Home Tags Hong Kong

Tag: Hong Kong

DDOS attacks in Q1 2017

Although the first quarter of 2017 was rather quiet compared to the previous reporting period, there were a few interesting developments.

Despite the growing popularity of IoT botnets, Windows-based bots accounted for 59.81% of all attacks. Meanwhile, complex attacks that can only be repelled with sophisticated protection mechanisms are becoming more frequent.

How many NSA spy hubs are scooping up your Internet data?...

Not that knowing NSA's sigint locations will actually help you much...

Prysmian scores another world record in Telecom Networks

Highest capacity underwater optical cable deployed in Hong Kong to provide new data centre broadband connectionMilan, March 15, 2017 - Prysmian Group, world leader in the energy and telecom cable systems industry, scores another world record after deli...

In-the-wild exploits ramp up against high-impact sites using Apache Struts

Hackers are still exploiting the bug to install malware on high-impact sites.

The fastest man in electric racing talks cars, tracks, and the...

We interview DS Virgin Racing's Sam Bird ahead of this weekend's race in Argentina.

Hong Kong Securities Firms Warned Of Cyberattacks

Hong Kong's Securities and Futures Commission announces DDoS attacks on brokers and warns firms of future threats.

China announces mass shutdown of VPNs that bypass Great Firewall

Ryan McLaughlinreader comments 53 Share this story China’s Ministry of Industry and Information Technology yesterday announced a major crackdown on VPN (virtual private network) services that encrypt Internet traffic and let residents access websites blocked by the country's so-called Great Firewall. The ministry "said that all special cable and VPN services on the mainland needed to obtain prior government approval—a move making most VPN service providers in the country of 730 million Internet users illegal," reported the South China Morning Post, a major newspaper in Hong Kong. China's announcement said the country's Internet service market "has signs of disordered development that requires urgent regulation and governance" and that the crackdown is needed to “strengthen cyberspace information security management," according to the Post. The government said its crackdown would begin immediately and run until March 31, 2018. Numerous Internet users in China rely on VPNs to access sites blocked or censored by the government's Great Firewall, such as Google, YouTube, Facebook, Twitter, Tumblr, Dropbox, The Pirate Bay, The New York Times, The Wall Street Journal, and many others. Apple recently pulled New York Times apps from its Chinese App Store to comply with Chinese regulations. China's tightening of its already strict Internet censorship may be preparation for this autumn's 19th National Congress of the Communist Party of China, at which new party leadership will be elected. Besides the VPN crackdown, China on Saturday shut down "two websites run by a liberal Chinese think tank" and 15 other websites, the Post reported.

Threat Attribution: Misunderstood & Abused

Despite its many pitfalls, threat attribution remains an important part of any incident response plan. Here's why. Threat attribution is the process of identifying actors behind an attack, their sponsors, and their motivations.
It typically involves forensic analysis to find evidence, also known as indicators of compromise (IOCs), and derive intelligence from them. Obviously, a lack of evidence or too little of it will make attribution much more difficult, even speculative.

But the opposite is just as true, and one should not assume that an abundance of IOCs will translate into an easy path to attribution. Let’s take a simple fictional example to illustrate: François is the chief information security officer (CISO) at a large US electric company that has just suffered a breach.

François’ IT department has found a malicious rootkit on a server which, after careful examination, shows that it was compiled on a system that supported pinyin characters. In addition, the intrusion detection system (IDS) logs show that the attacker may have been using an IP address located in China to exfiltrate data.

The egress communications show connections to a server in Hong Kong that took place over a weekend with several archives containing blueprints for a new billion-dollar project getting leaked. The logical conclusion might be that François’ company was compromised by Chinese hackers stealing industrial secrets.

After all, strong evidence points in that direction and the motives make perfect sense, given many documented precedents. This is one of the issues with attribution in that evidence can be crafted in such a way that it points to a likely attacker, in order to hide the real perpetrator’s identity.

To continue with our example, the attacker was in fact another US company and direct competitor.

The rootkit was bought on an underground forum and the server used to exfiltrate data was vulnerable to a SQL injection, and had been taken over by the actual threat actor as a relay point. Another common problem leading to erroneous attribution is when the wrong IOCs have been collected or when they come with little context. How can leaders make a sound decision with flawed or limited information? Failing to properly attribute a threat to the right adversary can have moderate to more serious consequences.

Chasing down the wrong perpetrator can result in wasted resources, not to mention being blinded to the more pressing danger. But threat attribution is also a geopolitical tool where flawed IOCs can come in handy to make assumptions and have an acceptable motive to apply economic sanctions.

Alternatively, it can also be convenient to refute strong IOCs and a clear threat actor under the pretext that attribution is a useless exercise. Despite its numerous pitfalls, threat attribution remains an important part of any incident response plan.

