fbpx
Connect with us

Cybersecurity

Cyber attack tied to China boosts development bank’s chief

Associated Press

Published

 on

Cyber attack tied to China boosts development bank's chief

The cyberattack crested just as finance officials from across Latin America were descending on Washington to commemorate the 60th anniversary of the Inter-American Development Bank.

On Sept. 24, 2019, requests from more than 15,000 internet addresses throughout China flooded the bank’s website, knocking part of it intermittently offline. To unclog the network, the bank took the drastic step of blocking all traffic from China.

But the attackers persisted, and as officials gathered for a day of conferences with athletes, academics and celebrity chefs the bombardment intensified.

Details of the attack, which has not been previously reported, are contained in an IDB internal document reviewed by The Associated Press.

News of the attack is surfacing just as the bank’s new president, Mauricio Claver-Carone, seeks to leverage his hawkish views on China from his time in the Trump administration to outmaneuver those in Washington and beyond still fuming over his politically charged election last year.

Claver-Carone, the former National Security Council’s senior director for Western Hemisphere affairs, chaired last week in Colombia his first annual meeting of the IDB since he was elected last fall over the objections of Democrats and some regional governments who complained he was breaking the longstanding tradition of a Latin American being at the helm.

A geopolitical ideologue, Claver-Carone seems in no rush to abandon his disdain for Beijing’s growing influence in Washington’s backyard. In sharp contrast to his predecessor, Luis Alberto Moreno of Colombia, who eagerly promoted Chinese investment in the region, Claver-Carone recently floated the possibility of inviting Taiwan, the island democracy claimed by the communist Beijing government as part of its territory.

In curtailing China’s influence, Claver-Carone is looking to curry favor with Democrats who question his leadership but share his mistrust of Beijing. If he succeeds, they can help him deliver on what was the main pledge of his unorthodox candidacy: U.S. support for a capital increase so the bank can help the region dig out from a pandemic-induced recession that’s the worst in more than a century.

There are early signs he may be making some headway. This month, a bipartisan group of five lawmakers led by Sen. Bob Menendez, head of the Senate Foreign Relations Committee, proposed legislation authorizing an $80 billion capital increase that would boost lending at the Washington-based bank by 60%.

“People need to accept that he won,” said Dan Runde, a former official with the U.S. Agency for International Development in the George W. Bush administration and an expert on multilateral institutions at the Center for Strategic and International Studies. “Those who are not happy haven’t gone through the five stages of grief yet. They’re stuck somewhere between denial and anger.”

But Sen. Patrick Leahy, the powerful chairman of the Senate Appropriations Committee, has yet to sign on after warning last year that the choice of Claver-Carone, a “polarizing American,” to lead the IDB would hurt — not help — the case for a funding boost. There’s also an expectation that some in the region who supported Claver-Carone when Trump was in office — such as Brazil and Colombia — might switch allegiances to appeal to the new sheriff in town: President Joe Biden.

“The argument that an underfunded bank is an opportunity for China is very compelling,” said Dan Restrepo, who served in the same National Security Council role as Claver-Carone during the Obama administration. “But it doesn’t answer how you adequately fund the bank and with what leadership.”

As far as cyber-disruptions go, the attack against the IDB was too small to generate concern beyond the bank. Last year, more than 10 million similar distributed denial of service (DDoS) attacks were observed throughout the world, according to digital security firm NETSCOUT.

But occurring amid the IDB’s gala celebration it was fraught with symbolism.

The bash in Washington was hastily organized after the Trump administration six months earlier rallied allies to force the cancellation of the IDB gathering in the Chinese city of Chengdu, which was to be something of a breaking out party for China a decade after it joined the bank.

While the U.S. had been trying to derail the meeting for months, China’s denial of a visa to a representative of Venezuelan opposition leader Juan Guaidó gave it the opportunity to act decisively. While the IDB and the bulk of nations in Latin America recognize Guaidó as Venezuela’s legitimate leader, China is a staunch ally of President Nicolás Maduro

Claver-Carone was the U.S. official driving the diplomatic standoff with China at the IDB. As the top White House official for Latin America, he was also the architect of “America Rising,” a program that sought to curb the inroads being made by China in Latin America, where it has displaced the U.S. as the top trading partner in countries such as Argentina, Brazil, and Chile.

