a customer’s data is stolen from them and otherwise pushing to hold tech companies liable for problems, meaning they need security experts too.

The non-profit Center for Cyber Safety and Education last month predicted a global shortage of 1.8 million skilled security workers in 2022. The group, which credentials security professionals, said that a third of hiring managers plan to boost their security teams by at least 15 percent.

For hackers who prefer to pick things apart rather than stand guard over them, an enormous number of companies now offer “bug bounties,” or formal rewards, for warnings about vulnerabilities that leave them exposed to criminals or spies.

One of the outside firms that handle such programs, HackerOne, said it has paid out $18.8 million since 2014 to fix 50,140 bugs, with about half of that work done in the past year.

Mark Litchfield made it into the firm’s “Hacker Hall of Fame” last year by being the first to pull in more than $500,000 in bounties through the platform, well more than he earned at his last full-time security job, at consulting firm NCC Group.

In the old days, “The only payout was publicity, free press,” Litchfield said. “That was the payoff then. The payoff now is literally to be paid in dollars.”

There are other emerging ways to make money too. Justine Bone’s medical hacking firm, MedSec, took the unprecedented step last year of openly teaming with an investor who was selling shares short, betting that they would lose value.

It was acrimonious, but St Jude Medical ultimately fixed its pacemaker monitors, which could have been hacked, and Bone predicted others will try the same path.

“Us cyber security nerds have spent most of our careers trying to make the world a better place by engaging with companies, finding bugs which companies may or may not repair,” Bone said.

“If we can take our expertise out to customers, media, regulators, nonprofits and think tanks and out to the financial sector, the investors and analysts, we start to help companies understand in terms of their external environment.”

Chris Wysopal, co-founder of code auditor Veracode, bought in April by CA Technologies, said that he was initially skeptical of the MedSec approach but came around to it, in part because it worked. He appeared at Black Hat with Bone.

“Many have written that the software and hardware market is dysfunctional, a lemon market, because buyers don’t know how insecure the products they purchase are,” Wysopal said in an interview.

“I’d like to see someone fixing this broken market. Profiting off of that fix seems like the best approach for a capitalism-based economy.”

(Reporting by Joseph Menn and Jim Finkle; additional reporting by Dustin Volz; Editing by Jonathan Weber and Grant McCool)

Italy’s UniCredit reveals data attack involving 400,000 clients

By Paola Arosio and Gianluca Semeraro

MILAN (Reuters) – Suspected hackers have accessed client data of Italy’s biggest lender, UniCredit <CRDI.MI>, in two attacks in the past 10 months and affected about 400,000 Italian customers, the most serious data breach ever reported by a major Italian lender.

No passwords were stolen in the attacks, which first occurred in September and October of 2016 and again in June and July of this year, but personal and banking details could have been accessed, UniCredit said in a statement.

The attacks were carried out through an external commercial partner, which UniCredit did not identify. Wednesday’s statement also did not describe how the intruders accessed the data nor when the bank became aware of the first intrusion.

A source familiar with the matter said the bank had only uncovered the data breaches between Monday and Tuesday.

“The bank immediately adopted all necessary measures to prevent a repeat of such intrusions,” the bank said, adding that it had notified law-enforcement authorities.

The head of UniCredit’s information technology unit, Daniele Tonella, said none of the data accessed by the attackers allowed any financial transaction to be carried out.

“We don’t know why this data was acquired,” he told Reuters, adding that it also did not know who was behind the attacks.

Attacks on banks in recent years have become more sophisticated and resulted in mounting financial losses.

They have evolved beyond data breaches, in which personal information are stolen, to include denial-of-service attacks which have knocked out access to online banking services for up to several days and even intrusions into core banking systems.

Last November, attackers stole more than 2.5 million pounds ($3.25 million) from Tesco Bank in Britain’s largest disclosed cyber heist.

UniCredit shares were down 0.9 percent at 16.87 euros in late morning trade.

(Additional reporting by Silvia Aloisi; Editing by Mark Bendeich and Edmund Blair)

Half of German companies hit by sabotage, spying in last two years, BSI says

FILE PHOTO: A man types on a computer keyboard in front of the displayed cyber code in this illustration picture taken on March 1, 2017. REUTERS/Kacper Pempel/Illustration/File Photo

BERLIN (Reuters) – More than half the companies in Germany have been hit by spying, sabotage or data theft in the last two years, the German IT industry association Bitkom said on Friday, and estimated the attacks caused around 55 billion euros’ worth of damage a year.