The famous “know your enemy” quote from the ancient Chinese general Sun Tzu, is often cited when it comes to computer security to illustrate that defending against the unknown can be challenging.
IOCs can help us bridge that gap by telling us if attackers are simply opportunistic or are the ones you did not expect. More Insights

U.S. Charges Three Chinese Hackers With Profiting From Stolen M&A Info

Three Chinese men were charged by federal prosecutors with hacking the networks of major merger and acquisition firms for information, which they used to make profitable stock trades. U.S. federal prosecutors charged three Chinese nationals with hacking the networks of U.S.-based international law firms and using information from those firms to conduct insider trading, making more than $4 million from the scheme, according to a statement by the U.S.

Attorney’s Office.The three men targeted at least seven firms which advised companies involved in acquiring, or being acquired by, other companies, according to a statement released by Preet Bharara, the U.S.

Attorney for the Southern District of New York.After successfully compromising two law firms, the group then allegedly bought shares in companies that were about to be acquired or which planned to acquire the other firms.

They then sold the shares after the M&A deals were announced.“This case of cyber meets securities fraud should serve as a wake-up call for law firms around the world: you are and will be targets of cyber hacking, because you have information valuable to would-be criminals,” he said in the statement. The FBI and the U.S.

Attorney’s office worked with the Securities and Exchange Commission, the Office of International Affairs and Hong Kong law enforcement to investigate the group. One of the accused, Iat Hong, a resident of Macau, was arrested by local authorities on Dec. 25 and is awaiting extradition proceedings. The attacks, which occurred in 2014 and 2015, targeted the email accounts and data of law-firm partners, aiming to gain sensitive information about the acquisitions.In one case, the group allegedly compromised a law firm that was advising a company contemplating purchasing Intermune, a U.S.-based drug maker.

After stealing 40 gigabytes of data from the law firm, the three men began purchasing Intermune shares.

After the company announced it would be purchased by Roche AG on Aug. 25, 2014, the men sold the 18,000 shares for a profit of $380,000, according to the U.S.

Attorney’s statement.In a similar attack, the men also allegedly learned of Intel’s intent to acquire Altera, making a profit of $1.4 million on the resulting stock transaction.

The trio also made $841,000 after learning that Pitney Bowes intended to buy BorderFree, an e-commerce company.The attackers took similar measures in two other transactions, prosecutors claim.
In addition, they targeted at least five other law firms and two robotics companies—in the latter case, stealing confidential and proprietary information.The two other accused men, Chin Hung and Bo Zheng, are residents of Macau and Changsha, China, respectively.

Trio charged with $4m insider trading by hacking merger lawyers

Up to seven New York law firms targeted, say Manhattan prosecutors US prosecutors have charged three Chinese men with making more than $4m (£3.2m) by allegedly trading on information obtained from hacking top merger and acquisition law firms. The defendants are charged with targeting at least seven top international law firms with offices in New York, which advised companies on corporate mergers and acquisitions. The men are alleged to have successfully obtained inside information from at least two firms by hacking their networks and servers. Once they obtained access to the law firms’ networks, they targeted email accounts of law firm partners who worked on high-profile M&A transactions. That information was used to purchase stock in five companies before the public announcements were made.

By purchasing shares before the public announcements were made, they made $4m. In addition, the defendants are alleged to have repeatedly attempted unauthorised access to the networks and servers of five other firms.

Between March and September 2015, they attempted to cause unauthorized more than 100,000 occasions. The three men charged with insider trading and hacking are Iat Hong, Bo Zheng and Chin Hung. The United States attorney’s office and the Federal Bureau of Investigation said Hong was arrested in Hong Kong on Christmas Day. Manhattan US attorney Preet Bharara said: "This case of cyber meets securities fraud should serve as a wake-up call for law firms around the world: you are and will be targets of cyber hacking, because you have information valuable to would-be criminals.” FBI assistant director-in-charge William Sweeney said: “The subjects charged in this case allegedly stole nonpublic information through unauthorized access to law firms’ computers, and used the information for their own personal gain. "The FBI works around the clock to keep these types of alleged securities fraudsters and cyber criminals from trading on stolen information, potentially manipulating the market at the cost of legitimate investors, and harm to corporations.” ® Sponsored: Customer Identity and Access Management

Feds say Chicago e-recycler faked tear-downs, then sent CRTs to Hong...

Enlarge / EnviroGreen's homepage. Just because a website has pictures of a lush forest doesn't mean it represents a company that does good things for the environment.EnviroGreen reader comments 23 Share this story According to an indictment filed in Chicago federal court (PDF) late last week, 45-year-old Brian Brundage cut some serious corners while running his e-recycling businesses. He was arrested on Monday on charges of income tax evasion, mail fraud, and wire fraud. Brundage is the former owner of Chicago-based Intercon Solutions and the current owner of EnviroGreen Processing, based in Gary, Indiana.