According to the IDB document, on Sept. 19, 2019, traffic to the IDB website surged to more than four times normal levels, forcing the main website and publications page offline. At first, the bank defended itself by blocking individual IP addresses.

But then “the attackers switched tactics and started to throw requests from more than 15,000 IP addresses spread throughout China,” according to the internal document. “By Tuesday 24th evening all income traffic from China was blocked, a decision the allowed us to come back online.”

Unthwarted, the attackers pivoted again, this time relying on 180,000 IP addresses from countries including Singapore and Japan. In all, the attack lasted for months but was effectively contained after three weeks when the bank turned to Amazon to build a more robust firewall.

While there is no indication the site was breached, “the downtime affected our digital presence and had a negative impact in different communication endeavors,” the document says. “It also made our vulnerabilities explicit for third parties, which could potentially make us the target of new attacks and impact the reputation of the IDB brand.”

Still, it’s impossible to know who was behind the attack.

While China has some of the world’s most skilled hackers, security experts say that doesn’t necessarily mean it is behind the attacks. Poorly protected computers can be hijacked and marshaled from anywhere in the world and turned into botnets for unleashing DDoS attacks.

“A targeted attack this long has an obvious financial or political motive — you don’t troll for three weeks,” said Tord Lundstrom, a digital security expert at Qurium, a Swedish non-profit organization. “But determining whether China was behind it, or someone is just trying to make it look like it was, is very hard to determine without additional digital forensic information.”

China’s foreign ministry didn’t respond directly to questions about whether the government knew about the incident at the IDB or was involved but said in a statement that it strongly opposes cyber attacks

“Linking cyber attacks directly to a government is a highly sensitive political issue,” the ministry statement said. “All parties should jointly resolve the hacking issue through dialogue and cooperation and avoid politicizing the issue.”

Claver-Carone declined to be interviewed while the IDB said it does not comment on internal cybersecurity issues. Nonetheless, three people at the bank told the AP they recall China being openly blamed for the attack in briefings back in 2019 to discuss the fallout. The people spoke to the AP on the condition of anonymity to discuss internal deliberations.

On paper, China has a minuscule 0.004% of the IDB’s voting shares, the smallest stake of any of the bank’s 48 members. But membership has been a cheap way for China to expand its reach in Latin America. Chinese companies are able to bid on IDB-financed projects, rub shoulders with political leaders and pick up valuable economic intelligence that would be harder to acquire on its own.

China is also the second-largest non-borrowing shareholder in IDB Invest, the bank’s private lending arm, with nearly 6% of shares, thanks to a reorganization in 2015 when the Obama administration refused to pony up additional resources and saw the U.S.’ stake diluted to 13%.

The IDB also manages a $2 billion fund made up entirely of contributions from China. Over the years the IDB also hosted more than a dozen business summits connecting Latin American entrepreneurs with Chinese investors.

“For too long the IDB was too friendly with the Chinese Communist Party,” said Runde. “The Bank and its shareholders did not hold China accountable when it ruined the 60th Anniversary for the IDB. This too cozy relationship has to change.”

China has made no secret of its tense relationship with Claver-Carone. In a symbolic rebuke, Yi Gang, the head of China’s central bank, refrained from voting in the special meeting last year when Claver-Carone was elected, according to a person who attended the meeting on the condition of anonymity to discuss the closed-door discussion.

Rebecca Ray, a Boston University economist who tracks China’s investment in the region, said the touchy politics around China can be a double-edged sword. While Claver-Carone’s attempts to isolate Beijing may play well in the U.S. Congress and help him secure additional funding it could ultimately end up undermining the IDB’s mission at a time of great need for financing to build infrastructure, improve health care and reduce poverty in the region.