Several high-profile attacks have occurred recently, such as the WannaCry ransomware attacks in May and a virus dubbed “NotPetya” that halted production at some companies for more than a week. Others lost millions of euros to organized crime in a scam called “CEO Fraud”.

Some 53 percent of companies in Germany have been victims of industrial espionage, sabotage or data theft in the last two years, Bitkom found – up from 51 percent in a 2015 study.

At the same time, the damage caused rose by 8 percent to around 55 billion euros a year, the survey of 1,069 managers and people responsible for security in various sectors found.

Arne Schoenbohm, president of Germany’s BSI federal cyber agency, said many big companies and especially those operating critical infrastructure were generally well-prepared for cyber attacks. But many smaller and medium-sized companies did not take the threat seriously enough, he said.

“The high number of companies affected clearly shows that we still have work to do on cyber security in Germany,” he said in a statement on Friday.

The BSI urged companies in Europe’s largest economy to make information security a top priority and said all companies need to report serious IT security incidents, even if anonymously.

Schoenbohm told Reuters in an interview that hardware and software makers should do their part to shore up cyber security and patch weaknesses in software more quickly once identified.

“There’s still a lot of work to be done,” he said. “We have to be careful that we don’t focus solely on industry and computer users, but also look at the producers and quality management.”

Some 62 percent of companies affected found those behind the attacks were either current or former employees. Forty-one percent blamed competitors, customers, suppliers or service providers for the attacks, Bitkom said.

Foreign intelligence agencies were found to be responsible in 3 percent of the cases, it said.

Twenty-one percent believed hobby hackers were responsible while 7 percent attributed attacks to organized crime.

(Reporting by Michelle Martin, Andrea Shalal and Thorsten Severin; Editing by Larry King and Hugh Lawson)

FedEx says cyber attack to hurt full-year results

A Federal Express truck is shown on deliver in La Jola, California, U.S., May 17, 2017. REUTERS/Mike Blake

(Reuters) – Package delivery company FedEx Corp <FDX.N> said a disruption in services in its TNT Express unit following a cyber attack last month would hurt its full-year results.

FedEx’s shares fell as much as 3.4 percent to $211.53 in early trading as the company said the financial impact of the disruption on its results was likely to be “material”.

The Netherlands-based TNT Express is still experiencing widespread service delays following the attack, caused by the Petya cyber virus that spread through a Ukrainian tax software product, FedEx said.

FedEx said it lost revenue due to decreased volumes at TNT Express and incurred incremental costs from contingency plans and remediation of affected systems.

The company said it did not have an insurance in place that covered the impact from the cyber attack.

FedEx, which is evaluating the financial impact of the cyber attack, said it was unable to estimate when services at TNT Express would be fully restored. (http://bit.ly/2uAnQKG)

The company also said no data breach or data loss to third parties was known to have occurred as of July 17.

The Petya cyber virus spread from Ukraine in June, crippling thousands of computers around the globe, with the shipping and logistics industry among those hit the hardest.

The malicious code encrypted data on machines and demanded victims $300 ransoms for recovery, similar to the extortion tactic used in the global WannaCry ransomware attack in May.

FedEx is scheduled to report its first-quarter results in September.

(Reporting by Ankit Ajmera in Bengaluru; Editing by Maju Samuel and Saumyadeb Chakrabarty)

German military aviation command launches cyber threat initiative

A German Air Force piolt poses inside the cockpit of an Airbus A400M military aircraft at the ILA Berlin Air Show in Schoenefeld, south of Berlin, Germany, June 1, 2016. Picture taken with a fish-eye lens. REUTERS/Fabrizio Bensch

By Andrea Shalal

BERLIN (Reuters) – The German military’s aviation safety chief has launched a new initiative against cyber threats, citing research that he said shows hackers can commandeer military airplanes with the help of equipment that costs about 5,000 euros ($5,700).

A defense ministry spokesman told Reuters that development of new “aviation cyber expertise” would cover everything from raising consciousness about cyber threats to technical research projects and equipping aircraft with protective systems.

State Secretary Katrin Suder had backed the idea, which Major General Ansgar Rieks, head of the German Military Aviation Authority, proposed in a letter in June, the spokesman said.

Rieks said last week that he was unnerved by a demonstration by the government-funded German Aerospace Center (DLR) in Bavaria showing hackers could take control of an aircraft with inexpensive equipment.

“That frightens me. I wrote to the state secretary about it and said doing nothing would amount to gross negligence,” he said at a talk at a conference in Bueckeburg, Germany. He said the issue was also a vital concern for civil aviation.