Both recycling companies purported to sell e-recycling services to companies and government organizations that needed to get rid of old electronics.

Brundage promised his clients that their old computers, TV monitors, and various other devices would be broken down into their component parts and recycled in keeping with federal guidelines. Instead, feds allege that Brundage shipped some of those electronics for illegal disposal in landfills overseas.

Those electronics included Cathode Ray Tubes (CRTs) from old computer and TV monitors, which contained “hazardous amounts of lead,” as well as batteries.

The electronics that weren't shipped to Asia were destroyed inappropriately on the premises of his businesses or stockpiled indefinitely in warehouses, which is forbidden by federal guidelines. According to the indictment, Brundage also improperly resold many of the electronics he acquired.

Between 2009 and 2015, Brundage received shipments of calculators from an unnamed technology company in Texas with instructions to disassemble the calculators and recycle them accordingly.

But Brundage apparently resold the calculators to another company based in Tampa, Florida, which purchased and sold used electronics. (The Chicago Tribune notes that one of Brundage’s clients was Texas Instruments, but the company didn't respond to Ars' request for comment on the matter.) In exchange for the shipments of calculators, Brundage allegedly had the company in Tampa directly pay some of Brundage’s personal expenses.

Those expense include between $31,000 and $39,000 per year for a nanny and $26,000 to $42,000 per year for a housekeeper, as well as tens of thousands of dollars for jewelry expenses and payments to an Indiana-based casino. Among the more colorful accusations in the US government’s indictment of Brundage: the businessman allegedly went to lengths to fool third-party auditors into giving his companies the certifications necessary to keep doing business as an e-recycler.

Brundage allegedly invited unknowing customers on sham tours of Intercon’s facility. Once there, he "directed Intercon's warehouse staff to set up a staged disassembly line to make it falsely appear as though Intercon regularly processed e-waste in a manner that was consistent with its public representations." The Chicago Tribune published a feature on Intercon in 2007.
In it, Brundage is quoted saying, “We put old products on a disassembly line. We break each item down to raw materials and send them off to be smelted and reused.” He added, “nothing that leaves here goes to a landfill.” The indictment against Brundage only reaches back as far as 2009, so it’s unclear whether Brundage’s statements in 2007 were actually the case or whether the Tribune had been duped.

Brundage has operated as an e-recycler since 2000 when he purchased Intercon Solutions from its previous owner. In fact, Brundage has faced accusations of improperly disposing of e-waste materials since 2011, when he applied for an e-Stewards Certification, a certification that says the recycler is held to high standards, through the Seattle-based Basel Action Network (BAN).

BAN is an environmental organization that fights toxic and electronic dumping.
Instead of simply certifying Intercon Solutions, BAN alleged that it found evidence that Intercon was shipping CRT monitors and batteries to Hong Kong.

Brundage denied the allegations.
In response, he sued BAN for defamation.

The case wound its way through the court and was dismissed by a Chicago federal judge in October 2015 (PDF). Last week’s indictment also accuses Brundage of shipping “large quantities of e-waste” to Hong Kong, adding that in May 2011, the Hong Kong Environmental Protection Department discovered a shipping container full of waste and sent the container back to the US.

The indictment alleges that after the May 2011 incident, Brundage destroyed business records pertaining to previous shipping agreements but continued to ship e-waste overseas, with fraudulent labels and shipping reports. Brundage allegedly took destruction of e-waste into his own hands, too. He allegedly smashed CRT glass “in outdoor areas, without taking measures to prevent the release of potentially hazardous material into the environment.” The US government says that Brundage earned “millions of dollars” from his illegal schemes.

The government is asking for a judgment requiring that he forfeit all property obtained “directly and indirectly” from the alleged dealings.

Computop and AsiaPay Partner to Enable Retailers to Safely and Effectively...

Bamberg and Hong Kong – December 15, 2016 – Computop, a leading payment service provider, and AsiaPay, one of Asia-Pacific’s most distinguished payment service providers, today announced their new strategic partnership.

The relationship enables retailers to securely process payments in Asia-Pacific through Computop’s Paygate payment gateway using the payment methods that consumers in the region prefer and trust, helping to positively impact sales and the overall customer experience.A recent e-Marketer report noted that Asia-Pacific will remain the world’s largest retail e-commerce market, with sales expected to top $1 trillion in 2016 and more than double to $2.725 trillion by 2020.

