“You know what your problem is, kid? Too much Internet and not enough legwork. A Crime reporter is made in the street. How many times have you hidden behind a tree to watch something…Called a witness to a crime or a victim’s relation posing as Chief Inspector Bloggins?…Get out in the street, learn to assimilate: you have to be the thief, the murderer, the victim, the accomplice, whatever it takes to be inside their heads.”—Jaime Brena, veteran reporter, to “the Crime boy,” new recruit.
~Bathroom Quote
December 2013 in the village of Sâmbăteni, Romania. The air is dull and frosty as Marcel Lazăr Lehel walks out of his mud-brick house, carrying a cheap brand laptop and a mobile phone, and goes to the back garden. Exhaling steam, he places the devices on the ground, picks up his axe and begins to chop with hard, steady blows. Thunk-crunch, thunk-crunch, thunk-crunch.
Lehel gathers the shards of plastic and metal together and dumps them into a metal cauldron, before lighting the whole thing on fire. He looks with apparent unease at the charred remains of his hacking utensils and, putting out the flames, he returns to the house. The foul-smelling pile is still smoking behind him. Lehel (spelled backwards - 2015 Story), a 42-year-old unemployed Romanian citizen with a wife and ten year-old daughter, is better known to the world as the notorious black hat hacker “Guccifer.” Known online as 'Guccifer,' Marcel Lehel, 42, lost his legal case in his home country after Romania's top court of appeal sanctioned a request by the U.S. to extradite him. Romanian hacker 'Guccifer' who released some of Hillary Clinton's private emails and George Bush's family photos to be extradited to US
"Secrecy rules for Supreme Court nominees: 'I felt like a spy.'" Kevin Liptak of CNN.com has this report.
China has expressed concerns over United States' discussions with Australia to deploy long-range B-1 bombers to the NT Liberation Army of China
A short story collection by an anonymous North Korean author was smuggled out of the country and will be published in English next year.
~Bathroom Quote
December 2013 in the village of Sâmbăteni, Romania. The air is dull and frosty as Marcel Lazăr Lehel walks out of his mud-brick house, carrying a cheap brand laptop and a mobile phone, and goes to the back garden. Exhaling steam, he places the devices on the ground, picks up his axe and begins to chop with hard, steady blows. Thunk-crunch, thunk-crunch, thunk-crunch.
Lehel gathers the shards of plastic and metal together and dumps them into a metal cauldron, before lighting the whole thing on fire. He looks with apparent unease at the charred remains of his hacking utensils and, putting out the flames, he returns to the house. The foul-smelling pile is still smoking behind him. Lehel (spelled backwards - 2015 Story), a 42-year-old unemployed Romanian citizen with a wife and ten year-old daughter, is better known to the world as the notorious black hat hacker “Guccifer.” Known online as 'Guccifer,' Marcel Lehel, 42, lost his legal case in his home country after Romania's top court of appeal sanctioned a request by the U.S. to extradite him. Romanian hacker 'Guccifer' who released some of Hillary Clinton's private emails and George Bush's family photos to be extradited to US
"Secrecy rules for Supreme Court nominees: 'I felt like a spy.'" Kevin Liptak of CNN.com has this report.
China has expressed concerns over United States' discussions with Australia to deploy long-range B-1 bombers to the NT Liberation Army of China
A short story collection by an anonymous North Korean author was smuggled out of the country and will be published in English next year.
We must here return for a moment to the position which
precedes the suppression of democratic institutions and the creation of a
totalitarian regime. In this stage it is the general demand for quick
and determined government action that is the dominating element in the
situation, dissatisfaction with the slow and cumbersome course of
democratic procedure which makes action for action’s sake the goal. It
is then the man or the party who seems strong and resolute enough “to
get things done” who exercises the greatest appeal. “Strong” in this
sense means not merely a numerical majority – it is the ineffectiveness
of parliamentary majorities with which people are dissatisfied. What
they will seek is somebody with such solid support as to inspire
confidence that he can carry out whatever he wants.
