Category Archives: MONEY FINANCE DEBT

Telstra launching cybersecurity centres internationally

Telstra is utilising its ‘deep, deep skills in cyber’ by launching security operations centres in Sydney, Melbourne, and across the globe, as well as likely upgrading its existing facility in Canberra.

Telstra will be opening cybersecurity centres internationally following the launch of its security operations centres (SOCs) in Sydney and Melbourne over the next few weeks, CEO Andy Penn has announced.

Speaking during Telstra’s FY17 financial results call, Penn said Australia’s incumbent telecommunications provider is currently looking at locations for international SOCs, but would not disclose the sites.

However, he added that the two new Australian centres will be launching “very soon … in the coming weeks”.

“There’s no doubt that large enterprises and even smaller enterprises today are becoming increasingly concerned by cybersecurity risks that they face,” Penn told ZDNet.

“There’s virtually no technology innovation that’s happening today that isn’t intended to be connected. That means it’s across a network, and what’s critical is those innovations and that technology is protected from a cyber perspective.

“We’ve got deep, deep, deep skills in cyber because of our own need to protect our networks, but also we provide a very significant dynamic service for our enterprise customers, and this is really a significant investment in really building that service for our enterprise customers.”

Penn told ZDNet that Telstra will also likely upgrade its existing SOC in Canberra.

“We have a dynamic product offering which is integrated with some of the best data analytics globally and the best access to data globally, so that’s actually the fundamental offering, and then the security operations themselves actually enable ourselves on behalf of our customers, or our customers, to monitor 24/7 effectively the cyber activity on their networks,” Penn told ZDNet.

“You need the data analytics and you need the artificial intelligence and the machine learning capabilities to process what’s actually happening deeply at the network level, and you need the sensors deep within the network, and that’s the dynamic security offering that is already launched. We’ve already got customers on that who are very pleased with that offering, and then we’re supporting that with the security operations centres.”

Penn said Telstra has the “smartest” network in Australia, with the telco currently also upgrading its fibre-optic network to allow for terabit capacity.

“We have commenced the rollout of our next-gen optical fibre and transmission network; Tasmania was the first state to benefit from this upgrade,” the chief executive said.

“This will increase Telstra’s network capacity to 1 terabit per second, and has already done so on each of Telstra’s two subsea cables running across the Bass Strait. We’re already rolling this out to the rest of the country, and there is future potential to increase the capacity to 100 terabits per second.”

In addition, Penn spruiked the company’s Cat-M1 Internet of Things (IoT) network, built in conjunction with Ericsson and switched on earlier this month on the 4GX network.

“Cat-M1 will give us the platform for the significant growth we expect to see in IoT,” Penn said.

Telstra currently has more than 8,600 mobile towers, 5,000 telephone exchanges, 200,000 switches and routers, 240,000km of optical fibre cable, and 400,000km of submarine cable.

Telstra TV 2

Penn also announced the launch of the Telstra TV 2, saying that Telstra remains “committed to Foxtel” despite its dropping revenue and is in discussions with co-owner News Corp on how best to structure and arrange Foxtel in future.

“We’re about to dial it up again,” Penn said, detailing that the Telstra TV 2 will include all streaming and catch-up TV services along with a linked mobile app, making it “a real Australian first”.

“Access to the best content is critically important to us as demand for media continues to grow. At the same time, the media market is changing with new participants and increased competition,” Telstra added.

Telstra’s media revenue grew by 8.2 percent to AU$935 million thanks to uptake of both the Telstra TV and “Foxtel from Telstra”. Foxtel from Telstra made AU$777 million in revenue, growing by 8.1 percent due to 57,000 additional subscribers, and there are now 827,000 Telstra TV devices in the market.

Underpinning Telstra’s SOCs is its suite of managed security services announced in March and launched in July, Penn said, in addition to the company’s 500 “cybersecurity experts”.

The Telstra TV originally launched in October 2015.

This Android hummingbad malware has infected 85 million devices and makes its creators $300,000 a month

Gang behind malware make money from fraudulent apps — but if they choose to use their reach for theft, corporations could be put at risk.

3d render

On top of that, experts have warned that the spread of the malicious HummingBad software could be used to do even worse damage by stealing victims’ data.

