Connect with us

Technology

The digital ‘bank job’ – investigating the unprecedented rise in crypto threats

The digital ‘bank job’ – investigating the unprecedented rise in crypto threats

By Martin Voorzanger, EclecticIQ 

There have been significant fluctuations in the value of cryptocurrency in the past twelve months, a volatility that has already enabled some traders to reap the rewards. However, it’s not just the financial watchdogs that are worried.

Beyond traders, there is another group profiting from the turbulence of cryptocurrencies – cyber criminals. The digital bank heist of tomorrow is quickly becoming a reality, with a notable increase in crypto exchange breaches and reports of crypto malware on the rise.

Crime is money

What’s interesting about some of the criminal cryptocurrency activity seen to date is that it is based around well-known methods of hacking, such as phishing and social engineering. One example of this is the NiceHash raid in 2017. Cyber criminals accessed the company’s payment services through an employee PC, resulting in the theft of 4,700 Bitcoins – valued at a cool $70million at the time. Not only that, Syscoin was targeted through its GitHub account, where a slightly adjusted client was uploaded. As the company advises to use 2FA, it could be suggested that it was uploaded through an employee’s (or other code contributor’s) GitHub account.

With South Korea’s largest crypto exchange, Bithumb, an employee’s home computer was targeted and a vast amount of personal data stolen. While there was no theft of funds here, the hack had a significant impact on Bithumb nonetheless. Its customers reported emails and calls defrauding them of money, leading to both reputational damage and financial loss for the company. In a separate incident in June 2018, hackers did indeed access funds from Bithumb – at the cost of a cool $30 million.

Security – via blockchain – lies at the heart of many cryptocurrencies, but it’s clear that this alone doesn’t go far enough. Regardless of the robustness of blockchain, employees within these exchanges, along with their devices, remain a weak link in the security “chain”. That’s why good security hygiene is not optional – it’s an essential part of any finance function, crypto or otherwise.

The new bots

In addition to the more ‘traditional’ cybercrime tactics, there are new techniques emerging to target the crypto industry specifically. Cryptojacking is one example of this, which sees employees’ computers targeted for criminals to mine cryptocurrencies – without knowledge of the user or their organisation. The rising value of cryptocurrencies means this is a lucrative exploit for cybercriminals and, while each device can only mine small amounts of cryptocurrencies, hackers are getting into so many machines that they are able to create botnets. Collectively, this can deliver large profits.

Cryptojacking isn’t as destructive as other attacks using ransomware, for example. However it still means the devices are compromised, which not only leads to poor performance and affects the longevity of devices, but also means the door is wide open to more serious threats.

But the issue of cryptojacking is moving beyond the employee PC into far more worrying territory, with the first case of a major industrial control system network infected with cryptojacking malware discovered earlier this year. Security firm Radiflow made the discovery, warning that an attack of this nature “can threaten the stability and availability of the physical processes of a critical infrastructure operator”.

A very real reality

Whether criminals are looking to steal crypto assets, mine them covertly or simply cause disruption, the threat is without doubt very real – and growing day by day. A recent report from Microsoft noted a huge surge in coin-mining trojans in Windows PCs in the past six months, advising businesses not to treat them as a nuisance but as a serious threat. The report also noted that while external cybercriminals are often the perpetrators, there is also a growing threat of employees planting unauthorised miners on powerful company systems.

Amongst all of these various threats, humans remain the weakest link in the security chain. Cybercriminals are still using the tactics, techniques and procedures (TTPs) that they know work – and individuals continue to be manipulated and conned into compliance. Despite the security of the cryptocurrencies themselves, the technical systems and exchanges that surround them continue to let the bad guys in.

It’s clear that criminal activity in the crypto space is only going to increase further. As such, organisations across the world must ensure they stay abreast of developments in the crypto world and have adequate measures in place to defend their networks accordingly. Not only that, it’s vital that the employees themselves understand how cybercriminals work and the threats associated with social engineering. Only then can an organisation effectively protect against this new – and prolific – type of threat.

Technology

Blackline reveals CEO succession plan

Blackline reveals CEO succession plan 1

By President & COO Marc Huffman appointed CEO as of Jan. 1st, 2021;
Founder Therese Tucker to serve as executive chair

Accounting automation software leader BlackLine, Inc. (Nasdaq: BL) today announced that the board of directors has elected Marc Huffman as chief executive officer, effective January 1st, 2021.  Mr. Huffman currently serves as president and chief operating officer.  Therese Tucker, who has served as CEO since founding BlackLine in 2001, will continue to serve on the company’s board as executive chair.