~ Friedrich von Hayek, The Road To Serfdom, chapter Ten, “Why the Worst Get On Top.” More: Aesop on the Frogs Who Wanted a King, at Cato.
What story is for... Offering insight into humanity that cannot be replicated by psychology, sociology, or any of the social sciences Cold River Lessons
“Whatever people say about the General today, I can only testify that he was a sincere man who believed in everything he said, even if it was a lie, which makes him not so different from most.”
PwC and London Business, School research
June 2015. A get‑tough approach to
poor performance in financial services is creating a climate of fear. And that
risks breeding more unethical conduct, not less – exactly the opposite of what
regulators, businesses and the public want.
The
big data dilemma
UK House of Commons Science and Technology Committee, Feb 2016. Raised a number of issues including, privacy, security and skillsets.
UK House of Commons Science and Technology Committee, Feb 2016. Raised a number of issues including, privacy, security and skillsets.
Illuminated with
etched light, these business cards are almost too lovely to hand out
CBS
March 2,
2016
Are
companies prepared to handle the increasingly prevalent risk from hackers? A
new survey shows many security professionals aren't as confident as they used
to be. According to the survey, 2015 saw a sharp 12-point dip -- from 87 to 75
percent -- in the percentage of security professionals who said they were
confident in their team's ability to pinpoint and respond to cybersecurity
"incidents."
Narelle
Lovett, A/G Chief Information Officer for the Australian Crime Commission, on
IT collaboration and consolidation
The Australian Crime Commission is currently working toward a merger with CrimTrac and the Australian Institute of Criminology (AIC). A lot of this work relates to an internal program of work called Information Data Exploitation Program (IDEP).
The Australian Crime Commission is currently working toward a merger with CrimTrac and the Australian Institute of Criminology (AIC). A lot of this work relates to an internal program of work called Information Data Exploitation Program (IDEP).
Following up on my previous post, Senate Finance Committee Urges Treasury To Use Section 891 To Combat EU Investigations Of American Companies: Itai Grinberg (Georgetown), A Constructive U.S. Counter to EU State Aid Cases, 81 Tax Notes Int'l 167 (Jan. 11, 2016):
U.S.
Treasury officials and members of Congress from both parties have
expressed concern that the European Commission’s current state aid
investigations are disproportionately targeting U.S.-based multinational
enterprises. At the same time, a Treasury official recently suggested
in congressional testimony that there are limits to what Treasury can do
beyond strongly expressing its concerns to the commission. In that
testimony, Treasury’s representative hinted at two specific pressure
points: whether the state aid investigations could undermine U.S. tax
treaties with EU member states; and whether any assessments paid by the
foreign subsidiaries of U.S. MNEs as a result of state aid
investigations would be creditable for U.S. income tax purposes.
PwC
Global Economic Crime Survey 2016: “More than one in three
organisations (36%) experienced economic crime in the last two years, with
cybercrime affecting almost a third (32%), the highest ever level in PwC’s
biennial survey of Global Economic Crime. The PwC Global Economic Crime Survey 2016 interviewed
over 6000 participants in 115 countries. Despite the marginal decline in
economic crime reported overall, the financial cost of each fraud is on the
rise. 14% of respondents experienced losses of more than $1m in the last two
years.
·
Overall rates: The overall rate of economic crime reported has
fallen for the first year since the financial crisis, but only marginally – to
36% from 37% in 2014. Regionally, lower levels of economic crime are reported
in North America (37% vs 41%), Eastern Europe (33% vs 39%), Asia Pacific (30%
vs 32%) and Latin America (28% vs 35%). It rose in Africa (57% vs 50%), Western
Europe (40% vs 35%) and the Middle East (25% vs 21%).
·
Most common
economic crimes: Asset
misappropriation (64%), cybercrime (32%), and bribery and corruption (24%).
·
Highest
increases: 68% of French and 55% of
UK respondents reported economic crimes in the past 24 months, up 25% when
compared to 2014. 61% of Zambian respondents reported economic crime, up 31%
over 2014.
Industry sector
impacts: Financial Services
reported the most economic crimes over the two year period, followed by
government and state owned enterprises, and retail and consumer industries.
