Trend Micro, the multinational cybersecurity firm, announced today the results of a six-month long investigation into how hackers target unsecured industrial factories. The Tokyo-headquartered company created a honeypot that imitates a factory operating in an unsecured industrial environment. The experiment found that its sophisticated Operational Technology (OT) honeypot attracted financially motivated exploits.

Some of the common threats that its mock industrial environment was subjected to, include cryptocurrency mining and remote access. Two separate ransomware attacks illegitimately installed software that was used for consumer fraud.

Too often, discussion of cyber threats to industrial control systems (ICS) has been confined to highly sophisticated, nation-state level attacks designed to sabotage key processes. While these do present a risk to Industry 4.0, our research proves that more commonplace threats are more likely, said Greg Young, vice president of cybersecurity for Trend Micro.

The honeypot went live on May 6 and the human interface machines (HMIs) were exposed online without control access. To create the prototype of a realistic, industrial company, the same password was used for several workstations.

A mix of virtual machines and physical hosts was used to run the factory. This included programmable logic controllers (PLCs) and human machine interfaces (HMIs). Separate engineering and robotic workstations were employed, which were mapped to a file server.As the number of attacks went up, some of the threat actors became repeat offenders. A couple of months after going live, an attacker downloaded a cryptocurrency miner, which was later used to relaunch the miner and use the hosts hardware to mine cryptocurrency. Some of the other consequences from attacks included reconnaissance by malicious actors, which at times, caused system shutdowns.

More hackers appeared on our system. One of the most notable was behind a Crysis ransomware infection on Sept. 22. We watched as this threat actor downloaded the ransomware through TeamViewer and continued with their routine, up to the point they left the ransom note. We even interacted and haggled with the threat actor through an exchange of emails, said the official report.

As the number of attacks went up, some of the threat actors became repeat offenders. On October 16, 2020, a security breach led to a robotic workstation sending out a beacon as a part of its lateral movement. A second ransomware attack on October 21 used a Phobos variant of the earlier attack.

Some hackers were more benevolent. On November 1, an attacker left a well-intentioned note advising the admin to put a password on their systems. On Nov. 12, we saw an interesting attack that disguised itself as a ransomware campaign, when in fact the threat actor behind it had simply renamed our files. Two days later, on Nov. 14, this threat actor came back to the system to delete files and leave open tabs of a porn site on our desktop, the report said.

Owners of smaller factories and industrial plants should therefore not assume that criminals will leave them alone. A lack of basic protections can open the door to a relatively straightforward ransomware or cryptojacking attack that could have serious consequences for the bottom line, said Greg Young, Trend Micros VP of cybersecurity.

The company urges smart factory owners to reduce the number of ports left open to external connections, and to enforce cybersecurity best practices like changing access control policies. While it is difficult to completely mitigate attacks, the researchers argue that investing in basic cybersecurity products could prove to be a major deterrent.

15 Jun, 2018

15 Jun, 2018

15 Jun, 2018

15 Jun, 2018

15 Jun, 2018

Originally posted here:
Trend Micro creates honeypot to analyse security threats, gets subjected to ransomware & cryptocurrency mining - Economic Times

The Bank of England will examine how Britain could adopt a bitcoin-style digital currency as part of a global group of central banks that have joined together to examine the possible pitfalls of relying on electronic money.

Bank officials will meet with the Bank of Japan, the European Central Bank (ECB), the Sveriges Riksbank, the Bank of Canada, the Swiss National Bank and the Bank for International Settlements (BIS) to pool research and experiences of the potential for a central bank digital currency (CBDC).

The BoE deputy governor Sir Jon Cunliffe will co-chair the group with Benoit Cure, a former ECB board member and head of the BIS innovation hub.

The move comes amid the emergence of private sector digital currencies, such as bitcoin and Facebooks libra, which is due to be launched this year.

Facebooks plans for its libra coin and a digital wallet have caught the attention of regulators and central banks worldwide, with Threadneedle Street being among those vowing tough new rules.

The BoE was among several central banks to warn that libra would need to be regulated, leading many supporters to end their relationship with the digital currency.

The idea of a central bank digital currency has been increasingly mooted worldwide to help improve payment systems and cross-border transactions.

The Bank said the new working group would look at CBDC use cases; economic, functional and technical design choices, including cross-border interoperability; and the sharing of knowledge on emerging technologies.

It will also work closely with other global forums and groups, such as the Financial Stability Board and the committee on payments and market infrastructures (CPMI), which is also chaired by Cunliffe.

Just last month, Swedens central bank said it would sign a deal with the consultancy firm Accenture to create a pilot platform for a digital currency, known as the e-krona.

The Riksbank has been exploring the idea of its own digital currency for some time, especially given the rapid decline in the use of cash in Sweden.

The European Central Bank has also been investigating the possible benefits of CBDC since last year.

Fran Boait, executive director of Positive Money, said policymakers had been slow to realise how much enthusiasm there was for digital money.