A seasoned SaaS (Software-as-a-Service) executive with more than 25 years of experience driving growth at successful software companies, Huffman joined BlackLine in early 2018 as chief operating officer.  He was named president in February 2020, leading the company’s worldwide sales, marketing, technology and all customer-facing organizations.  Since Huffman joined, BlackLine has scaled its sales and customer success teams, strategically repositioned its go-to-market plan, completed a global reseller agreement with SAP, established a subsidiary in Japan, and entered into a number of strategic alliances with the world’s leading consulting and advisory firms.

Prior to BlackLine, Huffman served as president of worldwide sales and distribution at NetSuite.  During his 14-year tenure, NetSuite grew from $3 million to $1 billion in annual revenue and became recognized as a global SaaS powerhouse.

“I’ve been so pleased with the leadership Marc has demonstrated over the past two and a half years, most recently driving our response to the COVID-19 pandemic – mitigating disruption to the business and our customers.  Because of Marc’s leadership, skill set, cultural alignment and stellar performance, BlackLine is in a better position to grow and scale than ever before,” said Ms. Tucker.  “I am incredibly proud of what we have achieved at BlackLine and believe Marc is the kind of leader I can trust to take our customer-centric values, vision and growth to the next level.  I am also thrilled that in addition to providing strategic oversight as executive chair, I will now have more time to focus on the areas I love most – product innovation and customer success.”

The announced transition is part of a multi-year succession plan that has involved seeking potential successors, bringing the right person on board, seeing that person excel, and Tucker and Huffman working methodically together over several years to build out the leadership team and strategic growth plan and ensure values were aligned.

“I am ready and excited for this next step.  BlackLine is a special place with a strong culture and I am looking forward to leading the company through its next phase of growth,” said Huffman.  “We’ve got the team, the plan, and now we are focused on execution as we continue to scale the business and make BlackLine an indispensable platform for Finance & Accounting organizations globally.”

Commenting on the CEO and executive chair changes, John Brennan, BlackLine’s chairman of the board, said, “We are excited to announce Marc’s appointment as CEO.  His experience successfully expanding and scaling NetSuite into new strategic and geographical markets is invaluable as BlackLine continues to penetrate what we believe is still an untapped market.  Coupled with his proven track record at BlackLine we are confident that, under Marc’s leadership, the company’s momentum, growth and success will only accelerate.”

Mr. Brennan added, “Therese has been a strong and inspirational leader since she founded BlackLine just over 19 years ago.  Her unwavering determination and commitment to both customers and employees has been the driving force behind the company’s incredible journey from start-up to global market leader.  We look forward to having her serve as executive chair, a position in which she will continue to shape the future of the company she has built from the ground up.”

Upon Tucker’s assumption of the executive chair role, Brennan will serve as the board’s lead outside director.

Continue Reading

Technology

How sustainable AI improves the triple bottom line

How sustainable AI improves the triple bottom line 2

An investment in green AI enables financial services firms to align people, profit, and planet

By Nick Dale, EVP business development, Verne Global

Green investing is widely regarded as a mega trend, with chief executive Larry Fink of BlackRock, the world’s largest money manager, stating, “Climate change has become a defining factor in companies’ long-term prospects … awareness is rapidly changing, and I believe we are on the edge of a fundamental reshaping of finance.”

The recent seismic shift in public opinion about climate change has not only increased attention on the sustainability and societal impact of investing in a company, it’s also influencing the decisions being made in finance industry boardrooms overall, whether that’s implementing innovative business models or adopting new partnerships and technologies. However, as business leaders strive to make green choices, many are unaware of the hidden environmental costs of the technologies they are employing.

AI in the finance industry

The use of AI has become ubiquitous across industry sectors, and is now an integral part of the technologies being used in financial services, from optimising asset portfolios and underwriting loans to assessing risks.

AI is especially beneficial for things like quantitative trading, which uses large data sets to identify patterns that can then inform strategic trades. AI’s machine learning models can analyse vast and complex data and make predictions accordingly. But AI models are not only data-hungry, they are power hungry.

Power-hungry AI

Supercomputers train and test mountains of data for AI models, and can run 24-hours a day, for hours, days, or even weeks. These applications consume huge amounts of energy, and as AI technology continues to grow and develop, the computations behind it are also increasing in size and complexity. The carbon emissions from training a single AI model for language translation is roughly equivalent to 125 round-trip flights from New York to Beijing (AI Now 2019 Report).

The carbon cost of AI becomes even higher when you factor in the energy required to keep the computing equipment housed in data centres cool – overheating can impact performance and damage equipment. As a result, in a conventional data centre, at least 40% of all energy consumed goes towards cooling.

