Archive for Samarth Mishra

International Sting Operation Cracks Down Encryption Criminal Groups

In an international sting operation targeting drug suppliers led to an arrest of a man. The suspect's face was blurred by the Australian Federal Police on privacy matters. The criminals while dealing with drug smuggling and money laundering, texted with each other, they were pretty confident that they'd not get caught because of a special encrypted platform the criminals were using for communication. However, the was only one issue with the group, that all these texts, which were in millions, were being tapped by the FBI. 

As a matter of fact, the FBI had sent these Anom devices to the black market. Operation Trojan Shield has these details and allegations revolving around it. It is an international operation led by the FBI which has resulted in more than 800 arrests. NPR says "the document includes transcripts of smugglers' conversations in which they name their prices and handling fees and describe their methods. Many of them also sent snapshots to each other, showing packages of cocaine and other drugs. They discussed strategies, from adding drugs to diplomatic pouches to filling pineapples and tuna cans with cocaine." 

Law enforcement agencies captured around 8 tonnes of cocaine, around 22 tonnes of cannabis, and several other drugs (in tonnes). Besides this, authorities have seized "55 luxury vehicles and over $48 million in various worldwide currencies and cryptocurrencies," says Interpol, a European law enforcement agency. As per the FBI, the agencies worked together to provide these criminal organization that operates all over the world more than 12,000 devices. Europol says it has been one of the largest and sophisticated crackdown operations on encryption criminal activities to date. Using Anom, FBI, and Europol around 300 Transnational Criminal Organizations (TCO). 

These include Italian organized crime group Outlaw Motorcycle gangs and other narcotics source (international), distribution systems, and transportation. "Law enforcement agencies were in a unique position to help the new Anom device find its market. In recent years, they've taken down three similar networks — Phantom Secure, EncroChat and, earlier this year, Sky Global — boosting criminals' demand for a new alternative," said NPR.

Navistar International Corporation Hit by Cyberattack

Navistar International Corporation, a maker of United States trucks and military vehicles confirmed that it was hit by a cyberattack recently which resulted in data theft. In form 8-K filing with SEC (Security and Exchange Commission) this Monday, the company said that the company came to know about an attack on its IT systems on May 20, 2021. Navistar took immediate actions to limit the impact of the cyberattack and has launched an investigation with various cybersecurity and foreign agencies. Due to the attack, Navistar has strengthened its cybersecurity infrastructure and data protection, saying all of its systems are fully functional. 


On May 31, the company got a mail saying it was hit by a cyberattack and some data had been stolen.  As of now, the company is enquiring about and finding the impact of the attack. It has already called law enforcement agencies for help. Navistar didn't disclose any technical details about the attack but it might be a possibility that it was a ransomware attack. The claim is based on the recent rise of ransomware incidents in the US. In all these incidents, major US organizations were attacked and crucial data was stolen. Navistar was established in 1986, it makes trucks, diesel engines, and buses. 

Besides this, the Navistar Defense subsidiary makes military automobiles. After the attack that made US Colonial Pipeline to close its operations and distribution systems at the start of May, JBS USA, the world's largest meat processing company of US subsidiary also announced recently that it had closed down its plants in America and Australia.  Besides this, recently, Steamship Authority, the largest ferry service to the Massachusetts Islands of Martha’s Vineyard and Nantucket from Cape Cod, was hit by a cyberattack of a similar kind. 

At the start of this year, Molson Coors Beverage company was also hit by a ransomware attack. "White House this week urged corporate executives and business leaders to take the appropriate measures to protect their organizations against ransomware attacks. The  memo, signed by Anne Neuberger, deputy national security advisor for cyber and emerging technology, mentions the recent increase in the number of ransomware incidents, as well as the Biden administration’s response to such attacks targeting government and private sector organizations," reports Security Wee

Identity Verification Platform Troolio Closes a $394 Million Deal

Id verification online platform Trulioo lands a $394 Million series  D round of funding at a $1.75 Billion valuation after the Covid-19 pandemic compelled business across multiple platforms to adapt to digital transformations. Due to most of the work done online in the past year, the need for digital signatures also increased. Organizations had to change to platforms that could let them verify user identities. The task has become particularly important in the financial services sector which is highly regulated. 

Venture Beat says "Trulioo had previously raised around $81 million, and with its latest $394 million cash injection, which was led by growth equity firm TCV, the company is well-financed to capitalize on the burgeoning identity verification needs of businesses across industries." Vancouver, a Canada-based company was established in 2011. The company offers verification tools that the organizations use to verify their customer identity of online users, it may include general id verification data that sees user's data against third-party sources, like government databases, mobile carriers, or credit bureau. 

