Tag Archives: IT News

Travel by Ransomware

On Tuesday an interesting article was given by the guardian (at https://www.theguardian.com/technology/2020/jan/07/travelex-being-held-ransom-hackers-said-demanding-3m#maincontent), the title ‘Travelex ‘being held to ransom’ by hackers said to be demanding $3m‘ almost said it all and then I noticed something. First we get “Criminals are thought to be demanding about $3m (£2.3m) – to give the firm access to its computer systems after they attacked using the Sodinokibi ransomware on 31 December“, the price is not set without quarter, this we get from “They are reportedly threatening to release 5GB of customers’ personal data – including social security numbers, dates of birth and payment card information – into the public domain unless the company pays up” as well as “banks who use Travelex’s foreign exchange services to stop taking online orders for currency, affecting Sainsbury’s Bank, Tesco Bank, Virgin Money and First Direct.” You see Travelex, based in London, has a presence in more than 70 countries with more than 1,200 branches and 1,000 ATMs worldwide. It processes more than 5,000 currency transactions every hour yet, even as we see that it is on the London Stock Exchange, however the group is based in the United Arab Emirates. As for the actions we see “On Thursday 2 January, the Met’s cyber crime team were contacted with regards to a reported ransomware attack involving a foreign currency exchange. Inquiries into the circumstances are ongoing” here is the snag, what are the chances that US actions are impeded as it impacts 70 countries? Is there a reason why the FBI is not equally involved? You see, Sodinokibi is a spin off from Gandcrab and as we see (at https://www.bleepingcomputer.com/news/security/fbi-releases-master-decryption-keys-for-gandcrab-ransomware/) the FBI got those keys. Now the keys will not be compatible, but if they get one solution, they might get another solution. The fact that corporations are hit and we see “the developers behind the wildly successful GandCrab Ransomware announced that they were closing shop after allegedly amassing $2 billion in ransom payments and personally earning $150 million“, we would want to think that the FBI is on top of this and get some pay-back (I had to use that pun).

We also learn from Acronis “Sodinokibi ransomware exploits an Oracle WebLogic vulnerability (CVE-2019-2725) to gain access to the victim’s machine“, and when we go to the Oracle page we see that there had been a solution from last May onwards. there is also the part “Product releases that are not under Premier Support or Extended Support are not tested for the presence of vulnerabilities addressed by this Security Alert. However, it is likely that earlier versions of affected releases are also affected by these vulnerabilities. As a result, Oracle recommends that customers upgrade to supported versions” the question becomes did Travelex forget to do a few things? the article does not pan out on that.

Yet in all this IT News (at https://www.itnews.com.au/news/ransomware-shuts-down-travelex-systems-536191) gives us ‘Unpatched systems could be attack vector, say researchers‘, and they also give us “No evidence has surfaced so far that structured personal customer data has been encrypted, or exfiltrated. This is in contrast with a report in Computer Weekly that alleged the criminals deploying the Revil/Sodinokibi ransomware had attacked servers storing sensitive, confidential information that included customer names and their bank account and transaction details” and it does not stop there. They also give us “Troy Mursch, chief research officer at security vendor Bad Packets said it notified the forex multinational in September of a serious vulnerability in its Pulse Virtual Private Networking servers. The vulnerability went unpatched until November” which sets a much larger question mark on the entire issue as the news give us that the attack came almost a month after that. They curtiously also give us “Prior to that, security researcher Kevin Beaumont noted that Travelex was operating cloud instances of Windows Server on Amazon Web Services that had Remote Desktop Protocol (RDP) enabled and exposed to the internet, but with Network Level Access (NLA) control disabled. An RDP flaw, known as BlueKeep, allows for full remote compromise of Windows without user interaction” and these issues are not asked about? At least the Guardian article does not stop on them. 

