Travelers says it is in ‘right spot’ for cyber insurance exposure

Travelers says it is in 'right spot' for cyber insurance exposure

By Suzanne Barlyn

(Reuters) – Travelers Cos Inc <TRV.N> plans to stick to its recent growth pace for sales of cyber insurance, which protects businesses against hacking and other liabilities, despite potential to boost it, as the insurer assesses risks in the segment, its head of specialty insurance said on Monday.

“We feel like we’re just in the right spot,” Thomas Kunkel, the insurer’s president of bond and specialty insurance, said during an investor meeting in Connecticut.

Travelers has increased its cyber business at a 40 percent compound annual growth rate since 2011 and could quicken the pace, Kunkel said. “It would not be hard,” he said.

But Travelers must be “respectful and prudent” about the risks involved in cyber, Kunkel said.

Insurers have said the growing sophistication of hackers alongside a still-evolving cyber insurance industry makes it difficult to quantify their potential cyber-related losses.

About three-quarters of cyber policies that Travelers writes cover up to $1 million in damages, while nearly a quarter cover between $1 million and $5 million, the company said.

“We manage our limits very closely,” Kunkel said.

Equifax Inc <EFX.N>, which compiles credit information about consumers and assigns them scores, disclosed in September that cyber criminals had breached its systems between mid-May and late July and stolen the sensitive information of 145.5 million people. The hack is among the largest ever.

Regulation will also drive demand for cyber insurance, particularly in the financial services sector, Fitch Ratings said in a report on Monday.

“As the cyber insurance market develops, competition is likely to erode profit margins,” Fitch said.

Some insurers who ultimately enter the cyber market may lack underwriting experience and take on risks that could exceed their capital, Fitch said.

Events that could trigger large claims include cyber attacks on electronic grids and transportation systems, or hacks of large data storage clouds, Fitch said.

Insurer American International Group Inc <AIG.N> said on Oct. 26 that it was reviewing all types of coverage it offers to gauge its exposure to cyber risk.

AIG will start including cyber coverage as part of its commercial casualty insurance during the first quarter of 2018, Tracie Grella, global head of cyber risk insurance, said at the time.

The move would boost rates but also make it clearer how customers are covered if they are the victim of a security breach.

Many commercial insurers offer stand-alone cyber coverage, but it is not yet a standard addition to most other policies, such as property and casualty.

(Reporting by Suzanne Barlyn in New York; Editing by Lisa Von Ahn and Matthew Lewis)

Rookies and robots brace for first UK rate rise since 2007

Office lights are on at dusk in the Canary Wharf financial district, London, Britain,

By Fanny Potkin and Polina Ivanova

LONDON (Reuters) – Financial markets braced this week for what could be the Bank of England’s first rate rise in a decade – a step into the unknown for a generation of young traders who started work after 2007 but also for the state-of-the-art technology they use.

After a decade that included a global financial crash, numerous investigations into market collusion and relentless automation, trading floors at banks in London have been transformed in ways not obvious at first glance.

The newest kid on the block is not necessarily the rookie trader with a PhD in physics but the latest computer model or algorithm. How these models will perform under the almost novel circumstances of tightening monetary policy is as much a question as how the human neophytes will react.

Using past market data, assessments of demand, valuation models and even measures of how upbeat news headlines are, computers crunch the numbers, game the scenarios and buy or sell in the blink of an eye.

But shocks such as Brexit have shown that computer-driven trading can end in stampedes, or so-called flash crashes.

“You’ve got to weigh up the strength of the traders and the strength of the algorithms that have been developed and whether they can manage this kind of a process when the rate hike does come in,” said Benjamin Quinlan, CEO of financial services strategy consultancy Quinlan & Associates.

At Citibank’s expansive trading floor in London, the dealing room doesn’t look much different from a decade ago with traders hunched in front of banks of screens, the odd national flag perched on top, and television screens on mute.

But beneath the outward appearance, foreign exchange trading has undergone a seismic shift: more than 90 percent of cash transactions and a growing proportion of derivatives trades in the global $5 trillion a day FX market are done electronically.

So-called smart algos, or fully automated algorithmic trading programs that react to market movements with no human involvement, were virtually non-existent in 2007. Now, almost a third of foreign exchange trades are driven solely by algorithms, according to research firm Aite Group.

“Most of these algorithms haven’t really been tested in a rising interest rate scenario so the next few months will be crucial,” said a portfolio manager at a hedge fund in London.

To be sure, the U.S. Federal Reserve’s first rate rise in a decade in 2015 provided a dry run for this week’s UK decision – but the two economies are in very different positions and the knock-on effects on the wider financial markets of a Bank of England move are hard to predict.

 

ROOKIES AND ROBOTS

Much has changed since the Bank of England raised rates by 0.25 percent on July 5, 2007 to 5.75 percent. The first iPhone had yet to reach British shores, the country’s TVs ran on analogue signals and Northern Rock bank was alive and well.

Where once lightning decision-making and a calm head in a crisis were at a premium, the bulk of trading today is done by machines and the job of a foreign exchange sales trader is often little more than minding software and fielding client queries.

