Asian Markets Closing Report

Search This Blog

Translate

Search Tool




Jul 6, 2020

Analysis | The Cybersecurity 202: Hacking tensions with Iran are surging again after nuclear site fire


By Joseph Marks


with Tonya Riley

A fire at an Iranian nuclear plant is threatening to spark a major hacking conflict that could embroil U.S. industry.
Three Iranian officials have anonymously blamed a foreign cyberattack for the fire, which caused significant damage and threatens to slow the nation’s development of advanced centrifuges by months, Reuters reports. Other officials blamed the attack on a powerful bomb, the New York Times reports.
It's not clear if the fire itself was caused by a cyberattack, though some Iranian officials have suggested such attacks could have been launched by the United States or Israel. Regardless, Iran may respond in cyberspace where it faces a comparatively level playing field compared to conventional military conflict.
Iran’s top civil defense official has vowed to retaliate if cyberattacks are confirmed. “Responding to cyberattacks is part of the country’s defense,” Gholamreza Jalali told state television. “If it is proven that our country has been targeted by a cyberattack, we will respond.”
The inflammatory rhetoric comes as U.S. officials are already on alert for Iranian cyberattacks in response to the U.S. military's killing of Iranian Maj. Gen. Qasem Soleimani in January. Experts have warned those attacks could target oil refineries, financial institutions and other vital U.S. infrastructure.
It also comes after a decade during which Iran has become increasingly belligerent in cyberspace including hacks against U.S. banks and universities.
An article by the state news agency IRNA accused the United States and Israel of crossing "red lines" and raised the specter of retaliation in the wake of the fire.
“So far Iran has tried to prevent intensifying crises and the formation of unpredictable conditions and situations,” the outlet said as reported by Reuters. “But the crossing of red lines of the Islamic Republic of Iran by hostile countries, especially the Zionist regime and the U.S., means that strategy ... should be revised.”
U.S. officials have not commented on the fire. Israeli Defense Minister Benny Gantz said: “Not every incident that transpires in Iran necessarily has something to do with us.”

A fire-damaged building at the Natanz uranium enrichment facility. (Atomic Energy Organization of Iran/AP)
The fire sparked immediate memories of the Stuxnet cyberattack in 2010. 
That attack was widely attributed to the United States and Israel, though the nations never formally claimed credit. It took place in the same facility in the city of Natanz that was hit by the fire this month, though in a different building.
Stuxnet successfully set back Iran’s nuclear program for years by using malicious software to destroy thousands of centrifuges. But it also helped spark the current era of global digital conflict in which Russia, Iran and other nations have routinely turned to hacking as a way to damage adversaries — and where private companies often bear the brunt of those attacks.
That conflict has grown increasingly dangerous to the point of threatening death and widespread property destruction. Russia, for example, briefly disabled large portions of Ukraine’s energy grid with a cyberattack in 2016.
Iran was a newcomer to cyber conflict in 2010 but has grown far more sophisticated and dangerous since then.
In an opening salvo, the nation’s Islamic Revolutionary Guard Corps was behind a wave of cyberattacks that disrupted operations at U.S. financial firms from 2011 to 2013. The Justice Department charged seven of the hackers in 2016 but none of them has faced trial in the United States.
Another set of indictments and sanctions in 2018 revealed a vast Iranian hacking operation targeting hundreds of U.S. and foreign universities, as well as dozens of U.S. companies and government agencies, and the United Nations.
Iran has also been linked to a 2012 cyberattack that devastated oil production by the Saudi state oil company Aramco and a 2014 attack at the Sands Casino whose owner Sheldon Adelson is an outspoken backer of Israel.
Just this year, Iran appears to be behind an unsuccessful May attack aimed at disrupting Israeli water supplies in at least two locations.

Satellite image shows a damaged building after a fire and explosion at Iran's Natanz nuclear site. (Planet Labs Inc., James Martin Center for Nonproliferation Studies at Middlebury Institute of International Studies/AP)
Digital tensions with Iran have risen sharply since the Trump administration backed out of an Obama-era deal to curtail that country's nuclear program.
The U.S. military has also ratcheted up its offensive hacking since then – most notably by knocking out a database used by Iranian paramilitary forces to target oil tankers and other ships in the Persian Gulf last year.
That has helped create a powder-keg atmosphere that could easily lead Iran to strike back in cyberspace. Plus, the United States has already applied extensive financial sanction on Iran, so it has few levers left to pull to prevent an attack.
“With Iran, what do they have to lose?” former NSA Chief Gen. Keith Alexander said during a panel discussion I moderated last year. "We’re going to sanction them? We already did that.”