The most hilarious response is seen at the very end of the IT News article with “Despite the attack closing down online systems, Travelex said it does not currently anticipate any material financial impact for its parent Finablr” Travelex might have numerous issues to consider, but the customer does not make the high point of that, or as I would mildly put it, who cares about Finablr? Well I reckon that the London Stock Exchange cares as the value of Finablr made a crashing 17% loss, that is almost one in five pounds that is lost too those bright young lads (ladies also). They advertise (on their website) ‘Finablr is a global platform for Payments and Foreign Exchange solutions underpinned by modern and proprietary technology‘ instead of ‘Finablr is a global platform for Payments and Foreign Exchange solutions underpinned by modern and proprietary hackable technology‘. It is a small difference, but a distinct one, especially as Oracle had placed a solution for months and the second message by Kevion Beaumont does not help any I reckon. In support a source gave the BBC that they feel let down, complaining that their travel money is “in limbo”, which is interesting, as the Guardian article gives us “Travelex first revealed the New Year’s Eve attack on 2 January, when it sought to assure that no customer data had yet been compromised” and as the article came 5 days after, the absence of victim mentioning is an interesting one, it seems that Travelex is not handling this situation well on a few levels, optionally also in arrear of making mantion towards the customers, all in opposition to the text on Travelex.com, which gives (among more data) “Tony D’Souza, Chief Executive of Travelex, said “Our focus is on communicating directly with our partners and customers to protect them and their information from any further compromise. We take very seriously our responsibility to protect the privacy and security of our partner and customer’s data as well as provide an excellent service to our customers and we sincerely apologise for the inconvenience caused. Travelex continues to offer services to its customers on a manual basis and is continuing to provide alternative customer solutions in the interim. We are working tirelessly to bring our systems back online.”” 

As such we get Travelex giving us one part and the BBC giving quite the opposite, and at this point my question becomes, exactly how much money is ‘in limbo‘?

That and a few more parts all rise to the surface when I look into this matter, the entire time gap on the side of Travelex being the most prevalent one. The one part that Acronis made me wonder about was the exemption list, the fact that It will try not to infect computers from countries based on the locale setting of the computer, which gives us “Romania, Russia, Ukraine, Belarus, Estonia, Latvia, Lithuanian, Tajikistan, Iran, Armenia, Azerbaijan, Georgia, Kazakhstan, Kyrgyzstan, Turkmenistan, Uzbekistan, Tatarstan“, the reason is unknown to me, perhaps they fear those countries and their ‘justice system’?

By the way, the entire Finablr website mention was essential, they are so for the ‘future’ yet security is seemingly not among it. That part is seen when we consider “In April 2019, the Cybereason Nocturnus team analyzed a new type of evasive ransomware dubbed Sodinokibi“, as such it took the Oracle team months to get a solution made (which makes perfect sense) yet the lack of implementation by Travelex is less normal. From all information it seems to me that Travelex should have made larger steps to be secure no later than Halloween, so the issue is a little larger than we consider, and the fact that Sodinokibi is a much larger field that goes back a few billion dollars. This is a contemplated speculation when we look at CSO Online where we get “While Sodinokibi is not necessarily a direct continuation of GandCrab, researchers have found code and other similarities between the two, indicating a likely connection” implying that for at least one person $150 million was not enough. 

As such, the entire Travelex issue will be around much longer than the ransomware will be, there will need to be a larger amount of questions to its mother organisation Finablr as well. From my speculative side it seems that some players are lacking certain IT skills, or/and a larger shortage of it, that is the initial feeling I got when I saw the information that Troy Mursch and Kevin Beaumont handed over to the press, and so far the information as seen supports a larger failing in Travelex and optionally Finablr as well. There is support for my way of thinking, no matter who is on the board of directors, none of them are IT experts and that is fine, yet by not having a visionary IT expert leading the charge we see a larger failing coming their way. It is not merely having an IT department and a security department, someone needs to spearhead and protect IT issues in the Board of Directors and there is no evidence that this is happening, actually the Travelex issue gives rise that it is not happening at all. More important, the issue with the website is that it is highly sales oriented, and when I had a look there (I reckon the Sodinokibi members as well), I wondered how secure are Unimoni, Xpress Money, Remit2India, Ditto and Swych? When one of these points get attacked, will the board of directors act appropriately? It is optionally a little ironic that they are hit whilst they advertised a paper on their site on November 20th (a month before the attack) ‘Why data protection is your new strategic priority‘, my initial thought? ‘Sarcasm, when it backfires it becomes irony!‘ Yes it seems like a cheap ride from my side, but we forget that Common Cyber Sense is a real thing and corporations need a much larger vested interest in being safe than ever before, GandCrab showed that part months before this event took place and I reckon that Financial corporations need to take a much larger vested interest in that matter, or so I am led to believe, I could (of course) be wrong.