She noted that as the IDB has lagged other multilateral institutions in securing more funding, three Latin American countries — Brazil, Ecuador, and Uruguay — have joined the Asian Infrastructure Investment Bank, China’s answer to the World Bank and one which the U.S. opposes.

“Sidelining China may end up limiting China’s willingness to keep playing an active role, which would not be popular in the region,” said Ray. “As long as the need for financing remains high, countries will keep turning to China because that’s where the money is.”


MIAMI (AP) — By JOSHUA GOODMAN

Advertisement

Cybersecurity

Sanctioned Russian IT firm was partner with Microsoft, IBM

Associated Press

Published

 on

Sanctioned Russian IT firm

The Treasury Department on Thursday slapped six Russian technology companies with sanctions for supporting Kremlin intelligence agencies engaged in “dangerous and disruptive cyber attacks.”

But only one of them stands out for its international footprint and partnerships with such IT heavyweights as Microsoft and IBM.

That company, Positive Technologies, claims more than 2,000 customers in 30 countries, including major European banks Societe Generale and ING, as well as Samsung, SK Telecom of South Korea and BT, the British telecommunications giant.

Its clients also include the FSB, a successor to the KGB that “cultivates and co-opts criminal hackers” who carry out ransomware and phishing attacks, the Treasury Department said. The U.S. said big conventions hosted by Positive Technologies are “used as recruiting events” by the FSB and the GRU, Russia’s military intelligence agency.

GRU agents are the swashbucklers of Russian intelligence. The agency stands accused of spearheading the hack-and-leak operation that interfered in the 2016 U.S. presidential election to favor Donald Trump. Its agents also conducted the most damaging cyberattack on record, the runaway 2017 NotPetya virus that did more than $10 billion in global damage, its victims including the shipping giant Maersk and pharmaceutical company Merck.

The CEO of the software industry-supported Internet Research Institute in Moscow, Karen Kazaryan, said he was not familiar with most of the Russian IT companies sanctioned on Thursday. But Positive Tech is well-known in the industry for its annual Hack Days conference, which is scheduled for May 20-21 at a Moscow hotel.

Former CIA analyst Michael van Landingham applauded the naming and sanctioning of Russian IT companies known to have aided and abetted malign government activity.

“Naming specific companies can create incentives for educated and skilled Russians who might be able to obtain jobs elsewhere where they don’t support Russian state hacking,” he said.

Positive Tech’s specialty is identifying vulnerabilities in popular software such as Microsoft’s Windows operating system. The world’s intelligence agencies regularly lean on companies like it not to disclose potent vulnerabilities publicly when they find them but to instead quietly share them for hacking adversaries’ networks.

The U.S. did not accuse Positive Technologies of any such behavior and the Treasury Department declined to answer questions about the company’s activities beyond a press release.

Microsoft would not offer details on the the company’s business relationship with Positive Tech but did say it would comply with the sanctions. Spokesmen also said the company was removing Positive Tech from a list of more than 80 security software providers to which it gives early access to vulnerability information so they can make sure their customers get patches quickly. IBM also lists Positive Technologies as a security partner, offering customers one of its scanning tools.

IBM didn’t respond to requests for comment Thursday. Neither did U.S. tech companies HP and VMware, which Positive Technologies lists as technology partners.

On its website, Positive Technologies lists Russia’s Defense Ministry as among its first major clients, in 2004 when it was two years old with just 11 employees. It claimed more than 800 employees in 2018.

Russia’s biggest business database lists the company’s CEO and founder as Yury Maximov, about whom little is known other than he graduated from Moscow State University. The company did not respond to questions sent to press contacts on its website.

Positive Tech’s website boasts of a number of accomplishments, such as providing cybersecurity for the 2018 soccer World Cup hosted by Russia and publishing data that same year on 30 high-risk vulnerabilities. It said it opened its first international office in London in 2010 and its first U.S. office in 2012.

The company has sometimes used Framingham, Massachusetts, as its U.S. location in news releases, though it’s not recorded in city or state records as a business by that name. An office building with an address linked to the company is a co-working space that can be rented on flexible terms for “one person or more.”