They have been asleep at the wheel over the future of our money system being determined by a small number of banks, payment companies and now tech giants.

The rapid decline of cash and threat of private digital currencies like Facebooks libra have served as a much-needed wake-up call, but central bankers have a lot of catching up to do.

Central banks need to accelerate plans for a central bank digital currency, which would both ensure that people have the choice of a safe public banking option and prevent our monetary system being completely surrendered to unaccountable private interests. This new group must serve as a vehicle for doing so.

Originally posted here:
Bank of England to consider adopting cryptocurrency - The Guardian

Anti-Money Laundering (AML) , Blockchain & Cryptocurrency , Cybercrime

Cybercriminals are using increasingly sophisticated methods to turn illicitly gained cryptocurrency into cash, which raises new concerns about enforcing anti-money laundering laws, according a report by blockchain analysis firm Chainalysis.

See Also: Webinar | The Future of Adaptive Authentication in Financial Services

During 2019, analysts at Chainalysis traced $2.8 billion in bitcoin that criminal entities sent through cryptocurrency exchanges. They found that some exchanges known as "over-the-counter brokers" are being leveraged by cybercriminals to convert cryptocurrency that is paid out in ransomware and other attacks into cash for a fixed fee.

These brokers facilitate trade between individual buyers and sellers who don't want to transact on an open exchange, according to the report. And while most of these over-the-counter brokers are legitimate, there is a subgroup that the Chainalysis report calls the "Rogue 100," which help circumvent laws, including anti-money laundering and know your customer regulations that are designed to ensure that businesses can identify their clients.

The emergence of these types of rogue cryptocurrency exchanges, along with technical advances, have made tracking virtual currency used in cybercrime, as well as terrorist financing, more difficult for law enforcement, the Chainalysis report finds.

"What's especially worrying are the advancements in technical sophistication that have enabled successful terrorism financing campaigns using cryptocurrency," the report states.

The Chainalysis analysis does not name any of these rogue cryptocurrency brokers. But it notes that these exchanges control their own digital wallets and frequently exchange bitcoins and other virtual currencies among themselves to make tracing these transactions more difficult to trace.

Given the low barriers to entry in establishing an over-the-counter broker, some of the Rogue 100 brokers may actually be individuals operating through apps, while others could be long-established criminal networks, Chainalysis co-founder Jonathan Levin told Fortune in an interview.

In addition to these 100 brokers, the Chainalysis report found that two cryptocurrency exchange organizations, Binance and Huobi, are helping to convert illegally gotten bitcoins and other virtual currencies into cash. These two exchanges also appear to circumvent anti-money laundering and Know Your Customer rules, according to the report.

The study found that out of the Rogue 100 brokers, 70 have accounts on Huobi and received $194 million in bitcoin from criminal entities over the course of 2019. The report did not mention how many of the Rogue 100 accounts were on Binance.

In response to the Chainalysis report, Samuel Lim, the chief compliance officer of Binance, told Fortune that the company would continue to improve its proprietary know your customer and anti-money laundering technologies, as well as use third-party tools and partners to further strengthen the company's compliance standards.

A Huobi representative also denied wrongdoing.

"As an exchange that works closely with regulators and government agencies in every country we operate in, we practice a zero-tolerance policy when it comes to illicit activities," Ciara Sun, vice president of global markets at Huobi said in a statement provided to Bloomberg.

The use of cryptocurrencies to support cybercrime has begun to draw more scrutiny from U.S. federal agencies as well as Congress.

In October, Facebook CEO Mark Zuckerberg was questioned by a U.S. Congressional committee about the company's plans for a cryptocurrency called Libra. In the hearing, the committee raised concerns about privacy issues as well as potential use of the currency for money laundering or to finance deals for illegal drugs and weapons (see: Congress Grills Facebook's Zuckerberg on Cryptocurrency Plans)

In November, the U.S. Federal Reserve warned that the increasing use of cryptocurrencies known as "stablecoins," without proper safeguards and regulations, could pave the way for crime, including money laundering and terrorism financing (see: Federal Reserve Report Raises Concerns About 'Stablecoins')

The Chainalysis report urges law enforcement agents and regulators to become experts in crypto-based technology in order to start fighting money laundering in cryptocurrency. It also calls on exchanges to carry out more extensive due diligence on over-the-counter brokers and other nested services operating on their platforms.

Law enforcement can address such challenges by collaborating to trace funds and applying additional scrutiny to exchanges and cryptocurrency brokers, Levin told Fortune.

Advancements in cryptocurrency have also enabled terrorist organizations to carry out sophisticated financing campaigns using cryptocurrency, Chainalysis noted in another section of its report.

The study analyzed two terrorism financing campaigns and compared them to determine how terrorist groups are improving their ability to attract donors online.

One campaign that Chainalysis studied, which took place between 2016 and 2018, was carried out by Ibn Taymiyya Media Center, the media wing of Mujahideen Shura Council in the Environs of Jerusalem, which has been designated as a foreign terrorist organization by the U.S. State Department, the report notes

A second campaign, which started early last year and is ongoing, was led by Izz ad-Din al-Qassam Brigades, the military wing of Hamas, as well as another unnamed terrorist organization.