What do you think?

 

Leave a comment

Filed under Finance, IT, Law, Media

Non iudicium tuum

This telling is a little overdue. You see, when you are looking at one aspect, when the aspect is blended into the frame, it tends to be a larger puzzle to decipher where the colours have ended up. You see, when you start the painting, you work with blue, yellow and perhaps a little red. So before you know it, you have in addition purple, Green, Orange and at times brown appears. Yet, how much of yellow is in each of the blends? Do not think it is a black and white path, it is tainted in contrast and the one trying to decipher it all is in the largest of dangers by letting his or her ego speak in the extent that the amount of yellow that made green is used. It isn’t always science, it is at times art. This is the path of intelligence analyses and whomever is pointing its finger at a mere correlation table of SIGINT (or Business Intelligence) will for the most never have a clue what got themselves into that number and they end up painting themselves into a corner, the deadliest of actions in any given analytical equation.

So when I initially got to the fact that the foundation of the Huawei revenue was down 4.25%, I was looking at the base of it. You see, like the blending of colours, Huawei is also getting blended. Samsung would be the strongest indicator why their profits are up by a fair share. In addition as Apple disappointed to the smallest equation is an equal measure of the impact, yet Google is about to hit the revenue ball out of the park with the Pixel and Pixel XL, where it now seems that filling the initial US and UK orders is no longer feasible, the demand for this communication jewel is crushing all expectations raising the bar by a sizeable amount, something we have not seen since the early days of the Apple iPhone.

You see, in July the Financial Times reported on operating margins shrinking, even though revenue surged 40% (for Huawei), the quotes aren’t too ‘informative’, you see the answer isn’t always easy when a brand is global. Yet this quote will help “But while revenue surged, picking up from 30 per cent growth in the same period last year, Huawei’s operating margin shrank from 18 per cent to 12 per cent, the privately owned company said on Monday“, yes the revenue went up by a lot, mainly because over the previous year Huawei was very aggressive offering the P7 at such discounts that in its league it was almost the only choice to make. Other models were sold at very sharp prices, giving shoppers clear reasons to select something that seemed too good to be true. The rest at the Financial Times is pretty spot on, but incomplete. (at https://www.ft.com/content/12a427e2-5232-11e6-befd-2fc0c26b3c60).

It is the next quote I have an issue with “Sabrina Meng, Huawei’s chief financial officer, predicted the strong sales would continue through the year: “We are confident that Huawei will maintain its current momentum, and round out the full year in a positive financial position backed by sound ongoing operations”“, as stated before, people are getting more and more clued in on what is required in a smartphone, as they went the way of Samsung and others in limiting what was available the market is slowing down for them, it will slow down faster and faster as they ignored to comprehend their mobile customers. The lesson Apple knew and Google comprehends at presale is the reason that the Huawei and other markets will slow down even further. Don’t get me wrong, they will still make a profit, but their mobile share will take a hit (when we exclude the Samsung shift). By listening to the wrong analysts and not realising that their production path could have been optimised by not giving in to fragments, the margin was kept low. This is a choice you can make, and it comes with consequences.

