G20 to jointly fight bank sector hacking

Kai Pfaffenbach—X00446
German Bundesbank President Jens Weidmann and German Finance Minister Wolfgang Schaeuble attend a Symposium at the G20 Finance Ministers and Central Bank Governors Meeting in Baden-Baden

BADEN-BADEN, GERMANY — The world’s biggest economies will pledge to jointly fight cyber attacks on the global banking system, one of the biggest coordinated efforts yet to protect lenders since an $81 million heist of the Bangladesh central bank’s account last year.Meeting in the German resort town of Baden-Baden, G20 finance chiefs will agree to fight attacks regardless of their origin and promise cross-border cooperation to maintain financial stability, according to a draft document seen by Reuters.”We will promote the resilience of financial services and institutions in G20 jurisdictions against malicious use of information and communication technologies, including from countries outside the G20,” it said.Cyber crime became a top priority after an elaborate heist on the Bangladesh central bank’s account at the Federal Reserve Bank of New York last year, an unprecedented theft that exposed the vulnerabilities of the system.The agreement, set to be finalized on Saturday, will come just days after the United States charged two intelligence agents from Russia, another G20 member, with masterminding the 2014 theft of 500 million Yahoo accounts.In the banking world, attacks through the global SWIFT bank transfer system have continued to increase with the network recording a “meaningful” number of attacks, with about a fifth of them resulting in stolen funds, since the Bangladesh heist, the firm said late last year.In other highly publicized attacks, retailer Tesco Plc’s banking arm said 2.5 million pounds ($3 million) had been stolen from 9,000 customers last year while hackers also stole more than 2 billion rubles ($34 million) from correspondent accounts at the Russian central bank and from accounts in commercial banks.The European Union is considering testing banks’ defenses against cyber attacks with concerns growing about the industry’s vulnerability to hacking.The announcement also comes the same week that a North Korean hacking group known as Lazarus was likely behind a recent cyber campaign targeting organizations in 31 countries, including the U.S.Symantec said in a blog that researchers have uncovered four pieces of digital evidence suggesting the Lazarus group was behind the campaign that sought to infect victims with “loader” software used to stage attacks by installing other malicious programs.”We are reasonably certain” Lazarus was responsible, Symantec researcher Eric Chien said in an interview.The North Korean government has denied allegations it was involved in the hacks, which were made by officials in Washington and Seoul, as well as security firms. “This represents a significant escalation of the threat,” said Dan Guido, chief executive of Trail of Bits, which does consulting to banks and the U.S. government.Lazarus has already been blamed for a string of hacks dating back to at least 2009, including last year’s $81 million heist from Bangladesh’s central bank, the 2014 hack of Sony Pictures Entertainment that crippled its network for weeks and a long-running campaign against organizations in South Korea.Symantec said the latest campaign was launched by infecting websites that intended victims were likely to visit, which is known as a “watering hole” attack.The malware was programmed to only infect visitors whose IP address showed they were from 104 specific organizations in 31 countries, according to Symantec. The largest number were in Poland, followed by the United States, Mexico, Brazil and Chile.