Android Trojan malware makes hackers $500,000

The irremovable Hummer is now the number one Trojan in the world, with over one million current victims.

The mobile malware has been analysed by security researchers at Check Point after it was found on Android devices belonging to two employees at “a large financial institution”. In-depth findings on the malware are laid out in the company’s ‘From HummingBad to Worse’ report. The gang behind the malware — thought to be located in China — are estimated to generate around $1m every quarter from fraudulent ad revenue and the installation of bogus apps.

Initially discovered in February, HummingBad infects Android devices via two methods: drive-by downloads and malicious payloads delivered by websites distributing adult content.

Once the attack is underway, HummingBad attempts to gain root access to the device using a rootkit, which if successful gives attackers full access to the infected phone. If that attack method fails, Hummingbad will also use a fake system update notification to trick users into giving it access to the entire Android system.

No matter which method of attack is used, a successful installation of HummingBad will see it install as many fraudulent apps on the infected device as possible, which is how the scheme generates revenue.

Researchers suggest that a total of 85 million Android devices across the globe have been infected in this way, with victims in China, India, the Phillipines, and Indonesia accounting for over half of those successfully targeted.

It’s estimated that 10 million victims are unwittingly using malicious apps, which in total deliver over 20 million advertisements a day, resulting in 2.5 million clicks every 24 hours. Engagement with these pop-up ads deliver around $10,000 per day, totalling about $300,000 each month.


Henry Sapiecha

U S Congress probes NY Fed’s handling of Bangladesh Bank heist

Commuters pass by the front of the Bangladesh central bank building in Dhaka March 8, 2016. REUTERS/Ashikur Rahman/File Photo

A U.S. congressional committee has launched a probe into the Federal Reserve Bank of New York’s handling of the cyber theft of $81 million from one of its accounts held by the central bank of Bangladesh, according to a letter seen by Reuters.

The letter, addressed to New York Fed President William Dudley and sent Tuesday from the House of Representatives’ Science Committee, requests “all documents and communications” connected to the February heist, the bank’s oversight of the global financial network SWIFT and the status of any reviews related to the Fed’s information technology conducted since the attack occurred.

The letter follows similar probes launched last month by Tom Carper, the Senate Homeland Security Committee’s top Democrat, and Representative Carolyn Maloney, a New York Democrat.

The latest inquiry comes as policymakers, regulators and financial institutions around the world increase scrutiny into the heist and related attacks on banks in Vietnam and Ecuador, in which hackers sent fraudulent transaction messages across the SWIFT.

“In light of the recent cyber attacks on our global financial systems, the Committee believes it is imperative to receive information from the NY Fed about its response, its oversight of SWIFT, the status of the investigation, and any remedial steps taken to address vulnerabilities,” states the letter, signed by House Science Committee Chairman Lamar Smith, a Texas Republican.

A New York Fed spokeswoman said it intended to respond to the new request for information. The bank has so far denied responsibility for the Bangladesh Bank intrusion.

The letter said it was “deeply troubling” that cyber security experts believe more attacks will be uncovered as banks review their security systems, and that Bangladesh Bank’s systems appeared to be the “weak link” in the February attack.

SWIFT, the Society for Worldwide Interbank Financial Telecommunication, last week urged banks to bolster their security, saying it was aware of multiple attacks. Banks around the world rely on SWIFT to issue payment instructions to each other.

The committee requested a response from the New York Fed by June 14.


Henry Sapiecha


Australian NSW Police want warrantless bank data access

Police want access to banking data without judicial oversight.image
Police want access to banking data without judicial oversight.

We are not prepared for Cybergeddon

The NSW Police Force would no longer require a judge’s sign-off to gain access to the bank statements of people they suspect are engaging in criminal conduct under a police proposal before the NSW government.

The proposal would change the status quo, which requires a magistrate or registrar of a court to sign off on a “notice to produce” before police can force banking institutions to hand over documentation, such as a suspected criminal’s bank statements.
Detective Superintendent Arthur Katsogiannis image

Detective Superintendent Arthur Katsogiannis. Photo: Dallas Kilponen

The proposal would instead allow a senior police officer to sign off.

Detective Superintendent Arthur Katsogiannis, head of NSW Police’s Fraud and Cyber Crime Squad, revealed the proposal in a lunch interview with Fairfax Media (read the full interview here).