Huawei is following Microsoft, Motorola, Sony and a few others in this. And as we see the news in the corner on how others are following the P9 dual lens, they are all ignoring the main element in all this, it is storage plain and simple! That is, for the consumer users, in addition, when we see Ericsson dive deep down into a 94% drop, we need to consider the quote that IT News gave (at http://www.itnews.com.au/news/ericsson-profits-plunge-94-percent-439317) “Acting CEO Jan Frykhammar was confident Ericsson could fight back, noting it had faced a similar situation in 2007-2009 when it was waiting for demand for 4G technology to kick in“, you see, ‘waiting’ is the issue, you either take the lead and jump or let the revenue slide by, that was the consequence. They gave up the mobile smartphone a long time ago, as there was no way to compete with the market. In addition, Ericsson has been dropping the ball on a few telecom fronts.

I think it is relatively safe to state that there is a lull in the Telecommunication market (in general). The final quote “Our result is significantly lower than (what) we expected, with a particularly weak end of the quarter, and deviates from what we previously have communicated regarding market development,” said acting Ericsson CEO Jan Frykhammar” this sounds like an answer, yet it is not.

Is he showing that he had no way to forecast what the market was doing?
Is there no correct focus on ‘market development’?

The Ericsson case is showing us that there is more than one issue. In the same state we have to see that Huawei is a lot more than just mobile phones, as it is with Ericsson, yet as I personally believe it to be, some places aren’t thinking through, at l;east not to the extent that they should be thinking it through. They are trying to get back to the ’98 time when they were getting rich by selling concepts. I see it as backward thinking. Ericsson states on their website “Opportunities in 5G! We asked 650 executives from 8 industries how they use communications technology today, which use cases are likely to dominate their industry, and what business reasons are driving them to move to 5G“, which is not untrue, but as we see the PR machine waking up 4 years early on the biggest opportunities that are eligibly coming, whilst there are still 4 general meetings and as I see it no less than 8 shareholders meetings, so focussing on the now is extremely essential (don’t you agree?), this is why Ericsson got to drop 94%, the ‘now’ is not covered and we only have yesterday’s technology to compare it to. If you wonder about 5G, look here:

https://5g.co.uk/guides/what-is-5g/

what-is-5g-euroWhat is important is “Huawei is planning to launch the first 5G pilot network with its partners in 2018. Interoperability testing is to be completed in 2019 ahead of a commercial launch in 2020. Ericsson is planning to demonstrate 5G at the Winter Olympics in South Korea (as is Samsung) and at the World Cup in Russia, both in 2018“, this sounds nice, and it actually is, but consider that the devices that need to be there are not created yet, so they are dealing with old tech that is soon no longer interesting, whilst todays needs that shows clear forward momentum thinking is not shown by either and relying on 32GB mobile devices is definitely not it. So the consumer at present is looking at buying at least 2 more mobiles in the next 5 years, so having one now that last 3 years is a massive requirement as I see it. In addition, lowering the upcoming threshold is an initial requirement. The image on that page, shown here, is the first step. The image shows two elements. In the first we see ‘smart mobility‘ and ‘smart wearables‘ in the second we see ‘domotics‘ and ‘Entertainment, apps beyond imagination‘. This gets us now back to ‘Viewpoint to a point of view‘ (at https://lawlordtobe.wordpress.com/2016/10/05/viewpoint-to-a-point-of-view). Google wasn’t just ‘on the ball‘ they are now leading the game and are the new game deciders in the field where everyone wants to play. In that presentation on Google Home they showed to be active in all four elements, and they are now leading in at least two of them. That is the part Huawei ignored. And as so called 2018 G5 partners they had the option to lead the field, they just decided not to do so. By using the initial Apple approach, the Pixel and Pixel XL offer the 128 GB solution for $150 more. Meaning that your phone could last you until 2020 and only when the 5G requirement is actually needed, the current Google solution will give you some of what 5G is supposed to offer, so you will only be upgrading the centre of the hub of your domotics, namely your mobile phone. The rest will most likely already be there, so that is why we see the shift.

So is my view tainted?
It is!