The keys
Police in Europe arrested hundreds of drug traffickers and other criminals after cracking their encryption. 

Dutch Police Chief of the National Unit Jannine van den Berg during a news conference on the dismantling of an encrypted criminal communication network. (Sem Van Der Wal/EPA-EFE/Shutterstock)

The operation, which began in 2017, involved hacking through encryption protections on a service called EncroChat, which has since been shut down. The arrests span the United Kingdom, the Netherlands and other European nations, the New York Times’s Adam Nossiter reports.
It was as though we were sitting at the table where the criminals were chatting among themselves,” said Jannine van den Berg, chief constable of the central police unit in the Netherlands.
The arrests come amid a standoff in the United States between tech firms and the Justice Department, which says strong encryption is allowing terrorists, sexual predators and other criminals to evade law enforcement. Tech firms and cybersecurity advocates say there’s no way to give police special access to encryption without undermining security for everyone.
They've pointed to previous instances in which police have broken encryption as evidence law enforcement doesn't need a backdoor.
An apparent social media hoax drove hundreds of armed militia members to congregate in Gettysburg, Pa.

Militias and other white nationalists assembled to protect the Gettybsburg battleground from an alleged antifa threat. (Andrew Mangum for The Washington Post)

The vigilantes, who also included bikers and skinheads, were responding to a mysterious Facebook page that said antifa protesters were descending on the historical grounds to burn American flags, my colleagues Shawn Boburg and Dalton Bennett wrote. In fact, no such protest was ever planned.
The hoax appears to have been perpetrated by someone inside the United States. But it’s an example of how foreign or domestic actors can manipulate social media to crank up outrage over hot-button political conflicts.
Vigilantes have also flocked to towns in Idaho, New Jersey, South Dakota and Michigan in recent weeks in response to antifa hoaxes online.
“Let’s get together and burn flags in protest of thugs and animals in blue,” the Facebook page called Left Behind USA proclaimed in mid-June. The page wrote that the organizers would “be giving away free small flags to children to safely throw into the fire.”
Facebook and Twitter shut down the Left Behind USA pages last week. My colleagues were unable to verify the identity of the person running the accounts.
Critics are sounding alarms about a Trump ally now leading U.S. Internet freedom efforts. 

President Trump and China's President Xi Jinping. (Nicolas Asfouri/AFP/Getty Images)

Michael Pack, a conservative filmmaker who was recently confirmed to lead the United States Agency for Global Media, has cleaned out the top ranks of the Open Technology Fund since he was confirmed in June to lead the U.S. Agency for Global Media, the New York Times’s Pranshu Verma and Edward Wong report.
The Agency for Global Media oversees U.S. government-run outlets such as Voice of America in addition to the Open Technology Fund, which aims to enable free expression in repressive countries.
Pack's efforts appear to be a victory for the Chinese dissident group Falun Gong, which has been highly supportive of Trump and has also pushed his agency to invest in technology it says helps people inside China break through the communist regime’s Web censorship tools.
Critics, however, say the Falun Gong technology, called Ultrasurf, is outdated and has proven ineffective. They worry a pivot to supporting it will undermine support for more widespread and effective tools people in numerous nations use to communicate outside the view of repressive regimes such as the encrypted messaging app Signal and the anonymizing tool Tor.

Global cyberspace

Prime Minister Boris Johnson is reportedly preparing to begin removing Huawei from U.K. 5G networks this year. 

Britain's Prime Minister Boris Johnson. (Peter Nicholls/Reuters)

The move is an about-face from an earlier plan to allow the Chinese telecom to build less-sensitive portions of the nation’s next-generation networks, the Telegraph reports. It comes after new U.S. restrictions that would make it very difficult for computer chip suppliers with any U.S. business to sell to Huawei.
More international cybersecurity news:

TikTok, a popular short-video app, sought to distance itself from Beijing after India banned it and dozens of other Chinese mobile apps in retaliation for a deadly border clash last month.

Wall Street Journal

Government scan

The Senate Judiciary Committee pared back a bill that threatens encryption before unanimously approving it.