Aerospace & Defence was the biggest riser in the period at 9%. Specific
crimes are affecting different industries, with Transportation & Logistics
for example experiencing a 16% increase in Bribery & Corruption.
·
Cybercrime: Incidents reported were up 8% to 32% and over half
(53%) of respondents perceived an increased risk of cyber threats over the last
24 months. 34% believe it is likely that their organisations will experience
cybercrime in the next 24 months. Despite big financial losses reported
linked to cybercrime, respondents reported the greatest impact to their
organisations coming from damage to their reputation and legal, investment and
enforcement costs.
·
Response to
cybercrime: Only 37% of respondents
reported having a fully operational incident response plan in place. Almost a
third have no plan at all, with 14% of respondents not even intending to
implement one. 45% of respondents do not believe that their local law
enforcement agencies have the required skills and resources to combat
cybercrime…”
BBC
February 28, 2016
February 28, 2016
Hackers
supporting the Islamic State group launched an attack on a small solar energy
company in Sussex with just 11 members of staff. The so-called Caliphate Cyber
Army (CCA) said it took down the Solar UK site in revenge for a drone strike
which killed Junaid Hussain, a British hacker in Syria. It later released a
video which boasted of its attack on the firm. Duncan Lee, a founder of Solar
UK, said the attack was "ridiculous". "I'm not expecting masked
gunmen to appear on my doorstep at any point soon," he said.
Birmingham-born Junaid Hussain was described as a "top cyber
jihadist" and played a key role in radicalising and recruiting others to
plan attacks. He was married to former punk musician Sally Jones from Chatham
in Kent, who remains at large in Syria. The initial cyber attack on Solar UK
happened at the end of January, when the company discovered its website was
down and replaced with CCA material. Mr Lee said: "We just thought, 'ah
well, we've been hacked, fair enough'. We didn't know we were on a video at
that stage."
CNBC
March 2, 2016
March 2, 2016
Hackers are
selling their services to take down websites on the internet for significantly
less than the minimum wage they would get if they had regular jobs. The attacks
carried out by the hackers are known as a distributed denial of service (DDoS)
and occur when a website is overloaded with traffic, causing it to crash. DDoS
attacks are not particularly sophisticated. The idea of selling such a service
online is not new, but cybersecurity company Arbor Networks, managed to track a
hacker known as "Forceful" down and get an insight into how it works,
and more importantly how much the person is earning from their services. In the
case of Forceful, the hacker posted an advertisement on a Russian-language
forum online, listing prices and contact information. People can then use
secure messaging apps to get in touch and negotiate the logistics. There's
little information on how much this kind of service sells for currently but
Arbor tracked down one offering. Starting on August 8, 2015 at around 08:47 in
the morning, an attack was launched by Forceful on a website, and it lasted for
two days and about 21 hours. Forceful charges $60 per day, which is $2.50 an
hour. Arbor worked out this attack cost just $172.50.
How Hackers Recruit New Talent
Money Laundering and the City of London's "Crime Scene": Haven of Tax Havens for the Mega-Wealthy
Samsung in the UK and Ireland: where’s the outrage?
Foreign companies will be forced to disclose ownership before buying English property
Money Laundering and the City of London's "Crime Scene": Haven of Tax Havens for the Mega-Wealthy
Samsung in the UK and Ireland: where’s the outrage?
Foreign companies will be forced to disclose ownership before buying English property
The
Atlantic
March 2, 2016
March 2, 2016
Sick of
trawling through endless job boards and firing off résumés into the black?
Thinking about turning to a life of crime, just to avoid having to put on a nice
shirt and a forced smile for another interview? A career as a criminal hacker
may not be the best place to escape the job-search tedium, according to new
research from the cybersecurity firm Digital Shadows. Looking at about 100
million websites on both the surface Web and Dark Web, the researchers found
that the process hackers use to recruit new hires mirrors the one most
job-seekers are used to. (The interview, for example isn’t gone—it just might
involve some anonymizing technology.) Just like in any other industry, hackers
looking for fresh talent start by exploring their network, says Rick Holland,
the vice president of strategy at Digital Shadows. “Reputation is really,
really key,” Holland says, so a candidate who comes highly recommended from a
trusted peer is off to a great start.