Market research firm IDC listed Positive Technologies as one of the fastest-growing companies in security and vulnerability management in 2012, in part because it was so small at the time, growing nearly 82% year-over-year to $30 million in worldwide revenue. Nearly all that revenue came from assessing vulnerabilities. But by 2015, its worldwide revenues fell 37.6% to $26.5 million, according to IDC, which eventually stopped tracking the company.


By FRANK BAJAK and MATT O’BRIEN AP Technology Writers

Continue Reading

Cybersecurity

Cybersecurity market to reach $300bn by 2027

Yehia El Amine

Published

 on

Cybersecurity market

The beginning of April was considered the worst week for social media firms across the aisle, as news headlines as far as the finger can scroll were swamped with news of billions of user accounts were leaked on a hacker forum for sale.

Leaks affected social networking giants such as Facebook, popular audio drop-in app Clubhouse, and the Microsoft-owned LinkedIn. These are but a glimpse of how businesses across the world and different industries are susceptible to breaches and leaks.

One cannot argue that such data leaks caught the eyes of many, from Big Tech to your everyday consumer, prompting a deeper look into cybersecurity on every scale.

A sentiment not only expressed through feelings of worry but also backed up by numbers.

According to a recent report by Allied Market Research, the cybersecurity market is on its way to reach $304.91 Billion, Globally, by 2027 at 9.4 percent CAGR; a market that had only generated $149.67 billion in 2019.

Drivers, restraints, and opportunities

An increase in malware and phishing threats among enterprises, rise in adoption of the Internet of Things (IoT) and Bring Your Own Device (BYOD), as well as demand for cloud-based cybersecurity solutions drive the growth of the global cyber security market.

However, budgetary constraints and complexities involved in the security of devices hinder the market growth.

“On the other hand, surge in adoption of mobile device applications and platforms, requirement for strong authentication methods, and transformation of the traditional antivirus software industry present new opportunities in the coming years,” the report noted.

Impact of COVID-19 on the cybersecurity market

According to the report, the number of cyberattacks has been increased during the lockdown as many organizations adopted the work from home strategy. “The need to implement cybersecurity for addressing security issues and facilitating secured access increased considerably,” the study stressed.

Not only that, one of targets by hackers were classified as being hospital data, healthcare apps, and wearable devices – which have been increased as the volume of patient data increased. “The need to secure and authenticate data in healthcare organizations surged,” the authors advised.

It is important to note the rise in COVID-19-related phishing and ransomware attacks, which is due to the utilization of the virus as bait to lead brands astray and attack their websites and apps.

“Cybersecurity providers have been focusing on innovations and development of advanced solutions by including features such as cloud security & AI-integrated solutions to deal with new types of viruses and ransomware used by attackers,” the report said.

The solution segment to maintain its highest contribution

Based on component, the solution segment accounted for the largest market share, contributing to more than two-thirds of the total share of the global cybersecurity market in 2019, and will maintain its highest contribution in terms of revenue during the forecast period.

“This is due to rise in need for vulnerability assessment, penetration testing, and compliance with the leading federal, defense, and industry security standards,” the report said; however, it also found that the services segment is projected to witness the largest CAGR of 11.2 percent from 2020 to 2027, owing to surge in cyber-attacks on the IT infrastructure of organizations.

The on-premises segment to maintain its dominant share

According to predictions based on deployment, the on-premises segment held the largest share in 2019, contributing to more than half of the global cyber security market, and is expected to maintain its dominant share during the forecast period.

“This is due to rise in need to secure critical data and track the influx of data within the organization,” the report said. However, the cloud segment is estimated to manifest the highest CAGR of 11.2 percent from 2020 to 2027, owing to lack of capital cost and low maintenance cost.

North America to continue to lead by 2027

Based on region, North America contributed to the highest market share in 2019, accounting for nearly one-third of the total share of the global cyber security market and will continue to lead by 2027.

“This is attributed to presence of major key players, high ICT spending, and huge number of cyber-attacks on various enterprises,” the study highlighted.