But sustainable AI is possible if financial services organisations take positive steps to minimise its environmental impact.

Minimising AI’s carbon footprint

Location, location, location

Many tech giants are committing to reducing their carbon footprint, with Amazon pledging to reach 80% renewable energy by 2024, and Google investing in data centres in Nordic countries specifically for better energy efficiency.

Nick Dale

Nick Dale

This is because in the Nordics, data centres are largely powered by renewable energy sources. Iceland, in particular, uses 100% renewable hydroelectric and geothermal power – with no nuclear power sources – and is connected to a reliable power grid. These renewable energy sources are much less harmful to the environment because, unlike fossil fuels, they don’t cause pollution and don’t generate greenhouse gases. Not to mention, renewable energy is based on natural resources that can be replenished within an average human lifetime, as compared to fossil fuels, which can take thousands—or even millions—of years to replace.

Over 80% of compute doesn’t need to be near the end-user, and in those situations, choosing data centre locations in cool climates has a significant impact on carbon emissions. AI compute can be located in places like Iceland, which can utilise all-year-round, free cooling due to its temperate climate.

Data centres that are located in hot climates, like Arizona in the US, require high-powered cooling systems in operation around the clock. With average high temperatures of 40° Celsius in the summer, these data centres can use up to 4 million gallons of water a day to absorb heat through evaporation into cooling towers. Consequently, when location doesn’t hamper performance or accessibility, housing AI compute in data centres with natural cooling is a no-brainer.

Energy efficient and cost-effective

Many in the financial sector have traditionally viewed sustainability as a trade-off between profit and planet, but when it comes to green AI, financial services firms can have it both ways. By housing the servers that train AI models in data centres powered by renewable energy sources, businesses can substantially reduce energy expenses and benefit from long-term, fixed pricing.

And when renewable energy sources are combined with year-round, cool climates, the energy demands and costs of AI can be dramatically reduced. AI is here to stay, but by making the right choices, companies in the finance sector can still drive profitability whilst making real and measurable progress on sustainability.

Continue Reading

Technology

Survey of IT decision makers exposes the increased pressures IT organisations face amidst covid-19

Survey of IT decision makers exposes the increased pressures IT organisations face amidst covid-19 3

Independent Survey Uncovers the Limitations Traditional IT Infrastructure Imposes, Exacerbated by a Remote Workforce

Nebulon, Inc.®, the pioneer of Cloud-Defined Storage, released today the results of an independent survey completed by IT decision makers at 500 companies in the IT, financial services, manufacturing, retail, distribution and transport industries across the UK, US, Germany and France. Conducted in June of this year, the survey exposes the biggest challenges enterprises face in transforming their on-premises application storage environments, which have only been exacerbated during this COVID-19 era. While IT organisations cite multiple restrictions, the survey reveals limited infrastructure automation and high CAPEX as the most significant challenges for those deploying enterprise storage array technology, forcing them to re-examine IT spending and operations even more so than usual amidst the pandemic.

While increasing automation and reducing costs may seem like mainstream initiatives for any large organisation, the pandemic and resulting workforce restrictions mandate significant progress in days or weeks, versus months or quarters. The results of the survey, undertaken by Vanson Bourne, further reinforce this as respondents also highlighted their on-premises application storage environments are difficult to maintain, and reveal that they lacked the in-house expertise necessary to manage them. Even more disconcerting, respondents indicate that their traditional external storage arrays are not suited to handle new workloads, including containers and NoSQL databases. This is unsurprising as modern workloads have been architected for local versus shared storage resources.

British IT decision makers specifically ranked “expensive” highest, with 57% making this one of their top three challenges, followed by “time consuming to maintain” (50%) and “difficult to automate at scale” (49%). Respondents from smaller organisations (1,000-2,999 employees) were more likely to mark “lack of in-house expertise” highly compared to larger organisations (3,000+employees) (59% compared to 31%) while these larger companies were more likely to consider cost a top challenge (61% compared to 35%).

“The impact of the pandemic is forcing CIOs worldwide to reconsider their operations,” said Siamak Nazari, Co-Founder and CEO of Nebulon, Inc. “Reducing costs through server-based storage alternatives without the restrictions of hyperconverged infrastructure, and reducing operating cost pressure through cloud-based management of the application storage infrastructure are crucial initiatives for IT organisations looking to survive this new normal.”

