October 11, 2017
Malware-Wielding Hackers Hit Taiwanese Bank – Sri Lanka and Taiwan
Police in Sri Lanka have arrested two men in connection with the theft of tens of millions of dollars from a bank in Taiwan as part of a heist that reportedly involved malware being used to generate fraudulent SWIFT money-moving messages. Almost $60 million was stolen from Far Eastern International Bank in Taiwan last week, with funds being routed to accounts in Cambodia, Sri Lanka and the United States, Taiwanese state-owned news agency Central News Agency reports. The bank reportedly detected the suspicious transactions Tuesday and has been able to recover much of the stolen funds with the help of its banking counterparts in other countries, with only $500,000 remaining outstanding. Some of the stolen funds were routed to Sri Lanka, officials say. "We are looking at some $1.3 million that had come into three accounts in Sri Lanka," one official involved with the investigation told AFP, speaking on condition of anonymity.
North Korean Hackers May Have Stolen Secret US-South Korean War Plans – North Korea, South Korea and The United States
South Korean lawmaker Lee Cheol-hee said that North Korean hackers have stolen classified military documents, including the US and South Korea's most current war plans and plans to kill Kim Jong Un, the Financial Times reports. Lee said that defense officials revealed to him that 235 gigabytes of data had been stolen, 80% of which has yet to be identified. But Lee said the theft included Operational Plan 5015, the US and South Korea's current plan for war with North Korea. The news follows a May announcement from South Korea's defense ministry saying its military network had been breached. “This is a total failure of management and monitoring [of classified information],” Shin Jong-woo, a researcher at the Korea Defense and Security Forum told the Financial Times of the hacks. The US and North Korea have been engaged in a secretive cyber war for some time, with the US reportedly conducting a large-scale attack against Pyongyang in early October on the instruction of President Donald Trump.
Postal Service’s IT Not Fully Protected From Insider Threats – United States
An inspector general’s report says the U.S. Postal Service has not fully implemented a federally mandated program designed to protect its computer systems from insider attacks. The partially-redacted report examines the agency’s efforts to secure information deemed important to national security from potential misuse by employees, contractors or others with access to its network. Federal agencies possessing national security information are mandated by October 2011’s Executive Order 13587 and the National Insider Threat Policy to establish security programs to protect that data with formal programs that include “organization-wide participation, standard operating procedures, and insider threat training and awareness.” The report does not detail the nature of the national security information on the USPS network, but it says that the agency is not the originator of the information and only “a limited number of employees” have access to national security systems with electronic and hard-copy information. The executive order requires any agency with access to national security information have a formal insider threat program, with a framework and minimum standards laid out in the National Insider Threat Policy. The agency’s U.S. Postal Inspection Service is charged with maintaining the insider threat program, while coordinating with the agency’s chief information security officer on cybersecurity and information access protections.
FOR MORE INFORMATION:
To sign up for the complete daily G4S Corporate Risk Services Intelligence Bulletin, as well as regular intelligence and risk updates and news, click here to subscribe!