Senate Judiciary Chairman Lindsey Graham, (R-SC), and Sen. Richard Blumenthal, (D-CT), are cosponsors of the EARN IT Act. Andrew Harnik/Pool via REUTERS

Lawmakers added new language specifying that the EARN IT Act should not be used to require law enforcement backdoors into encryption. The bill aims to push tech companies to get tougher on combating the spread of online child pornography.
Here are more details from CyberScoop’s Sean Lyngaas.
More cybersecurity news from the public sector:

A Democratic U.S. senator says he has written to Attorney General William Barr outlining his concerns about potential "political interference" by the Trump administration in an investigation of a private espionage firm that targeted environmental groups in the United States.
Reuters

A lack of resources has made it hard to keep data secure.
Ars Technica

Chat room

Kanye West, who announced July Fourth he’s supposedly running for president, is going to have to raise his cybersecurity game if he wants to keep his campaign from being hacked. The Grammy-winning rapper once famously exposed his super-simple password on camera, which violates several rules of basic cyber hygiene. And he did it in the Oval Office, no less.
NBC News’s Kevin Collier:
Well there was that time he logged into his iPhone on camera and shared his simple login and everybody tweeted it and basically he tricked all of infosec twitter into violating CFAA by gleefully sharing his password
— Kevin Collier (@kevincollier) July 5, 2020
Computer accessibility pro Kevin Cleppe:
TL:DR, it's not good pic.twitter.com/XykPrcdqoV
— kevincleppe (@cleppster) July 5, 2020

Daybook

  • A House Appropriations Committee panel will debate funding for the Homeland Security Department at 9 a.m. Tuesday.
  • The House Energy and Commerce Committee will host a hearing on consumer risks during the covid-19 pandemic at noon Thursday.

Secure log off

For anyone who watched the Hamilton film over the 4th of July weekend, here's a flashback to where it all began.

Market Insider | Biggest Moves Premarket: Stocks making the biggest moves in the premarket: Becton Dickinson, Regeneron, Uber, Netflix & more

Peter Schacknow



Take a look at some of the biggest movers in the premarket:

Becton Dickinson (BDX) – The medical products maker said the Food and Drug Administration has granted emergency use authorization for its rapid Covid-19 test that can deliver results in 15 minutes. The test can be used with the company’s “BD Veritor PLUS” portable analysis system.
Dominion Energy (D) – Dominion sold its natural gas transmission and storage network to Warren Buffett’s Berkshire Hathaway (BRK.B) for $4 billion, with Berkshire also assuming $5.7 billion in debt. Separately, Dominion and Duke Energy (DUK) abandoned their $8 billion Atlantic Coast pipeline project after long legal delays caused the cost of the project to nearly double.
Uber Technologies (UBER) – Uber has agreed on a deal to buy food delivery service Postmates in a $2.65 billion stock deal, according to multiple reports. Uber had been in talks earlier this year with Grubhub (GRUB) about a possible takeover deal, but those talks were unsuccessful.
Qiagen (QGEN) – A top Qiagen shareholder told Reuters that the takeover deal agreed to by the medical products maker in March no longer makes sense unless that bid is increased substantially. Qiagen agreed to be bought by Thermo Fisher Scientific (TMO) for $11.5 billion in March, but demand for Qiagen’s coronavirus testing products has surged since then.
Fiat Chrysler (FCAU) – Fiat Chrysler may cut its planned special dividend related to its upcoming merger with Peugeot parent PSA Groupe, according to the Italian newspaper Il Sole 24. The automaker is trying to conserve cash amid the COVID-19 pandemic’s impact on global auto sales.
Regeneron Pharmaceuticals (REGN) – Regeneron said its antibody drug cocktail to treat Covid-19 is starting phase 3 trials, less than a month after the treatment began phase 1. Separately, Regeneron and partner Sanofi (SNY) said a U.S. trial involving the use of their arthritis drug Kevzara to treat Covid-19 patients failed to help those patients recover. The trial has now been halted.
Boeing (BA) – Another key test flight for Boeing’s grounded 737 Max jet could take place as soon as this week, according to The Wall Street Journal. An “operational readiness review” will be conducted involving government pilots and airline crews from around the world.
Netflix (NFLX) – Netflix had a robust library of Black content before anyone else in Hollywood, according to an article in today’s New York Times. The article said rivals of the video streaming service are now scrambling to catch up.
Spotify (SPOT) – Spotify was downgraded to “underperform” from “market perform” at Bernstein, which said that although podcasts could increase the streaming service’s market share, it will not add much to the bottom line.
Embraer (ERJ) – A union representing workers at the Brazilian jet maker filed a lawsuit seeking to dismiss the company’s board, after a $4.2 billion deal to sell the majority of Embraer’s commercial aviation unit to Boeing fell apart. The union accuses the company of acting in bad faith, while Embraer said the union’s allegations are unfounded.
Harley-Davidson (HOG) – The motorcycle maker was rated “buy” in new coverage at Citi, which notes an attractive valuation and the potential for a significant turnaround under the company’s new CEO.
Tesla (TSLA) – JMP Securities raised its price target to a Street-high $1,500 per share from $1,050, saying the automaker is positioned to generate $100 billion in annual revenue by 2025.