Detective Katsogiannis said it was being floated following the imminent trial of a new information retrieval (IR) system which would help automate some manual processes for collecting intelligence from banks.

“If we want documentation from the banks … we still need to go to a court and see a chamber magistrate to be able to get a notice to produce to get that documentation so it can be admissible as evidence in a court,” he said. “We’ve recently put a submission up to government seeking an amendment to that [so] that a commissioned officer would be able to authorise notices to produce.”

Detective Katsogiannis said the computerised system would enable officers to “go online and request banking documentation, statements, affidavits and the like” and get it “a lot quicker and more efficiently”. The next step – allowing a senior officer to sign off on access to banking information – would make it even faster.

He likened the proposal to the way telecommunications metadata – such as the time a call was made, to whom, and for how long – is sought from telcos, which requires only the sign-off a senior officer before companies, such as Telstra or Optus, divulge such information.

Asked about the NSW Police Force proposal, a spokeswoman for NSW Deputy Premier and Minister for Police, Troy Grant, said it was examined last year as part of a review into the Law Enforcement (Powers and Responsibilities) Act 2002.

“… Changes were made to streamline the process but fell short of allowing all commissioned officers with the authority access [to] people’s bank statements,” Mr Grant said. “The review attempted to balance the needs of police to get on with the job and having appropriate safeguards of people’s personal information.”

But as the new Minister for Police, Mr Grant said he had requested a full briefing to examine “if further improvements can be made”.

NSW Police’s submission to last year’s review was never made public. Mr Grant’s spokeswoman said this was because it was provided to the review in confidence as it contained “operational matters”.

However, in the review’s final report, handed down by the NSW Department of Attorney-General and Justice, and Ministry for Police and Emergency Services, the authors paraphrased submissions made by the NSW Police Force and NSW Police Association.

The review said both entities wanted senior officers rather than parties outside the police force to be given the power to sign off on access to banking information. NSW Police stated, the report said, that this “would represent a reduction in red tape by delivering significant benefits for police in savings of resources, paperwork and unnecessary travel”.

Both parties also wanted the range of entities that have to comply with notices to produce to be expanded.

But the report did not recommend the notice to produce laws change to the extent a judge wasn’t needed, saying “it would be inappropriate for a senior member of police to be given the authority” to issue the notices.

“…There are significant privacy implications,” the report concluded

“The independent issuing authority is a necessary safeguard to ensure that civil liberties are not unnecessarily impinged upon.”

The report also shot down the possibility that notices to produce apply to other entities, such as casinos, bookmakers and currency exchanges.

David Shoebridge, a Greens MP in the NSW Legislative Council, said he had concerns.

“Bank records contain a cornucopia of personal information that should be protected from casual access by the NSW Police,” he said. “If police have a reasonable basis to believe that access to someone’s bank account details can help them solve a crime then they can already get the information by a warrant.”

When recently asked, none of the big four banks would disclose how many times they have handed over banking information.

While banking information is highly personal and can reveal spending habits, including where you shop and what time, some don’t see it as that private. Sydney-based start-up Pocketbook, for instance, has some 150,000 users who voluntarily hand over their banking information in return for a useful service that organises their spending into categories such as clothes, groceries and fuel – showing where money is being spent.

Fairfax Media recently reported that NSW Police made 166 requests for Opal smartcard data, which doesn’t require a warrant to access.

Henry Sapiecha


joe hockey talks image

In August, 2014 the Australian Government announced a $630 million funding boost for security and intelligence agencies to better deal with the threat of terrorism.

Henry Sapiecha

Australian Federal Police seize millions from the bank accounts of nine Russian business people

Nine Russian nationals used a Gold Coast ANZ bank to wire large sums of money from companies in Asia.image

Nine Russian nationals used a Gold Coast ANZ bank to wire large sums of money from companies in Asia. Photo: Glenn Hunt

The Gold Coast branch of the ANZ Bank sees its share of wealthy new customers, but few could match the smartly-dressed tourists with Russian accents who opened accounts in 2011.

Within days of setting up the accounts in the heart of Surfers Paradise, the money started rolling in in the form of six- or seven-figure wire transfers from companies in Asia.

First came several hundred thousand from an account in Hong Kong, then just weeks later another six-figure sum, then half a million from an account in China, then several more transfers. Eventually there was almost $29 million in accounts in the names of nine Russian nationals.