I look at a lot more elements than the consumer will, yet in all this, the consumer is already getting exposure to these elements and as such we see a level of contrasting within the consumers choice that we haven’t seen before, that elements needs to be taken into account as well. Whasun Jho who has published works regarding building Telecom markets. As he sees it and I agree we see a contrasting in the Telecom markets where we see the growth of facility based competition versus service based competition, I believe that the second is only a field of combat if your hardware isn’t up to specs to deal with the wave that will follow over the next 5 years, so in that Huawei, as I stated in the past had the option to grow the market to rule as they went with sharp competition in 2015, they now gave it away by seeking margins instead of overpowered ruling through superior options. In my view as we see where limitations were the only options, it was about competition between providers of the same or similar services (in Australia Telstra versus Optus) and by giving in, they are now losing market share that I stated is a base drop of 4.25% and could rise to 11% before Christmas, almost literally depending on the power of Google’s devices as accepted by the global consumers. In this situation, it is not a given that Google would switch to a Software As A Service path, but by offering the path on corporate whilst leaving the consumers with open and negligible costs, the image as shown implies that ‘smart’ elements and ‘domotics’ will give us Google at number one, with a massive advantage for the longest of times, that is, unless the players change their ways and right fast. Because when proven to work, customer loyalty will soon be the most important metric in this telecom shift. Samsung gambled and got hit hard, yet they are not out. One burning battery does not stop a company the size of Samsung and a lot of burning batteries makes for a fun roasting of Marshmellows (pun intended).

So here we see the use of colours. Which colour is what is not a given and does not matter, what matters is what the consumers and what the corporations need, in the next 3-4 years it will all be about what will last longer, not some hardware as a service that requires annual replacement. Ericsson shows us what happens when you are not proactive on the ball and there will be the licking of wounds for some time there, in addition, as we see the mobile iteration (Experia Z to Z5), actions that I call to be an iterative market that has no chance to survive. sweetening deals like a couple of movies has no place here as I see it, it seems like a quick fix and it is, yet in that Sony has made that mistake a few times too often and Huawei should have learned from those failures. They were all options that could have been avoided and it will hurt Huawei, yet in all this they too are not down or out. Just a little bruised as I see it. So we will see a market that will shift over the next 4-6 weeks. Yet in the end there is no certainty on how matters are impacted. What is clear is that the Telecom market will shift in a massive way, those who do not shift with that market are most likely the players that will not make it to 2019, an extreme prediction, yet will I be wrong?

Consider what the market is trying to imbue to us between 2017 and 2021/2022. As per 2018 you should only consider a device that will last that initial transition (software without the 5G speed), and the one after that will have the speed if you want to play on that level. So buying with clear common sense could save you $1000-$1800, that is for most people serious money, for those relying on a new plan with a new phone, you better remember that soon such a solution might not be that easy to get, or that cheap. The Telecom providers will remain facility based competition, yet the market we swim in is more and more becoming service based, so we need the right device that can deal with this and for telecom companies to keep on playing a ‘this will do for a year‘ isn’t thinking forward, or at least just limited short term. A game we cannot go along with and there are enough people to realise this danger, which is what is pressuring the Huawei market as I personally saw it.

There is more to all this, but a market that revolves on ‘We decide your choice‘ is not a choice, it is a limitation, something that Google is building awareness on by showing us what is possible and then offering the overkill device for a mere $150 extra, like Apple did, but Apple didn’t come with the shown benefits of actually showing us that part. As you realise that you already knew most of these elements as you YouTubed your way through the internet universe, consider the options your phone don’t allow for at present. There is no reason to suddenly update the phone at present, but you should realise that these limitations will hinder you in the future and realising what you need in three years is more and more important in today’s mobile market. It is something you only need to be aware of at present, when the shift comes you will be ready with the right phone and with the options to do it all (without getting pushed into spending $1000+ overnight), as well as the option to keep your movies, your photos, your Pokémon’s, as well as whatever the domotics apps universe brings to your mobile.

 

1 Comment

Filed under Finance, IT, Media, Science