For companies with a growing class of mission-critical data that cannot or should not move to the public cloud, Cloud-Defined Storage is an alternative to expensive storage arrays, offering enterprises a cloud-managed, server-based approach for mission-critical storage. By combining a cloud-based control plane, called Nebulon ON, with server-based storage that is powered by the Nebulon Services Processing Unit (SPU), Nebulon enables organisations to reduce cost for enterprise storage by up to half without compromising on enterprise data services. This is made possible by Nebulon’s unique architecture that makes use of commodity SSDs in industry standard servers, Ethernet in favour of Fibre Channel, and by eliminating operational complexities by moving management to Nebulon ON with an as-a-service model.

Nebulon ON uses AI to analyse application workloads during operations, provides actionable recommendations for IT organisations and provides a single API endpoint that greatly streamlines automation at-scale. Customisable application templates, tailored for customer’s application clusters, eliminate the guesswork in configuring infrastructure and produce repeatable, reliable infrastructure services for modern, mission-critical workloads. With the architectural and operational simplicity of Cloud-Defined Storage, application owners gain a self-service infrastructure provisioning that is unmatched with existing on-premises storage solutions.

“IT organisations have been seeking a cost-effective alternative to external storage arrays for years,” said Nazari. “With our Cloud-Defined Storage offering, they finally have the opportunity to reduce costs while also deploying a self-service solution for application owners that also reduces the operational burden.”

Continue Reading

Call For Entries

Global Banking and Finance Review Awards Nominations 2020
2020 Global Banking & Finance Awards now open. Click Here

Latest Articles

Matt Kolling Matt Kolling
Banking13 hours ago

UBX appoints new Chief Investment Officer

In line with its strategy to explore and invest in companies and platforms of the future, UBX—the Fintech and Corporate...

Workforce Diversity Matters To Our ESG Evaluation 4 Workforce Diversity Matters To Our ESG Evaluation 5
Top Stories20 hours ago

Workforce Diversity Matters To Our ESG Evaluation

We believe the limited representation of Black voices in key decision-making processes prevents companies from reaping the benefits of a...

Blackline reveals CEO succession plan 9 Blackline reveals CEO succession plan 10
Technology21 hours ago

Blackline reveals CEO succession plan

By President & COO Marc Huffman appointed CEO as of Jan. 1st, 2021; Founder Therese Tucker to serve as executive...

From furlough to returning to work - employees are feeling insecure in their future 11 From furlough to returning to work - employees are feeling insecure in their future 12
Business22 hours ago

From furlough to returning to work – employees are feeling insecure in their future

New data looking into 6,273 employees, commissioned by Perkbox, the employee experience platform, has revealed the considerable impacts of the...

How mortgage regulations are changing globally 13 How mortgage regulations are changing globally 14
23 hours ago

How mortgage regulations are changing globally

By Globalaw members Oliver Foerster, Partner @ Huth Dietrich Hahn, Roberto Sparano, Partner @ Quorum Legal ,Paul Tully, Managing Director and Partner...

Return to work: Flexibility, preparation and communication are key 15 Return to work: Flexibility, preparation and communication are key 16
Business4 days ago

Return to work: Flexibility, preparation and communication are key

By Matt Weston, Managing Director, Robert Half UK As lockdown restrictions ease for the foreseeable future, conversations across the business...

How sustainable AI improves the triple bottom line 17 How sustainable AI improves the triple bottom line 18
Technology4 days ago

How sustainable AI improves the triple bottom line

An investment in green AI enables financial services firms to align people, profit, and planet By Nick Dale, EVP business...

The impact and implications of Covid-19 on financial reporting 19 The impact and implications of Covid-19 on financial reporting 20
Finance4 days ago

The impact and implications of Covid-19 on financial reporting

By Mark Billington, Regional Director, Greater China & South-East Asia, ICAEW The economic consequences of Covid-19 have been unprecedented, affecting...

Contis enters RBS Capability and Innovation Fund bid seeking £35 million for disruptive SME growth strategy   21 Contis enters RBS Capability and Innovation Fund bid seeking £35 million for disruptive SME growth strategy   22
Business4 days ago

Contis enters RBS Capability and Innovation Fund bid seeking £35 million for disruptive SME growth strategy  

Leading payments provider, Contis, has applied for two grants from the RBS & BCR Alternative Remedies Package, totalling £35 million.   Unlike most applicants who...

Four years of digital transformation in four weeks: UK lockdown puts pressure on brands to digitally deliver 23 Four years of digital transformation in four weeks: UK lockdown puts pressure on brands to digitally deliver 24
Business4 days ago

Four years of digital transformation in four weeks: UK lockdown puts pressure on brands to digitally deliver

Nearly a third (32%) of consumers would switch providers if a brand’s website is unavailable for more than 24 hours...