Late last year Federal Police moved in, raiding homes on the Gold Coast and taking action in Queensland’s supreme court to freeze the cash under money-laundering laws.

Police in the court argued that the Russians, from Irkutsk in Siberia, did not earn enough to justify the vast sums.

The Russians, who remain in Siberia, hit back, hiring their own lawyer and rejecting the allegations.

This week Fairfax Media has learnt some of the nine have been the subject of media reports in Russia linking them to alleged tax avoidance and failed companies. They are alleged to have been involved   in the jade mining industry in an area which has seen a series of violent robberies and deadly


The Russians have denied the allegations, with one of their number saying the group were only trying to close a deal in Queensland that would have involved the export of Australian powdered milk to Siberia.

And their Gold Coast-based tour guide, whose post box was used to receive correspondence for their ANZ bank accounts, says they were legitimate business people looking to invest and send their children to one of the Gold Coast’s top private schools.

The dispute provides a snapshot of the global movement of shadowy funds out of eastern Europe’s turbulent economy and the attractiveness of destinations such as the Gold Coast as a financial haven.

The first to arrive on the Gold Coast on December 30, 2010, was a party of five: Eduard Zelinskiy, Irina Strelnikov and Vladimir Strelnikov and Natalia Gudkova and Andrey Gudkov.

All five listed on their visa applications some connection with the Siberian-based Baikalkvartssamotsvety or Baikal Quartz Gemstones company, which mines precious and semi-precious stones west of Irkutsk.

All opened the accounts in about January 2011, then returned to Russia.

Two months later more Siberian associates with a connection to the mining company landed on the Gold Coast and made their way to the ANZ Bank to open accounts.

In March 2011 the quartz company’s commercial director, Eduard Karmadonov, 45, came for a visit. Police believe he earned about $24,879 a year but his ANZ account showed $12 million, while his wife Elena Karmadonova, 35, who accompanied him, finished up with $843,306 in her ANZ account.

Then there was the general director of the mining company, Sergey Kostyukov, 50, who visited about the same time and set up an account. Mr Kostyokov, who police believed earned $65,005 a year, eventually notched up about $2.9 million in his ANZ account.

Even the medical officer of the company, Galina Chuvasova, 49, tagged along for the trip and despite an annual income estimated by the police as being about $12,640, had $650,832 in her ANZ account.

Once on the Gold Coast, the Russians used the services of  tour guide Tamara Allnutt, who allowed them to use her post box to receive correspondence. She denies any impropriety and swears the group were legitimate business people.

“What we think is a lot of money to us is not necessarily so to them. Not every Russian businessman is a crook. Some are genuine people here to invest in the Gold Coast. They have businesses and they wanted to invest in Australia. They were more interested in dairy products.”

Visa debit charge records placed on the court record by the police reveal extraordinary expenditure overseas by Mr Karmadonov, who reportedly spent $1.008 million between March 2011 and September 2013, while his wife spent $189,759 between January 2012 and September 2013, all in exotic destinations throughout Europe and Asia.

Police in their legal action say they suspect the money is “the proceeds of an indictable offence or offences”.

But earlier this year Sydney lawyer Igor Kazagrandi in court documents said the respondents denied the money was the proceeds of unlawful activity.

Russian media have reported on some of the nine Siberians and there have also been reports of violent robberies at the Baikal Quartz mine and a deadly shooting nearby.

One online newspaper alleged Mr Kostyukov and Baikal Quartz Gemstones had been investigated for failing to pay taxes of about $300,000 and for fraudulently filing for bankruptcy.

Speaking from Irkutsk, Mr Kostyukov  denied any impropriety and said the group were in Australia to set up the dairy exports.

Asked about the quartz mining business, he declined to comment.

On Monday, in the Supreme Court as part of their action to seize the money, the Federal Police filed requests for subpoenas for two dairy products companies based in Brisbane.

An employee at one of the companies confirmed some Russians had been in touch to discuss a dairy products deal but he said he did not know anything about any subpoenas.

A spokesman for the ANZ Bank said they could not comment on customers. The Australian Federal Police declined to comment because the matter was before the court.

Further court hearings are expected before the end of the year.

Henry Sapiecha