North Korean hackers are working with Eastern European cybercriminals: report | Digital gangsters and state-backed spies are finding common ground online.

North Korean hackers are working with Eastern European cybercriminals: report

North Korean hackers are working with Eastern European cybercriminals: report

North Korean hackers are working with Eastern European cybercriminals: report

North Korean hackers are working with Eastern European cybercriminals: report

North Korean hackers are working with Eastern European cybercriminals: report

North Korean hackers are working with Eastern European cybercriminals: report
North Korean hackers are working with Eastern European cybercriminals: report
  • By: itnews.com.au
  • Views 3,542
1
Shared

North Korean state-backed hackers appear to be cooperating with Eastern European cybercriminals, a report said on Wednesday, a finding that suggests digital gangsters and state-backed spies are finding common ground online.

Mountain View, California-based SentinelOne says that the Lazarus Group - which American prosecutors accuse of organizing the leak of emails from Sony Pictures and stealing millions of dollars from the Central Bank of Bangladesh - is getting access to some of its victims through a cybercrime gang dubbed "TrickBot."

"For me it's the biggest crimeware story since I don't-know-when," said Vitali Kremez of SentinelOne. "The Lazarus group has a relationship with the most sophisticated, most resourceful Russian botnet operation on the landscape."

Hints that Lazarus and TrickBot operators are cooperating had surfaced previously. In April, a BAE researcher said she and others were weighing the theory that the cybercriminals were selling access to compromised organizations to Lazarus, a bit like a fence selling stolen doorkeys to a burglar.

In July, the cybersecurity arm of Japanese telecommunications company NTT speculated that North Korea might be collaborating with Lazarus and TrickBot's operators.

Kremez said he found evidence. TrickBot communicated with a Lazarus-controlled server just a couple of hours before that same server was used to help break into the Chilean interbank network earlier this year, he said. American officials have also blamed the multimillion dollar heist on North Korea.

"That's the strongest possible evidence linking to a celebrated case of Lazarus intrusion," said Kremez.

Kremez said that the TrickBot operators were likely renting out its services to the North Koreans, or perhaps working on a commission basis.

The judgment was seconded by Assaf Dahan of Boston-based Cybereason, which is publishing its own, separate report on Trickbot's operations Wednesday. He reviewed SentinelOne's research and said its conclusions were credible, adding that he was certain that the cybercriminals knew that they were dealing with the North Korean government.

"Whether they care or not is a different thing," he said.

Iran says it foiled "very big" foreign cyber attack

Iran says it foiled "very big" foreign cyber attack

Iran has foiled a major cyber attack on its infrastructure that was launched by a foreign government, the Iranian telecoms minister said on Wednesday, two months after reports of a US cyber operation against the country.

US officials told Reuters in October that the United States had carried out a secret cyber strike on Iran after the Sept. 14 attacks on Saudi oil facilities, which Washington and Riyadh blamed on Tehran. Iran denied involvement in the attacks, which were claimed by Yemen's Iran-aligned Houthi movement.

"We recently faced a highly organised and state-sponsored attack on our e-government infrastructure which was...repelled by the country's security shield," Mohammad Javad Azari-Jahromi, Iran's minister for communications and information technology, was quoted by the semi-official Mehr news agency as saying.

"It was a very big attack," Azari-Jahromi said, adding that details would be revealed later.

It was not clear whether Azari-Jahromi was referring to the US cyber attack, which US officials said took place in late September and targeted Tehran’s ability to spread "propaganda".

Asked about Reuters' October report of a cyber attack, Azari-Jahromi said then: "They must have dreamt it."

In late September, Iran reviewed security measures at its key Gulf oil and gas facilities, including preparedness for cyber attacks, following media reports of Washington weighing possible cyber attacks on Tehran.

The reported US cyber strike highlighted how President Donald Trump’s administration has been trying to counter what it sees as Iranian aggression while avoiding an outright military conflict.

Iran has long been on alert over the threat of cyber attacks from abroad. The United States and Israel covertly sabotaged Iran’s disputed nuclear programme in 2009 and 2010 with the Stuxnet computer virus, which destroyed a number of Iranian centrifuges that were enriching uranium.

Tensions in the Gulf have escalated sharply since Trump last year withdrew from Iran's 2015 nuclear deal with world powers and reimposed trade and financial sanctions on Tehran.

Mastercard joins with Australia Post on digital identity, but who's using what is deeply unclear

Mastercard joins with Australia Post on digital identity, but who's using what is deeply unclear

Mastercard has announced a surprise digital identity partnership with Australia Post that will see the post office’s slow-moving Digital iD product somehow integrated into Mastercard’s, as the global credit card giant faces intense local regulatory pressure over soaring online fraud rates.