US Market | Futures Indicator: The Dow is set to open 400 points higher as Wall Street builds on last week's gains, airlines rise

Fred Imbert



U.S. stock futures traded sharply higher early Monday as Wall Street tried to build on the momentum from last week’s solid performance and shake off a continued rise in coronavirus cases.
Dow Jones Industrial Average futures rose 377 points, or 1.5%. The move implied an opening gain of more than 433 points. S&P 500 futures gained 1.2%. Nasdaq-100 futures gained 1.2%.
There were a few reasons for the bullish lift to start the week:
  • Stocks closely tied to an economic reopening gained in premarket trading Monday. Carnival Corp, Royal Caribbean and Norwegian Cruise Line all jumped more than 3%. American Airlines and Delta Air Lines also gained more than 3%. Shares of retailer Gap were higher as well.
  • Dealmaking also boosted sentiment. Warren Buffett made his first major deal amid the market turmoil this year, with Berkshire Hathaway buying the natural gas transmission and storage assets from Dominion Energy for about $10 billion including debt. Dominion Energy added 5% in premarket trading. Uber shares gained after reportedly agreeing to an all-stock deal for food-delivery app Postmates.
  • Chinese stocks soared, with the Shanghai Composite jumping more than 5%, as that country continued to open up following their coronavirus outbreak.
  • Stocks were building on momentum to start the second half. The Dow and S&P 500 rose 3.3% and 4%, respectively, last week and the Nasdaq advanced 4.6% in that time.The market also wrapped up last week its best quarterly performance in decades. The Dow rallied more than 17% for the second quarter while the S&P 500 jumped nearly 20% in that time period. The Nasdaq posted a gain of 30.6% for the quarter.
“The economy is doing a lot better than most of the economists think,” said Jeff Saut, chief investment strategist at Capital Wealth Planning, to CNBC’s “Squawk Box” on Monday. “We may stall here for a while into the fall, into September, October, November, but I think you’re going to get a rocket ship coming in the fall of this year...I think the S&P 500 is going to trade above 4,000.”
Sunday’s gains we’re kept in check, however, as the number of coronavirus cases kept surging globally, raising concerns about the world economy and its recovery from the pandemic.
The World Health Organization said Saturday that more than 200,000 coronavirus cases were confirmed over a 24-hour span, a record. At a regional level, the biggest spike was seen in the Americas, where nearly 130,000 new cases were confirmed.
In the U.S., Florida and Texas reported daily record spikes of 11,445 and 8,258, respectively, on Saturday. Houston Mayor Sylvester Turner said the outbreak is on pace to overwhelm the city’s hospitals in two weeks. Miami Mayor Francis Suarez told ABC this weekend: “It’s clear that the growth is exponential at this point.”
Data compiled by Johns Hopkins University showed that more than 45,000 new cases were confirmed across the U.S. on Saturday.
“We are currently experiencing a spike in Covid-19 cases, particularly in the sunbelt states that were in the vanguard of loosening social distancing restrictions to facilitate the reopening of their economies,” said Marc Chaikin, CEO of Chaikin Analytics, in a post.
“That reopening momentum has been halted by the spike in Covid-19 cases and the temptation to translate this into a bearish outlook for stocks is strong,” he added. “Fatalities have not spiked, however, but are a lagging indicator. Thus the next two weeks are critical for a number of reasons.”

Fake News | Scammers: Scammers can create fake business ads on Google 'within hours'

Rupert Jones



Fraudsters can create and post adverts for fake businesses on Google “within hours”, according to a Which? investigation.
The UK consumer organisation also said it was worryingly easy to create a fake business page on Facebook.
News of its findings comes weeks after the Advertising Standards Authority announced it was launching a UK “scam ad alert” system in partnership with platforms including Facebook and Google, “to help tackle bogus ads”.

Which? created two linked fake companies – a water brand named Remedii that “can help you lose weight [and] improve your mood”, and an online service offering “pseudo health and hydration advice” called Natural Hydration.

The consumer body said Google only required users to have a Gmail account to create adverts and that, while it did review those that were submitted, it did not verify whether the business existed or was legitimate, nor ask for proof of ID.

