Tag Archive for: trillion

$1.5 trillion omnibus bill leaves the House with provisions targeting ransomware and China’s digital yuan

/in


advertisement

A long-delayed appropriations bill for 2022 has passed in the House of Representatives and is heading for the Senate as of March 9.

Included in the bill’s 2,741 pages of legislation are several provisions aiming at China’s central bank digital currency, or CBDC, as well as new requirements for ransomware reporting.

One section calls for the President to produce a report on the Chinese digital yuan, particularly the “short-, medium-, and long-term national security risks” that it poses. The risks the report would emphasize are transactional surveillance, illicit financing, and economic coercion from China.

Several US senators introduced a bill calling for similar reporting on Wednesday. 

The appropriations package also introduces mandatory reporting of ransomware payments by critical infrastructure to the Cybersecurity and Infrastructure Security Agency within 24 hours of making such a payment. 

The new reporting requirements for ransomware attacks became a major topic of policymaking discussions in 2021, after ransomware attacks crippled the Colonial Pipeline and JBS meatpacking. Ransomware subsequently became a centerpiece of President Joseph Biden’s foreign policy. 

Some of the ransomware policy’s “whole-of-government” language would make its way into Biden’s executive order on crypto that the White House released yesterday. 

Trending Stories

Source…

Ransomware attack took down R2 trillion investment company for five days

/in


Curo Fund Services is investigating the cause behind the ransomware attack it suffered last week, according to a report from the Sunday Times.

The investment administration provider was unable to access its systems for five days as a result of the attack.

Curo has around R2 trillion in assets under its management. While the money was not at risk, the outage prevented Curo’s financial service provider clients from processing investment-related instructions or offering other services.

Its asset management clients include Old Mutual, Sanlam Investments, and Futuregrowth Assets.

Futuregrowth Assets halted all trading to protect its clients from potential exposure until Curo resolved the crisis five days later.

“Curo forms part of the core value chain within our trade cycle, investment administration, NAV pricing and reporting,” the Sunday Times quoted Futuregrowth Assets as saying.

“Our clients’ investments were safe, but our client flows were impacted, and our ability to report on daily valuations to clients were suspended during this period.”

Futuregrowth has R186 billion in assets under Curo’s management and said that none of its clients’ data or investments were compromised.

Old Mutual has assets worth R1.3 trillion under Curo’s management.

“During this period, the outage affected Curo’s ability to provide us with prices for some of our Old Mutual Unit Trust portfolios,” Old Mutual said.

“We are in the process of applying the updated prices to those portfolios, for those customers who transacted.”

“No individual customer data or investments were compromised as personal client data resides on Old Mutual systems and is not shared with Curo,” it added.

The attack is believed to have occurred on 19 January, and Curo regained full access to its systems the following Monday, 24 January.

The investment administration provider has launched an investigation “to establish the origin, nature and scope of this incident so as to assess any data breaches”.

“We have already implemented additional security measures to protect against further unauthorised access, and we will continue monitoring for any suspicious activity,” the company said.

“Based on…

Source…

The Cybersecurity 202: Global losses from cybercrime skyrocketed to nearly $1 trillion in 2020, new report finds

/in


The report underscores the growing dangers that ransomware attacks by foreign criminal enterprises posed to American industries. Lawmakers have been deeply concerned about the impact of such attacks, including on the financial and health-care sectors, in the pandemic. 

The coronavirus inspired an unprecedented number of online scams preying on the fears of both consumers and businesses – and a mass migration of employees to remote work created a perfect storm. 

When workers move to home environments, they are essentially becoming their own I.T. support, said Steve Grobman, senior vice president and chief technology officer at McAfee. It’s really about understanding that this is a different environment and building a security strategy to effectively defend it.

This is their fourth such report on global cybercrime. It “surveyed publicly available information on national losses, and, in a few cases, we used data from not-for-attribution interviews with cybersecurity officials,” the report said. 

The increase in cybercrime stems in part from the dramatic shift in the threat landscape in just the past two years, said Grobman, as hackers move from targeting specific machines or users to whole organizations, using human operators to make the attacks even more effective.

The reason that is so costly to organizations is it’s much more difficult to investigate and recover when an organization doesn’t necessarily know the full scope of a cyberattack and therefore has to do a much more in-depth investigation, he says. Global spending on cybersecurity is expected to exceed $145 billion in 2020, researchers note. 

Not all cyberattacks are successful at stealing money. But they can still have devastating impact. 

The average ransomware attack knocks a company’s systems offline for 18 hours more than enough time to have serious consequences for productivity. 

Most of the incidents are not always successful in the sense of getting money out, but they’re successful in the sense of disrupting operations, disrupting networks, says the CSIS’s James Lewis, who directed the report. It’s not just your monetary losses in the sense of, you know, ‘they took this cash…

Source…

Cybercrime To Cost The World $10.5 Trillion Annually By 2025

/in


SAUSALITO, Calif., Nov. 13, 2020 /PRNewswire/ — Cybersecurity Ventures predicts global cybercrime costs will grow by 15 percent per year over the next five years, reaching $10.5 trillion USD annually by 2025, up from $3 trillion USD in 2015.

This represents the greatest transfer of economic wealth in history, risks the incentives for innovation and investment, is exponentially larger than the damage inflicted from natural disasters in a year, and will be more profitable than the global trade of all major illegal drugs combined.

“Cybercrime costs include damage and destruction of data, stolen money, lost productivity, theft of intellectual property, theft of personal and financial data, embezzlement, fraud, post-attack disruption to the normal course of business, forensic investigation, restoration and deletion of hacked data and systems, and reputational harm,” says Steve Morgan, founder of Cybersecurity Ventures and editor-in-chief at Cybercrime Magazine.

“Cybercriminals know they can hold businesses — and our economy — hostage through breaches, ransomware, denial of service attacks and more. This is cyberwarfare, and we need to shift our mindset around cybersecurity in order to protect against it,” says Jack B. Blount, President and CEO at INTRUSION, Inc.

Organized cybercrime entities are joining forces, and their likelihood of detection and prosecution is estimated to be as low as 0.05 percent in the U.S., according to the World Economic Forum’s 2020 Global Risk Report.

“Every American organization — in the public and private sector — has been or will be hacked, is infected with malware, and is a target of hostile nation-state cyber intruders,” adds Blount, who is also the former CIO at the United States Department of Agriculture (USDA).

Blount’s assertion is backed up by some of the nation’s top cyberwarfare and cybersecurity experts, and Fortune 500 chief information security officers, in a roundtable discussion which recently aired on the Cybercrime Radio podcast channel.

Cybersecurity Ventures and INTRUSION, Inc. have partnered on a series of initiatives aimed at providing thought leadership and guidance to CISOs and cybersecurity teams in the U.S. and…

Source…