He said military officials needed to focus not just on potential problems with computer software, but should also work to “ensure that airplanes cannot be taken over from the ground, or possibly by a passenger in the air”.

A spokesman for the DLR, which has studied aviation cyber security extensively, had no immediate comment on the issue.

Germany’s military this year launched a new cyber command that groups cyber units from across the military, which will also involved in the new aviation cyber initiative.

Cyber resilience – making sure that systems can survive a cyber attack and keep functioning – was a major topic during a conference at Bundeswehr University Munich last month, the DLR spokesman said.

Germany’s military is also working on the aviation cyber issue within the European Union and NATO, he said.

Concerns about cyber attacks on aircraft and in the broader aviation sector have grown sharply in recent years with a growing barrage of attacks and breaches against other sectors.

Many experts fear that the aviation industry has not kept pace with the threat hackers pose to increasingly computer-connected airplanes.

Rapid adoption of communication protocols similar to those used on the internet to connect cockpits, cabins and ground controls, have left air traffic open to vulnerabilities bedevilling other sectors such as finance and oil and gas.

(Reporting by Andrea Shalal; Editing by Louise Ireland)

U.S. Energy Department helping power firms defend against cyber attacks

By Jim Finkle, Scott DiSavino and Timothy Gardner

(Reuters) – The U.S. Department of Energy said on Friday it is helping U.S. firms defend against a hacking campaign that targeted power companies including at least one nuclear plant, saying the attacks have not impacted electricity generation or the grid.

News of the attacks surfaced a week ago when Reuters reported that the U.S. Department of Homeland Security and Federal Bureau of Investigation issued a June 28 alert to industrial firms, warning them of hacking targeting the nuclear, power and critical infrastructure sectors.

“DOE is working with our government and industry partners to mitigate any impact from a cyber intrusion affecting entities in the energy sector,” a Department of Energy representative said in an email to Reuters. “At this time, there has been no impact to systems controlling U.S. energy infrastructure. Any potential impact appears to be limited to administrative and business networks.”

It was not clear who was responsible for the hacks. The joint report by the DHS and the FBI did not identify the attackers, though it described the hacks as “an advanced persistent threat,” a term that U.S. officials typically but not always use to describe attacks by culprits.

The DOE discussed its response to the attacks after Bloomberg News reported on Friday that the Wolf Creek nuclear facility in Kansas was among at least a dozen U.S. power firms breached in the attack, citing current and former U.S. officials who were not named.

A representative with the Wolf Creek Nuclear Operating Corp declined to say if the plant was hacked, but said it continued to operate safely.

“There has been absolutely no operational impact to Wolf Creek. The reason that is true is because the operational computer systems are completely separate from the corporate network,” company spokeswoman Jenny Hageman said via email.

A separate Homeland Security technical bulletin issued on June 28 included details of code used in a hacking tool that suggest the hackers sought to use the password of a Wolf Creek employee to access the network.

Hageman declined to say if hackers had gained access to that employee’s account. The employee could not be reached for comment.

The June 28 alert said that hackers have been observed using tainted emails to harvest credentials to gain access to networks of their targets.

“Historically, cyber actors have strategically targeted the energy sector with various goals ranging from cyber espionage to the ability to disrupt energy systems in the event of a hostile conflict,” the report said.

David Lochbaum, a nuclear expert at the nonprofit group Union of Concerned Scientists, said reactors have a certain amount of immunity from cyber attacks because their operation systems are separate from digital business networks. But over time it would not be impossible for hackers to potentially do harm.

“Perhaps the biggest vulnerability nuclear plants face from hackers would be their getting information on plant designs and work schedules with which to conduct a physical attack,” Lochbaum said.

The DOE said it has shared information about this incident with industry, including technical details on the attack and mitigation suggestions.

“Security professionals from government and industry are working closely to share information so energy system operators can defend their systems,” the agency representative said.

Earlier, the FBI and DHS issued a joint statement saying “There is no indication of a threat to public safety” because the impact appears limited to administrative and business networks.

The Nuclear Regulatory Commission has not received any notifications of a cyber event that has affected critical systems at a nuclear plant, said spokesman Scott Burnell.

A nuclear industry spokesman told Reuters last Saturday that hackers have never gained access to a nuclear plant.

(Reporting by Jim Finkle in Toronto, Scott DiSavino in New York and Timothy Gardner in Washington; Additional reporting by Dustin Volz in Washington and Joseph Menn in San Francisco; Editing by Bernard Orr)

Sign up for Jim Bakker Show