In less than an hour, the ads Which? created for both fake businesses were approved by Google. They racked up nearly 100,000 impressions in a month. The fake ad for Natural Hydration appeared above the official NHS Scotland pages when users searched for “hydration advice”.
Which? said that although Facebook had restrictions relating to adverts that could cause harm, it had still uncovered problems. Using a personal Facebook account that required only an email address or mobile number to set up, Which? created a business page for Natural Hydration and produced a range of posts with “pseudo health advice” to promote it. Which? paid Facebook to promote the page, which notched up 500 likes in a week.

A Google spokesperson said protecting consumers and credible businesses was its top priority. They said: “We have strict advertising policies in place to protect consumers and prohibit ads that intentionally mislead users or fail to deliver on the promoted product or service.
“When we become aware of ads that violate our policies, we take action. We are also constantly evaluating our policies and enforcement systems to continue to improve, and have recently introduced a new programme to verify each advertiser’s identity in order for them to serve ads on our platforms.”

Google said it removed 2.7bn ads from its platforms in 2019.
Facebook told Which? the Facebook page that was set up did not violate its community standards. It said: “We remove harmful misinformation that could contribute to physical harm, such as false health claims, and have strict policies against deceptive advertising and scams.”

A Facebook spokesperson said it had various processes in place to deal with scams but none of the ads contained any harmful content and no attempts were made to sell any products via the Facebook page. This meant the page did not test these processes.

News | Banks | UK Banks | Covid-19 Defaulting Loans Code of Conduct Prepared by Banks: UK banks prepare code of conduct on defaulting of Covid-19 business loans: UK banks prepare code of conduct on defaulting of Covid-19 business loans

Kalyeena Makortoff



UK banks are preparing a code of conduct for pursuing businesses that default on taxpayer-backed coronavirus loans, amid industry estimates that up to eight out of 10 borrowers could fail to repay in full.
The Guardian understands that the industry lobby group UK Finance and the state-owned British Business Bank have kicked off talks with commercial lenders in an effort to set industry-wide debt collection standards well ahead of repayments falling due.
Loans granted under the coronavirus business interruption loan scheme (CBILS) and bounce-back loan scheme (BBLS) for small and medium-sized businesses have a 12-month repayment-free period, and on the first batch this will run out in the spring of 2021.
Discussions about what happens on defaulted loans then are understood to be in the early stages. However, one banking executive said the industry-wide “code of conduct” around collections would likely result in a “lighter-touch approach” than some banks might be used to with run-of-the-mill commercial loans. Each bank usually has its own policy of what to do in the event of a default.
“That’s really important so that customers get fair treatment and equal treatment. If they have a bounce-back loan with Barclays or HSBC, it doesn’t feel more heavy-handed in one place or another – it’s agreed,” they said.
The BBLS comes with a 100% government guarantee, which means the state will cover a bank’s losses if a customer defaults on their loan. The CBILS, meanwhile, comes with a 80% guarantee, meaning banks will be left to shoulder 20% of potential losses. However, banks are expected to try to recover the full amount before accessing the guarantee. How aggressively they will pursue those debts is at the centre of the discussions.
Industry estimates suggest that anywhere between 40% to 80% of businesses could default on their bounce-back loans, the banking executive said. A portion of that will be down to fraudulent applications, which are believed to account for about 10% to 15% of total BBLS, they added.
A City taskforce warned last month that £36bn worth of government-backed loans could turn toxic by next year, as companies struggle to repay growing debts during the Covid-19 crisis.
Government data released earlier this week showed that banks had approved more than 1m loans worth £42.9bn as of 28 June, including £11bn worth of CBILS and £29.5bn of BBLS. Most BBLS borrowers are small business owners or sole traders that have never taken out a commercial loan.
There is currently no deadline to set a debt collections standard, but one high street banking source said the “the decisions need to be in place fairly quickly. Conversations have started, but we need to get to a point where we know what position we’re in.”
Bankers are desperate to protect their reputations after scandals such as that which engulfed Royal Bank of Scotland’s Global Restructuring Group (GRG), which was accused of “systemic and widespread” mistreatment of SMEs between 2008 and 2013.
“Banks want to make sure that they honour the guarantees offered by the government in the long run, too. They don’t want to do anything that puts that in jeopardy,” the banking executive said. Losing access to government guarantees could leave banks nursing billions of pounds’ worth of losses when companies default.

UK Finance and the British Business Bank – which manages the state-guaranteed loan schemes – are holding a series of meetings with different groups of banks, which will continue over the coming weeks, another source with knowledge of the talks confirmed.
A British Business Bank spokesperson said: “The British Business Bank has regular meetings with lenders, UK Finance, HM Treasury and others to discuss the operation of the government’s Covid-19 response to loan guarantee schemes. Among other topics discussed is the need to treat customers fairly should collection of debts be required in the future.”