bnn.lv Latviski   bnn-news.com English   bnn-news.ru По-русски
Tuesday 24.10.2017 | Name days: Renāte, Modrīte, Mudrīte
LatviaLatvia

Latvian banks fall victim to large-scale theft

FaceBook
Twitter
Draugiem
print
(No Ratings Yet)

Baltic news, News from Latvia, BNN.LV, BNN-NEWS.COM, BNN-NEWS.RULast Wednesday, 3 May, a massive theft took place. Experts are still unsure about the exact scale and possible consequences of this crime. The crime involves IT service provider Rostelecom, which is partially owned by Russia. This company managed to intercept data flow from multiple banks. Among them are two Latvian banks, as reported by Nekā personīga.

The programme reports that banks claim no data was stolen from them, as all activities are safely encrypted. Internet security experts, on the other hand are not so certain. The Russian company most likely managed to access strategically important information about the internal function of those banks. This information can be used for large-scale attacks.

On 26 April, Rostelekom managed to achieve that all transactions performed by banks were being redirected in secret through Russia for five to seven minutes. NP notes that this was an unprecedented event when a company owned by the Russian state intercepted all correspondence.

It is possible that what happened was only a test. Reaction to this ‘test’ allows Russian special services to study the speed and methods used to trace the attack.

Cert.lv deputy manager Varis Teivans told the programme: «This is what happened with this data flow. For ban X, transaction communication with MasterCard or VISA was performed not through original partners in Germany or USA or elsewhere, but through internet service provider close to the Russian state.»

It is possible to trace Rostelekom’s attacks by the seconds on websites that process data flow. It is clear from looking at the data that banks’ transactions are performed using specific data transfer companies. Suddenly, all data starts flowing through Rostelekom servers, NP explains.

Rostelekom can be compared to Latvia’s Lattelecom, the programme notes. The only difference is the size and scale of the company. Rostelekom has enormous international internet connections with other world-class IT companies. Lattelecom established a high-speed optic communication line with Rostelekom in 2009.

The company was previously managed by Sergei Kalugin, who was later rotated to Transport Ministry. Since March 2017, the company has been managed by a different political figure from United Russia – Mikhail Osevskiy. He was St Petersburg’s vice-governor for ten years. After that, he was vice-president of VTB Bank.

Rostelekom’s data interception can be considered an attack, because the intercepted information was carefully selected to contain only specific bank and credit card servicing companies VISA and MasterCard. Something like that cannot happen automatically, journalists say.

Teivans says that this situation is an indication that Russia does not care about secrecy in its cyber-operations. It shows the country is prepared to play dirty in the open without worrying about opinions of international partners, because this Rostelekom is not isolated – it has partners around the world.

They all know an incident has taken place. The question is – what excuse will Rostelekom offer. It is a sigh that they will no longer try to hide. Perhaps it is their strategic goal – to not hide any longer. Perhaps they want their cyber capabilities to be shown to the public and more amplified and cultivated in public space. Similar to how Russian hackers were glorified during elections in USA. And this is a goal to some extent, Cert.lv expert told the programme.

It should be noted that data from Norvik and DNB Bank was intercepted in Latvia. Representatives of the two banks told NP that they use encryption methods to communicate with other service providers. Data intercepted by thieves should be unreadable to thieves.

Cert.lv experts are not as optimistic – even if the encryption key is intact, intercepted information is still very valuable for plans of future attacks. «It is the same as performing reconnaissance of the area before a battle, learning about the opposing army’s strengths and weaknesses. Having information allows generals to plan the scale, tactics and goals of attacks.»

Teivans explains the situation: «Neither we nor they can confirm that something has been stolen. It should be clear to everyone that financial institutions will always say that everything is good and nothing is stolen. […] Even though it was impossible to steal anything of value, they still surveyed the map. The attacker now knows the correspondence targets of those financial institutions when they perform transactions. They can now come up with measures to influence those processes.»

