bnn.lv Latviski   bnn-news.com English   bnn-news.ru По-русски
Wednesday 26.07.2017 | Name days: Ance, Anna, Annija
LatviaLatvia

Latvian banks fall victim to large-scale theft

FaceBook
Twitter
Draugiem
print
(No Ratings Yet)

Baltic news, News from Latvia, BNN.LV, BNN-NEWS.COM, BNN-NEWS.RULast Wednesday, 3 May, a massive theft took place. Experts are still unsure about the exact scale and possible consequences of this crime. The crime involves IT service provider Rostelecom, which is partially owned by Russia. This company managed to intercept data flow from multiple banks. Among them are two Latvian banks, as reported by Nekā personīga.

The programme reports that banks claim no data was stolen from them, as all activities are safely encrypted. Internet security experts, on the other hand are not so certain. The Russian company most likely managed to access strategically important information about the internal function of those banks. This information can be used for large-scale attacks.

On 26 April, Rostelekom managed to achieve that all transactions performed by banks were being redirected in secret through Russia for five to seven minutes. NP notes that this was an unprecedented event when a company owned by the Russian state intercepted all correspondence.

It is possible that what happened was only a test. Reaction to this ‘test’ allows Russian special services to study the speed and methods used to trace the attack.

Cert.lv deputy manager Varis Teivans told the programme: «This is what happened with this data flow. For ban X, transaction communication with MasterCard or VISA was performed not through original partners in Germany or USA or elsewhere, but through internet service provider close to the Russian state.»

It is possible to trace Rostelekom’s attacks by the seconds on websites that process data flow. It is clear from looking at the data that banks’ transactions are performed using specific data transfer companies. Suddenly, all data starts flowing through Rostelekom servers, NP explains.

Rostelekom can be compared to Latvia’s Lattelecom, the programme notes. The only difference is the size and scale of the company. Rostelekom has enormous international internet connections with other world-class IT companies. Lattelecom established a high-speed optic communication line with Rostelekom in 2009.

The company was previously managed by Sergei Kalugin, who was later rotated to Transport Ministry. Since March 2017, the company has been managed by a different political figure from United Russia – Mikhail Osevskiy. He was St Petersburg’s vice-governor for ten years. After that, he was vice-president of VTB Bank.

Rostelekom’s data interception can be considered an attack, because the intercepted information was carefully selected to contain only specific bank and credit card servicing companies VISA and MasterCard. Something like that cannot happen automatically, journalists say.

Teivans says that this situation is an indication that Russia does not care about secrecy in its cyber-operations. It shows the country is prepared to play dirty in the open without worrying about opinions of international partners, because this Rostelekom is not isolated – it has partners around the world.

They all know an incident has taken place. The question is – what excuse will Rostelekom offer. It is a sigh that they will no longer try to hide. Perhaps it is their strategic goal – to not hide any longer. Perhaps they want their cyber capabilities to be shown to the public and more amplified and cultivated in public space. Similar to how Russian hackers were glorified during elections in USA. And this is a goal to some extent, Cert.lv expert told the programme.

It should be noted that data from Norvik and DNB Bank was intercepted in Latvia. Representatives of the two banks told NP that they use encryption methods to communicate with other service providers. Data intercepted by thieves should be unreadable to thieves.

Cert.lv experts are not as optimistic – even if the encryption key is intact, intercepted information is still very valuable for plans of future attacks. «It is the same as performing reconnaissance of the area before a battle, learning about the opposing army’s strengths and weaknesses. Having information allows generals to plan the scale, tactics and goals of attacks.»

Teivans explains the situation: «Neither we nor they can confirm that something has been stolen. It should be clear to everyone that financial institutions will always say that everything is good and nothing is stolen. […] Even though it was impossible to steal anything of value, they still surveyed the map. The attacker now knows the correspondence targets of those financial institutions when they perform transactions. They can now come up with measures to influence those processes.»

When asked if banks suffered damages or not, Defence Ministry’s state secretary Janis Garisons told NP: «It is hard to say, because we only have initial estimates. Banks should be asked directly.»

The Defence Ministry’s representative replies the following way in relation to any attack objectives: «We can only assume, but it is hard to say if there was any goal, what was and what was not achieved.»

NP found out that the largest internet service providers in Latvia have formed LIX system. When internet communications in foreign countries were expensive, communication in Latvia was performed through this network. As technologies continue to develop, it is now cheaper to use networks in foreign countries.

Latvia has strict rules on data flow that affect so-called critical infrastructure, stating that it should be performed solely through state networks.

Teivans says that this situation raises certain concerns, «because this is not the first time when we see communication intended for Latvia or goes from Latvia is unexpectedly diverted through Moscow. Such cases were noted in the past as well. One such incident took place last year – data intended to be transferred from one institution in Latvia to another was unexpectedly transferred through Moscow.»

Estonia has a special law that states that bank transactions in the cyber environment have to be performed within Estonia’s borders. Latvian Defence Ministry wants to establish similar legislation, but it is currently very hard to limit the IT sector in the country.

Ref: 225.109.109.6011


Leave a reply

Government allows Bite Lietuva to become the owner of TV3, LNT and Star FM

On Tuesday, 25 July, the Cabinet of Ministers permitted Lithuanian company UAB BITE Lietuva to acquire decisive influence in Latvian media companies TV 3 Latvia, LNT and Star FM.

Latvia put on 34th place in global pension index

Latvia is on the 34th place of Natixis Global Asset Management global pension index. It is two places lower than last year, according to the index report for 2017.