In an announcement that comes just two days after the Reserve Bank of Australia again put the boot into local retail banks and card schemes over Australia’s messy digital identity landscape, Mastercard said it had now entered digital identity trials with both Australia Post and Deakin University.

Details around the mechanics of Mastercard’s latest digital identity plays — described as an “in market pilot” — are sorely lacking, with apparently two concurrent virtue-signalling efforts underway at once.

The biggest question is whether Mastercard is locally signing onto Post’s Digital iD service, or Australia Post is adopting a Mastercard product for established Digital iD.

Adding Mastercard to Australia Post’s customer brag book for digital identity would be a coup for the government-owned enterprise, which has found it next to impossible to sell Digital iD into retail banks who are under siege on multiple fronts from regulators.

But just what is on offer isn’t really clear, even with Australia Post’s taciturn general manager of digital identity products and services, Regis Bauchiere, providing a thoroughly workshopped insight in Mastercard’s announcement.

"Australia Post is delighted to participate in this pilot, which will help raise awareness about digital identity in Australia and provide our Digital iD users access to a larger variety of uses,” Bauchiere said.

“Complementing our participation in the Trusted Digital Identity Framework, it also positions Digital iD as the only identity provider offering our communities access to both government and private sector services.”

But how it does any of that that has been left hanging.

Conspicuously, Mastercard’s biggest issuer, the Commonwealth Bank of Australia, is not mentioned in the announcement, nor what impact the new Mastercard or Australia Post trials could have on its customers.

On Tuesday, Reserve Bank of Australia Governor of the Reserve Bank of Australia, Philip Lowe, singled out the CBA for a public lashing, sharply criticising Australia’s largest institution for stalling the uptake of the New Payments Platform, the creation of which was fiercely opposed by Mastercard and Visa.

In the same speech, Dr Lowe also put the boot into slow and confused progress on the digital identity front.

“Today, our digital identity system is fragmented and siloed, which has resulted in a proliferation of identity credentials and passwords. This gives rise to security vulnerabilities and creates significant inconvenience and inefficiencies, which can undermine development of the digital economy,” Dr Lowe told the AusPayNet Summit this week.

“These generate compliance risks and other costs for financial institutions, so it is strongly in their interests to make progress here.

"It is fair to say that a number of other countries are well ahead of us in this area.”

Dr Lowe also called out the twin-headed nature of the digital ID frameworks, namely financial sector’s digital ID sandpit, dubbed the ‘TrustID’ framework, developed by the Australian Payments Council; and the federal government-led Trusted Digital Identity Framework, that ropes in the Digital Transformation Office, Centrelink, Tax and myGov transactions.

Where the government’s long-suffering digital ID project is headed is a little opaque at the moment.

Last week Prime Minister Scott Morrison not only removed the head of the department formerly known as Human Services (now Service Australia) but then merged the entire agency into the Department of Social Security, with the DTA coming along for the roller coaster ride.

What is known is that a lot more will be known after the Thodey Review into the public service is released, with the PM previously saying it would ship this week after he necked five senior mandarins and four departments.

There is at least a little more detail on the Mastercard digital identity “pilot” with Deakin University.

According to Mastercard, the “initial phase…featured student volunteers testing an identity verification process for student registration and digital exams at the Burwood and Geelong campuses in Victoria.”

How they actually did that isn’t revealed. But there is a full quota of buzzwords, resplendent in their lack of firm commitment and detail.

“We’re delighted to partner with Mastercard in this first trial to test concepts that can one day deliver intelligent, future-focused solutions ready to respond to a digital world's needs,” said William Confalonieri, Deakin’s chief digital officer.

“The pilot aligns with our institution’s digital-first strategy to improve the user experience and we look forward to the concept moving into other trial environments.”

Mastercard’s militaresque sounding ‘president of cyber and intelligence’, Ajay Bhalla, reckons the whole thing is a bit of a challenge.

“Our increasingly digital life – the way we transact and interact – has challenged our traditional notions of identity, trust and privacy. We need a new model,” Bhalla said.

 “We believe that this starts with a commitment to the responsible handling of personal information, giving consumers control over which data is used and how it is used to verify their identity.”

Or perhaps it starts with addressing Australia’s monstrous online card fraud losses that are now more than $470 million a year for card-not-present, with Mastercard and Visa obscuring the split between credit and debit losses.

Neither Mastercard or its issuing banks wear those losses, instead passing through the vast bulk of them to merchants who pay handsomely to use their payment systems, who then have to pass though those costs to consumers in prices.

Perhaps if the liability for those online losses changed, there’d be more appetite and speed in adopting digital identities.

Lazarus APT Collaborates with Trickbot’s Anchor Project

Lazarus APT Collaborates with Trickbot’s Anchor Project

ADVERTISING
ADVERTISING

Easy Branches Global Network allows You to share Your post within our Network in any Continent or Country on the Global

Your Post
boatshowchina expolifestyle.com