When asked if banks suffered damages or not, Defence Ministry’s state secretary Janis Garisons told NP: «It is hard to say, because we only have initial estimates. Banks should be asked directly.»

The Defence Ministry’s representative replies the following way in relation to any attack objectives: «We can only assume, but it is hard to say if there was any goal, what was and what was not achieved.»

NP found out that the largest internet service providers in Latvia have formed LIX system. When internet communications in foreign countries were expensive, communication in Latvia was performed through this network. As technologies continue to develop, it is now cheaper to use networks in foreign countries.

Latvia has strict rules on data flow that affect so-called critical infrastructure, stating that it should be performed solely through state networks.

Teivans says that this situation raises certain concerns, «because this is not the first time when we see communication intended for Latvia or goes from Latvia is unexpectedly diverted through Moscow. Such cases were noted in the past as well. One such incident took place last year – data intended to be transferred from one institution in Latvia to another was unexpectedly transferred through Moscow.»

Estonia has a special law that states that bank transactions in the cyber environment have to be performed within Estonia’s borders. Latvian Defence Ministry wants to establish similar legislation, but it is currently very hard to limit the IT sector in the country.

Ref: 225.109.109.6011


Leave a reply

Pabriks: losing control over airBaltic would be a mistake for Latvia

«If attraction of an investor for Latvian’s national airline airBaltic results in full privatization of the company, Latvian state would make a strategic mistake,» says MEP Artis Pabriks.

Another person may be involved in NSL and ZZS illegal financing case

Corruption Prevention and Combating Bureau’s launched criminal process regarding possible illegal financing of parties To Latvia from the Heart and Union of Greens and Farmers has identified another involved person.

Mortality from strokes in Latvia may grow significantly in the near future

To raise awareness of the dramatic situation with strokes in Latvia and motivate decision-makers into improving stroke prevention measures and treatment and increasing funding for this area, cardiologists and neurologists invite officials to come to a discussion.

Pavļuts: party unions would be welcome, but not for politically technical reasons

In preparation for Saeima elections, unions should be considered by parties that have similar goals, not politically technical considerations, said Kustība Par leader Daniels Pavļuts in an interview to Rīta panorama programme.

Minister: changes in Russian schools needed for formation of unified political nation

Latvia requires a unified political nation, which is impossible to achieve living in different education spaces. With that, it is only natural for the process to progress towards our youth studying together, Latvian Education Minister Kārlis Šadurskis told Rīta panorama programme about the intended education reforms in Russian-speaking schools.

Czech election won by party of police-sought billionaire Babiš

In the parliamentary election of the Czech Republic, which took place over the weekend, centrist party ANO has won. It is chaired by billionaire Andrej Babiš, who has been stripped of the immunity of a member of parliament over suspected wrongdoing in attracting European Union farming subsidies.

Rīgas satiksme limits competition; agreements prevent ‘others’ from entering the market

Competition Council believes Rīgas satiksme’s contracts with private companies limit competition, because they prevent other players from entering the market, as reported by De Facto programme of LTV.

Weather will be clear and dry in Latvia at first; set to change in second half of the week

On Monday and Tuesday weather will be dictated by increased atmospheric pressure – weather will remain clear and dry. Wind will draw in from the east and south-east, which will be strong along the coast in Kurzeme, as reported by Environment, Geology and Meteorology Centre.

Spain denies effort to strip Catalonia of autonomy amount to coup

The Foreign Minister of Spain, Alfonso Dastis, has dismissed claims that the effort of the central government to introduce direct rule in the separatist region of Catalonia can be considered as a coup d'état as it is seen in Barcelona.

TM: the ministry is open for a full disposal of state-owned airBaltic shares

Latvian Transport Ministry is currently engaged in reviewing specific offers for attraction of investors for airBaltic. A full privatization of the company is not out of the question, says the ministry’s state secretary Kaspars Ozoliņš.