However, Asia-Pacific is estimated to portray the fastest CAGR of 11 percent during the forecast period, owing to adoption of wireless & mobile devices, rise in cyber-crimes, increase in awareness regarding data security, and strict security standards & government policies.

Continue Reading

Cybersecurity

Biden names 2 ex-NSA officials for senior cyber positions

Associated Press

Published

 on

Biden names 2 ex-NSA officials for senior cyber positions

President Joe Biden has selected two former senior National Security Agency officials for key cyber jobs in his administration, the White House said Monday in moving to fill out a team whose role has grown more urgent after two major hacks that have consumed the government’s attention.

Chris Inglis, a former NSA deputy director, is being nominated as the government’s first national cyber director. Jen Easterly, a former deputy for counterterrorism at the NSA, has been tapped to run the Cybersecurity and Infrastructure Security Agency at the Department of Homeland Security. The two officials are expected to work closely with Anne Neuberger, the administration’s deputy national security adviser for cyber and emerging technology.

The cyber director position, a job established by federal law and long championed by lawmakers and outside experts, is designed to help ensure a more streamlined strategy and coordinated response to cyberattacks that invariably pull in officials from multiple agencies. In filling it with a veteran intelligence and national security expert, Biden is likely signaling the importance of cybersecurity to his administration as it continues to grapple with two major cyber incidents.

“I’m proud of what we are building across the U.S. government when it comes to cyber,” national security adviser Jake Sullivan said in a statement announcing Biden’s plan to nominate Inglis and Easterly. “We are determined to protect America’s networks and to meet the growing challenge posed by our adversaries in cyberspace — and this is the team to do it.”

The administration is expected to soon announce a response to the SolarWinds hack, a breach of federal government agencies and American corporations believed to have been carried out by Russian hackers, and has also been occupied by an intrusion affecting Microsoft Exchange email software. The company has said that hack was carried out by Chinese state hackers.

Former President Donald Trump, who was seen as minimizing the importance of cybersecurity as he diminished Russian interference in the 2016 presidential election, eliminated the position of cybersecurity coordinator at the National Security Council in 2018. The move was widely condemned by lawmakers at the time who said it made no sense to do so with mounting hostile cyberthreats from adversaries.

The Cyberspace Solarium Commission, a bipartisan group that had recommended the establishment of a cyber director position, praised the appointments, saying “the need for a leader with statutory authority to coordinate the development and implementation of a national cyber strategy to defend and secure everything from our hospitals to our power grid could not be more clear.”

Sen. Angus King, an independent from Maine who has previously expressed frustration with how long the Biden administration took to fill the position, said he’s hopeful the appointments can be quickly confirmed by the Senate.

“We don’t want to rush the process in any way. On the other hand, another attack could occur at any moment,” King said.

Inglis spent 28 years at the NSA, including as a top deputy of the spy agency. His former boss, Gen. Keith Alexander, called Inglis a level-headed leader who excelled at bringing different groups together. He said he had a deep knowledge of U.S. adversaries’ capabilities.

“The seven years that I was with him, I was thankful for every day that he was there,” Alexander said. “He’s a master at working with people and getting people to work together.”

Besides her job at the NSA, Easterly also served on the National Security Council as senior director for counterterrorism and special assistant to the president in the Obama administration, and as a managing director of Morgan Stanley, heading the firm’s cybersecurity fusion center.

Easterly’s private-sector experience will also be valuable at CISA, said Thomas Warrick, a former Department of Homeland Security official.

“Her years at Morgan Stanley give her greater knowledge about how the private sector and CISA will need to work together to address today’s cybersecurity challenges,” Warrick said. “Her nomination bodes well for the kind of leadership that’s needed at CISA today.”

A third official with cyber experience, Robert Silvers, was announced Monday as the president’s pick for Under Secretary for Strategy, Policy, and Plans at the Department of Homeland Security.

The planned nominations were first reported by The Washington Post.


WASHINGTON (AP) — By ERIC TUCKER, ALAN SUDERMAN and BEN FOX

Continue Reading

Trending