While the Ibn Taymiyya Media Center campaign publicized a single bitcoin address for financing from its donors, the Izz ad-Din al-Qassam Brigades organization integrated a bitcoin wallet into its website. The Izz ad-Din al-Qassam Brigades' bitcoin wallet generated a unique bitcoin address for each donor to which they could send contributions, according to the report.

Cybercriminals used this feature to make it more difficult to identify addresses and track transactions in and out of those addresses, according to the report. Izz ad-Din al-Qassam Brigades even published a video on their website instructing people on how to donate anonymously.

The Izz ad-Din al-Qassam Brigades campaign that used unique bitcoin addresses raised more than $10,000, making it the most successful, according to the report. More than half of Izz ad-Din al-Qassam Brigades donations came from cryptocurrency exchanges, the study found.

"It's possible that in 2020 and beyond, more terrorist organizations will embrace cryptocurrency as a fundraising tool and push for further advancements that allow them to take in more funds and enhance their privacy," according to the report.

Go here to see the original:
How Cybercriminals Are Converting Cryptocurrency to Cash - BankInfoSecurity.com

More than US$11 billion has been stolen from supposedly secure crypto exchanges, wallets and mining platforms since 2011, mostly due to hacking incidents, research from Inside Bitcoins has revealed.

For a form of currency that bases itself on safety and security, $11 billion is a pretty significant number. Stored on blockchain technology and protected by encryption keys, cryptocurrencies are supposed to be impossible to counterfeit or copy.

In fact, the currency is so secure that when the co-founder and chief of Canadian exchange QuadringaCXGerald Cotten died last year, it transpired he was the only one with the digital keys to the digital safe where all the coins were kept.

Since then, there have been questions as to whether or not Cotton actually died at all. Lawyers for Quadringas investors have even called for his body to be exhumed in order to settle the matter once and for all.

However, it turns out even crypto coins can be half-inched. According to US bitcoin publication Inside Bitcoins, there have been some 33 hacking incidents, globally, since 2011.

The exchange that fell victim to the first reported crypto hack in 2011 was also on the sharp end of the biggest hack in 2014.

In 2011, Tokyo exchange Mt.Gox was breached, losing about US$17.2 million in bitcoin.

It recovered from the incident, and by 2014, it was the leading exchange in the world, managing about 70% of all bitcoin transactions.

In February 2014, however, it suffered a second attack, losing about US$6.5 billion worth of bitcoin or six percent of all bitcoin in existence at the time.

Three years later, Mt.Gox was bankrupt.

The Mt.Gox hack of 2014 is now infamous its the subject of lengthy deep-dive articles, its explored in many tech podcasts and its even the subject of an ebook.

Three additional hacks were recorded in 2014, bringing the total loss to US$6.7 billion, and making the year an almost comical standout on a graph detailing losses over the past eight years.

By contrast, the second most-catastrophic year was 2016, which saw total losses of US$1.6 billion in cryptocurrency.

Interestingly, 2017 saw an increase in the number of hacks, but a dip in the value stolen. Its perhaps no surprise that there was more criminal interest this was the year of the crypto-boom, in which prices reached a peak of US$20,000.

However, the most hacks occurred in 2019, including that of prominent exchange Binance, which lost about US$60.5 million in bitcoin.

NOW READ:Bitcoin in your pocket: Singapore startup brings cryptocurrency into the physical realm

NOW READ:Is Bitcoin back? Cryptocurrency rallies more than 20%, but no one seems to know why

Read more here:
Hackers have got their hands on $11 billion in stolen cryptocurrency since 2011 - SmartCompany.com.au

Cryptocurrency investors who fell for an alleged pyramid scheme that resulted in losses of more than$2.46 million (THB75 million) have asked Thailands Department of Special Investigation (DSI) to investigate.

According to the Bangkok Post, the cryptocurrency project, known as Khung Nong Cryptocurrency Trading, became famous in parts of the country in 2018.

The scheme allegedly promised maximum returns of 8 percent per week, attracting individuals fromKrabi, Trang, Yala, Pattani, and Narathiwat who sold their assets including cars, businesses, and land in order to invest.

[Read:Thailands oldest bank hints at new blockchain app powered by Ripple]

Human rights activistPhadungsak Tienpairoj, who has referred 20 victims to the DSI, has now reportedly taken up the case and prompted the department to investigate alongside law enforcement in the Krabi province.

Thailand made headlines in November 2018 as it prepared to launch its first regulated initial coin offering (ICO) portal in a bid to reinforce its tough stance on cryptocurrency and blockchain.

Although todays news wont bring total solace to victims, its certainly a step in the right direction if theyre ever to recover the lost funds.

Published January 17, 2020 14:30 UTC

The rest is here:
Thailand launches probe into $2.46M cryptocurrency pyramid scam - The Next Web