AP
March 4,
2016
Students from MIT and Britain's University of Cambridge will spend the
weekend hacking one another's computers, with the blessing of their national
leaders. The two schools are competing in a hacking contest that U.S. President
Barack Obama and British Prime Minister David Cameron announced last year among
other joint cybersecurity projects between the two nations. The White House
billed it as a showdown between the two prestigious schools, both known as
heavyweights in the world of computer science. But the colleges opted to make
it a friendlier match. Instead of facing off against each other, the schools
assigned their top hackers to six teams made up of students from both
institutions.
Wired Mach 3,
2016
It was 3:30
p.m. last December 23, and residents of the Ivano-Frankivsk region of Western
Ukraine were preparing to end their workday and head home through the cold
winter streets. Inside the Prykarpattyaoblenergo control center, which
distributes power to the region’s residents, operators too were nearing the end
of their shift. But just as one worker was organizing papers at his desk that
day, the cursor on his computer suddenly skittered across the screen of its own
accord. He watched as it navigated purposefully toward buttons controlling the
circuit breakers at a substation in the region and then clicked on a box to
open the breakers and take the substation offline. A dialogue window popped up
on screen asking to confirm the action, and the operator stared dumbfounded as
the cursor glided to the box and clicked to affirm. Somewhere in a region
outside the city he knew that thousands of residents had just lost their lights
and heaters.
AP
March 3,
2016
It's a
chilling moment when a small business owner discovers hackers have stolen
thousands of dollars from the company checking account. Cybercriminals took an
average $32,000 from small business accounts, according to a December survey of
owners by the advocacy group National Small Business Association. And
businesses don't have the same legal protection from bank account fraud
consumers have. The Electronic Funds Transfer Act, passed in 1978, states that
it's intended to protect individual consumers from bank account theft, but
makes no mention of businesses. Whether a business is protected depends on the
agreement it signs with a bank, says Doug Johnson, a senior vice president with
the American Bankers Association, an industry group. If the business hasn't
complied with any security measures required by the agreement, it could be
liable for the stolen money, he says. Any business is vulnerable, but small
companies are less likely to have security departments and procedures to guard
against online theft than big corporations do. They also don't have big revenue
streams that are better able to absorb losses from a theft. And even if they
get the money back, they still have to spend time and money dealing with the
hassles of closing accounts and opening new ones.
Krebs on
Security
March 2,
2016
A number of
credit unions say they have experienced an unusually high level of debit card
fraud from the breach at nationwide fast food chain Wendy’s, and that the
losses so far eclipse those that came in the wake of huge card breaches at
Target and Home Depot. As first noted in January, Wendy’s is investigating a
pattern of unusual card activity at some stores. In a preliminary 2015 annual
report, Wendy’s confirmed that malware designed to steal card data was found on
some systems. The company says it doesn’t yet know the extent of the breach or
how many customers may have been impacted. According to B. Dan Berger, CEO at
the National Association of Federal Credit Unions, many credit unions saw a
huge increase in debit card fraud in the few weeks before the Wendy’s breach
became public. He said much of that fraud activity was later tied to customers
who’d patronized Wendy’s locations less than a month prior. “This is what we’ve
heard from three different credit union CEOs in Ohio now: It’s more
concentrated and the amounts hitting compromised debit accounts is much higher
that what they were hit with after Home Depot or Target,” Berger said. “It
seems to have been been [the work of] a sophisticated group, in terms of the
timing and the accounts they targeted. They were targeting and draining debit
accounts with lots of money in them.”
The relationship between the head of the Independent Commission Against Corruption and its inspector is dysfunctional, says the chairman of the parliamentary oversight committee of the anti-corruption body. ICAC
The relationship between the head of the Independent Commission Against Corruption and its inspector is dysfunctional, says the chairman of the parliamentary oversight committee of the anti-corruption body. ICAC