Experts predict nearly half of beer consumed in Estonia will be procured in Latvia

Estimates of Estonian alcohol producers and retail traders show that nearly half of all beer and one-third of vodka that will be consumed in the country next year will be procured in Latvia. According to experts, this way Estonia will lose up to EUR 170 million in tax revenue, Postimees reports.

Latvia had the sixth smallest new vehicles registration index in Europe

Compared with the same period of 2016, Latvia has had the sixth lowest registration index for new commercial vehicles in Europe in January-June period, according to data published by European Automobile Manufacturers Association.

LAR proposes reducing micro-enterprise tax to 12%

Latvian Association of Regions proposes establishing micro-enterprise tax rate at 12% instead of 15%, as well as state that calendar year turnover for micro-enterprises is not to be reduced to EUR 40,000, as it is proposed by the government, but to be kept at the current restriction – under EUR 100,000.

Court dismisses Krums from the last of his supervised insolvency process

On Monday, 24 July, Riga Pardaugava Court dismissed the currently arrested insolvency administrator Ilmars Krums from the last one of the insolvency processes currently under his supervision, as confirmed by Insolvency Administration’s representative.

49 «quota refugees» away from Estonia for over 90 days

49 people of the refugees accepted by Estonia as part of the European Union's refugee relocation programme have exceeded the 90-day period of being allowed be away from the country.

Opinion: EU agricultural policy is not equal to all member states

Latvian Association of Agricultural Cooperatives organized a meeting with Agriculture Ministry’s and State Plant Protection Service’s specialists to discuss and search for solutions for opportunities to sow fermented summer rapeseed.

In pictures: Corsica hit by widespread forest fires

Fire-fighters in the French Mediterranean island of Corsica continued on the night to July 25 to battle forest fires covering an area of some 900 hectares.

Can Latvia expect a more rapid rise of excise tax for alcohol and cigarettes?

Finance Ministry has plans to raise excise tax on alcoholic beverages and cigarettes even more rapidly, according to proposals prepared by the ministry to the Excise Tax Law. These proposals have been submitted to the Saeima for approval in the final reading.

LCCI: e-health system will help reduce the number of dishonest patients

«Healthcare Ministry has to secure full integration of e-health system and form a policy for healthcare specialists that is aimed at returning labourers back to work as soon as possible, not issuing countless sick leave certificates,» as noted by representatives of Latvian Chamber for Commerce and Industry.

Swedish government admits «disastrous» data leak

The government of Sweden has stated that one of its agencies has committed a massive leak of sensitive data in 2015, when it organised an information technology outsourcing procedure.

Vucans: there are plenty of proposals for tax reform laws

Around 350 proposals have been received by the Latvian parliament in relation to tax reform laws. Last week, the Saeima supported tax reform laws in the first reading. This week, on the other hand, it is planned to review them in the final reading.

Greece to return to financial markets after three-year pause

Greece, which has been suffering from severe and prolonged financial problems, is expected to return to international financial markets to borrow funds.

Duda to veto Polish judicial reforms

President of Poland Andrzej Duda has stated he would not announce the controversial reforms of the Polish Supreme Court and the National Council of the Judiciary passed in the Polish Sejm that have also sparked mass protests in the country.

Dairy product prices not expected to decline in Latvia soon

Prices of dairy products in Latvia will either remain on the current level or increase even more in the next couple of months. With that, there is no reason to expect price decline in the near future, predicts head of Agriculture Market Promotion Centre Inguna Gulbe.

Five insolvency administrators suspended due to criminal processes in Latvia

Five insolvency administrators have been suspended because of several criminal processes, said Director of Insolvency Administration Inese Steina in an interview to LNT 900 seconds.

Family doctors may change the form of strike if need be

Latvian Family Doctors Association could change the form of its strike of need be, as confirmed by the association’s representative Solvita Olsena.

Baltic animal rights organisations turn attention to fur farming ban in Czech Republic

Following the fur farming ban passed by the parliament of the Czech Republic, Latvian and Estonian animal rights organisations turn the attention of communities in Latvia and Estonia to the increasingly the ethical attitude of European countries to animal rights.

Toyota sales in Latvia up 25%

5,735 new Toyota cars were sold in Baltic States in the first six months of 2017, which is 33% more than last year. Toyota’s total market share in Baltics is 14.2%, BNN was informed by the company.

Number of accidents caused by tractors and size of claims on a rise

Over the course of the past several years, the number of traffic accidents caused by specialized agricultural vehicles and the size of insurance claims has grown in Latvia, as reported by Motor Insurers' Bureau of Latvia.

Businessmen offer to help fund railway works in Estonia rejected by minister

Entrepreneurs in Lääne County, Estonia, have offered the state to help with funding the reconstruction of a railway section, by attracting private money, but the offer has been rejected by Estonian Economic Affairs Minister Kadri Simson.

International Baltic Bikini military exercises to be organized in Latvia

Baltic Bikini 2017 military exercises will be taking place in Liepaja, Latvia, throughout 24 – 28 July. More than 100 Baltic and American troops will be participating together with State Border Guard and Emergency Health Service to practice survival skills, as reported by Defence Ministry.

SRS: envelope wages will be a priority this year

More than half of Latvian employers pay their employees wages below the minimal monthly amount, said Director of the State Revenue Service Tax Control Office Sandra Karklina Admine in an interview to Rīta panorama on Monday, 24 July.

Latvians hesitant to use electronic means to request benefits

So far, Latvia residents have been rather slow in the use of electronic tools to request benefits from the State Social Insurance Agency.