Troolio says it helps organizations authenticate and verify online customers to allow easy and safe online onboarding that is according to compliance requirements. Besides this, the company offers 'document verification' that lets organizations cross-check used document information with myriad databases and data operators across the globe. For instance, if a bank wants to admit a new customer by remotely checking their identification, it can do it with the help of Trulioo.  In the present scenario, the biggest issue that companies have to face is that different countries have a unique set of rules and laws, and the documents also change from country to country. 

To counter this, Trulioo's API feature helps gives companies a global Id verification system via a direct artery.  "Online fraud is growing at alarming rates, and the regulatory environment is changing constantly. Anyone who has a stake in onboarding users and transacting online needs to be both incredibly strategic and judicious about how they approach identity verification, as bad actors continue to grow more and more sophisticated," says Zac Cohen, Chief Operating Officer, Trulioo.    

Hackers Target American Retail Businesses, FINRA Scolds Brokerage Firms

 

Besides the American corporations facing threats from overwhelming cyberattacks, American retail businesses are also struggling to fight against the rise of hackers hacking into their accounts and investments. FINRA (Financial Industry Regulatory Authority), the market's self-regulatory body, in a recent notice said that it received several complaints related to customer accounts being hacked. The incident involved attackers using stolen customer information like login credentials to hack into online customers' brokerage accounts. 

According to Market Watch "Ari Jacoby, chief executive and co-founder of cybersecurity firm Deduce, backed up this statement with data showing that account-takeover fraud increased by roughly 250% from 2019 to 2020. He told Security.org that account-takeover prevention is a $15 billion market that is “growing significantly year-over-year.“ FINRA finds two factors that might be responsible for the surge in account takeover incidents. 

First is an increase in the use of online services and brokerage apps, that allows hackers to break into user accounts using login I'd and passwords that they buy from Darkweb. It becomes very easy for hackers to find the login credentials of the customers as many users use the same password combinations for multiple accounts. The second aspect is the Covid-19 factor. "Customer account-takeovers have been a recurring issue, but reports to FINRA about such attacks have increased as more firms offer online accounts, and as more investors conduct transactions in these accounts. In part due to the proliferation of mobile devices and applications and the reduced accessibility of firm’s physical locations due to the COVID-19 pandemic," reports FINRA. 

The Security and Exchange Commission is also keeping an eye on this incident and is pressing hard on brokerage firms for not keeping a check on suspicious activities. Market Watch says "But most individual investors don’t have to wait for the SEC or FINRA to come to their rescue, because this sort of criminal activity is largely enabled by a lack of vigilance on the part of victims, including requesting that their broker send them suspicious login alerts and using two-factor authentication, according to Jacoby."

Hackers Target American Retail Businesses, FINRA Scolds Brokerage Firms

 

Besides the American corporations facing threats from overwhelming cyberattacks, American retail businesses are also struggling to fight against the rise of hackers hacking into their accounts and investments. FINRA (Financial Industry Regulatory Authority), the market's self-regulatory body, in a recent notice said that it received several complaints related to customer accounts being hacked. The incident involved attackers using stolen customer information like login credentials to hack into online customers' brokerage accounts. 

According to Market Watch "Ari Jacoby, chief executive and co-founder of cybersecurity firm Deduce, backed up this statement with data showing that account-takeover fraud increased by roughly 250% from 2019 to 2020. He told Security.org that account-takeover prevention is a $15 billion market that is “growing significantly year-over-year.“ FINRA finds two factors that might be responsible for the surge in account takeover incidents. 

First is an increase in the use of online services and brokerage apps, that allows hackers to break into user accounts using login I'd and passwords that they buy from Darkweb. It becomes very easy for hackers to find the login credentials of the customers as many users use the same password combinations for multiple accounts. The second aspect is the Covid-19 factor. "Customer account-takeovers have been a recurring issue, but reports to FINRA about such attacks have increased as more firms offer online accounts, and as more investors conduct transactions in these accounts. In part due to the proliferation of mobile devices and applications and the reduced accessibility of firm’s physical locations due to the COVID-19 pandemic," reports FINRA. 

The Security and Exchange Commission is also keeping an eye on this incident and is pressing hard on brokerage firms for not keeping a check on suspicious activities. Market Watch says "But most individual investors don’t have to wait for the SEC or FINRA to come to their rescue, because this sort of criminal activity is largely enabled by a lack of vigilance on the part of victims, including requesting that their broker send them suspicious login alerts and using two-factor authentication, according to Jacoby."