Findings also noted that the region will see the fastest rise in retail e-commerce sales, increasing 31.5% this year.
In addition, according to a study by Kantar TNS, Asia-Pacific is leading the world in mobile payment with over half (53%) of connected consumers using their mobile phones to pay for goods or services at the point-of-sale via apps.

As such, the Computop and AsiaPay partnership enables retailers to capitalize on the growth opportunity that Asia-Pacific presents. “Expanding business into foreign markets may seem daunting, but working with companies that have a strong foothold in those regions and that understand the payment behaviors and preferences of consumers in those countries is key to retailer success,” said Ralf Gladis, CEO of Computop. “Through our partnership with AsiaPay, Computop is able to provide merchant customers with the opportunity to take advantage of Asia-Pacific consumers’ appetite for e-commerce. With Computop Paygate integrated with AsiaPay, retailers benefit from the secure payment options that southeast Asian consumers expect and trust.” “We are very honoured to be a strategic partner of Computop,” said Joseph Chan, CEO of AsiaPay. “Our company has more than 16 years of experience in credit card processing and international business service, giving us a solid position as a premier e-Payment player in the region.

Furthermore, we have a keen understanding of merchants’ payment requirements in the fast-paced e-commerce business environment. We believe that a strategic cooperation with Computop can help merchants improve their processing efficiency, thereby contributing to their business growth as well as support their global endeavor,” he added. Founded in 2000, AsiaPay offers secure and cost-effective electronic payment processing solutions and services to banks and e-businesses globally.

The company offers a variety of card payments, online bank transfers, e- wallets and cash payments across over 16 countries, including Hong Kong, China, India, Indonesia, Malaysia, Singapore, Philippines, Taiwan, Thailand and Vietnam.
It is a certified international 3-D secure vendor for VISA, MasterCard, American Express and JCB. Computop Paygate is a PCI-certified omnichannel payment platform that provides retailers with secure payment solutions and efficient fraud prevention for international markets.

Computop integrated AsiaPay into Paygate to offer merchants a wide range of payment methods in the Asia-Pacific region to support their cross-border and global commerce efforts. Payment methods available on Paygate include Alipay, American Express, JCB, Tenpay and WeChat, along with many other widely-accepted payment options that consumers in these countries use. About ComputopComputop is a leading global payment service provider (PSP) that provides compliant and secure solutions in the fields of e-commerce, POS, m-commerce and Mail Order and Telephone Order (MOTO).

The company, founded in 1997, is headquartered in Bamberg, Germany, with additional independent offices in China, the UK and the U.S.

Computop processes transactions totalling $24 billion per year for its client network of over 14,000 mid-size and large international merchants and global marketplace partners in industries such as retail, travel and gaming.

Global customers include C&A, Fossil, Metro Cash & Carry, Rakuten, Samsung and Swarovski.

Following the recent asset deal with the Otto Group, Computop is now processing payments for merchants that previously used EOS Payment, including all 100 Otto retail brands.
In cooperation with its network of financial and technology partners, which it has expanded over many years, Computop offers a comprehensive multichannel solution that is geared to the needs of today's market and provides merchants with seamlessly integrated payment processes. For further information, please visit www.computop.com. About AsiaPayFounded in 2000, AsiaPay, a premier electronic payment solution and technology vendor and payment service provider, strives to bring advanced, secure, integrated and cost-effective electronic payment processing solutions and services to banks, corporate and e-Businesses in the worldwide market, covering international credit card, China UnionPay (CUP) card, debit card and other prepaid card payments. AsiaPay is an accredited payment processor and payment gateway solution vendor for banks, certified IPSP for merchants, certified international 3-D Secure vendor for Visa, MasterCard, American Express and JCB.

AsiaPay offers its variety of award-winning payment solutions that are multi-currency, multi-lingual, multi-card and multi-channel, together with its advanced fraud detection and management solutions. Headquartered in Hong Kong, AsiaPay offers its professional e-Payment solution consultancy and quality local service support across its other 12 offices in Asia including: Thailand, Philippines, Singapore, Malaysia, Mainland China, Taiwan, Vietnam, Indonesia and India.

For more information, please visit www.asiapay.com and www.paydollar.com. ### For further information, please contact:Jessica MularczykAscendant Communications, for Computop in the U.S.Tel: 508-498-9300E-mail: jmularczyk@ascendcomms.net Charlotte HansonAscendant Communications, for Computop in the UKTel: +44 (0) 208 334 8041E-mail: chanson@ascendcomms.net Valerie SanchezSenior Channel ManagerAsiaPayTel: (632) 887-2288E-mail: valerie.sanchez@asiapay.com Alvin ChanAssociate Director, Sales & MarketingAsiaPayTel: +852-2538 8278E-mail: alvin.chan@asiapay.com