Week in Lithuania. Election watchdog’s decision puts budget grants for Liberals in question

A total of 45,336 euros in the costs of the training organised by an Institute of Applied Politics owned by Sarunas Gustainis, a former MP and former member of the Liberal Movement, for the party should be recognised as non-monetary contribution, says a task force established by the Lithuanian Central Electoral Commission.

BNN summary of the week: birth and death rates in Latvia turn out shocking. Gambling halls to close down

BNN offers a summary of this week’s topical news in a variety of categories: Fight; Truth; Business; Future.

Professor: by taking money away from science, the state shoots itself in the foot

The matter regarding insufficient funding for science has recently become more topical in the public space. President of Latvian Academy of Sciences Ojārs Spārītis is rather critical of the situation: Latvia has lied to the European Union and European Commission about making sure that funding for science reaches 1.5% of GDP by 2020.

To prevent fraud, audit of MPC recipients to be performed in Latvia

Latvian Economy Ministry intends to perform an audit of mandatory procurement component recipients and use new regulations to combat fraudulent activities, as confirmed by Economy Minister Arvils Ašeradens.

Rail Baltic procurements to be processed using Electronic Procurements System

Following the changes to Latvian Republic’s Public Procurements Law, all new procurements for Rail Baltica administered by RB RAIL will be processed using a free electronic information system and its e-contest subsystem.

Estonian construction price index pushed up by wages

The construction price index in Estonia has in July-September of 2017 increased by 0.9% in comparison to second quarter this year and by 1.7% from July-September of 2016, Estonian statisticians have estimated.

Surplus of Latvia’s government budget reached 9.5 million euros in 2016

In 2016 general government budget surplus accounted for EUR 9.5 million or 0.04 % of the Gross Domestic Product, whereas general government consolidated gross debt amounted to EUR 10 091.6 million or 40.6 % of the GDP.

Latvia to invest EUR 5.9 million into formation of unified port network

Ports of Riga planning region and Kurzeme planning region have commenced an important tourism project. The goal of this project is creating a unified yacht port network in Latvia and Estonia with quality services that would allow developing sailing tourism and attract foreign sailing enthusiasts in the future, reports the regions’ representative Inese Ozoliņa.

Graft-suspected Tartu deputy mayors resign

In Estonia's second largest city, Tartu, Deputy Mayors Artjom Suvorov and Valvo Semilarski have stepped down from office, Estonian press reported, after the politicians were arrested under suspicion of graft.

Expert: workers of Latvia’s NGO sector have high ‘burnout’ risk

Workers of Latvia’s NGO sector have a high burnout risk, said once the director of Providus Dace Akule in an interview to Latvijas Radio.

Producer: many young people come to work in the film industry

Latvia’s film industry has been steadily growing these past several years, and it is especially gratifying that many young people are coming to work in the industry, says director and producer, representative of Film Angels Productions Jānis Kalējs.

Pollution blamed for every sixth premature death globally

Nine million premature deaths globally in 2015 are said to be related to pollution, a study has found pointing to presence of harmful matter in air, water and workplace as the three main risk factors.

Infectologist: influenza kills biologically the weakest, including children and pregnant women

Influenza is an infection that affects both children and adults. However, it kills those who are biologically weak, says Immunization State Council chairperson and infectologist of Children’s Vaccination Centre Dace Zavadska.

Investor activity made easier between Latvia and Vietnam

An intergovernmental agreement has been signed between the Republic of Latvia and Socialist Republic of Vietnam on prevention of double taxation and tax avoidance in relation to income tax.

Colder masses of air to enter Latvia in coming days; precipitation to be limited

Although high atmospheric pressure will be present above Latvia in the coming days, southern regions in Latvia will experience short-term precipitation on Saturday, 12 October, caused by the cyclone active above Poland. Colder masses of air will enter Latvia in the coming days.