Itay Tuchman, head of global FX trading at Citi and a 20-year market veteran, said while the bank employs roughly the same number of people in currency trading as over the last few years, fewer are dedicated to business over the phone.

“We have an extensive electronic trading business, powered by our algorithmic market making platform, which is staffed by many people that have maths and science PhDs from various backgrounds,” said Tuchman, who heads trading for Citi’s global developed and emerging currency businesses.

London is the epicenter of those changes with the average daily turnover of foreign exchange trades executed directly over the phone down by a fifth to $566 billion in just three years to 2016, according to the Bank of England.

At Dutch bank ING’s London trading room, Obbe Kok, head of UK financial markets, said the floor now has about 165 people but the bank wants to make it 210 by the end of the year – searching mainly for traders attuned to technological innovations and keen on artificial intelligence.

The proportion of people employed in trading with degrees in mathematics and statistics has increased by a 58 percent over the last 10 years, Emolument, a salary benchmarking site, said.

“What banks have started to do is trade experience for technological skill and with electronic platforms growing, the average age on the floor is a bit younger,” said Adrian Ezra, CEO of financial services recruitment agency Execuzen.

 

TAPER TANTRUM

The increasing use of technology means traders can gauge the depth of market liquidity at the click of a button or quickly price an option based on volatility – a major change from a few years ago when they had to scour the market discreetly for fear of disclosing their interest to rivals.

Ala’A Saeed, global head of institutional electronic sales and one of the brains behind Citi’s trading platform FX Velocity, said its electronic programs process thousands of trades per minute.

Most of the currency trading models used by banks incorporate variables such as trading ranges, valuation metrics including trade-weighted indexes and trends in demand based on internal client orders to get a sense of which way markets are moving – and the potential impact of a new trade.

Nowadays, the models also incorporate sentiment analysis around news headlines and economic data surprises.

These electronic trading platforms also have years of financial data plugged into them with various kinds of scenario analyses, but one thing they have sometimes appeared unprepared for is a sudden change in policy direction.

Witness the market mayhem exacerbated by trend-following algorithms when Switzerland’s central bank scrapped its currency peg in 2015, or the taper tantrum in 2013 when the U.S. Federal Reserve said it would stop buying bonds.

Or Britain’s vote last year to leave the European Union.

Indeed, the biggest risk for financial markets cited by money managers in a Bank of America Merrill Lynch poll in October was a policy misstep from a major central bank.

 

EASY CREDIT, LOW VOLATILITY

One concern is that the rise in automation has coincided with a prolonged decline in market volatility as central banks from the United States to Japan have kept interest rates close to zero and spent trillions of dollars dragging long-term borrowing costs lower to try to reboot depressed economies.

While central banks have been careful to get their messages across as they end the years of stimulus, there are concerns about whether quantitative trading models can capture all the qualitative policy shifts.

For example, a growing number of investors expect the Bank of England to raise its benchmark interest rate to 0.5 percent on Nov. 2, and then leave it at that for the foreseeable future.

But futures markets are expecting another rate rise within six to nine months, injecting a new level of risk around interest rate moves and potentially boosting volatility.

Neale Jackson, a portfolio manager at 36 South Capital Advisors, a $750 million volatility hedge fund in London, said young traders have never seen an environment other than central banks supporting markets, and that has fueled risk-taking underpinned by the belief that “big brother has got our backs”.

“The problem these days is that there’s a whole generation of traders who have never seen interest rates, let alone interest rates hikes,” said Kevin Rodgers, a veteran FX trader and the author of “Why Aren’t They Shouting?”, a book about the computer revolution within financial markets.

 

(Additional reporting by Maiya Keidan and Simon Jessop; writing by Saikat Chatterjee; editing by Mike Dolan and David Clarke)

 

NotPetya hackers likely behind BadRabbit attack: researchers

NotPetya hackers likely behind BadRabbit attack: researchers

By Jack Stubbs

MOSCOW (Reuters) – Technical indicators suggest a cyber attack which hit Russia and other countries this week was carried out by hackers behind a similar but bigger assault on Ukraine in June, security researchers who analyzed the two campaigns said on Wednesday.

Russia-based cyber firm Group-IB said the BadRabbit virus used in this week’s attack shared a key piece of code with the NotPetya malware that crippled businesses in Ukraine and worldwide earlier this year, suggesting the same group was responsible.

The BadRabbit attack hit Russia, Ukraine and other countries on Tuesday, taking down Russia’s Interfax news agency and delaying flights at Ukraine’s Odessa airport.

Multiple cyber security investigators have linked the two attacks, citing similarities in the malware coding and hacking methods, but stopped short of direct attribution.

Still, experts caution that attributing cyber attacks is notoriously difficult, as hackers regularly use techniques to cover their tracks and sometimes deliberately mislead investigators about their identity.

Security researchers at Cisco’s Talos unit said BadRabbit bore some similarities with NotPetya as they were both based on the same malware, but large parts of code had been rewritten and the new virus distribution method was less sophisticated.

They confirmed BadRabbit used a hacking tool called Eternal Romance, believed to have been developed by the U.S. National Security Agency (NSA) before being stolen and leaked online in April.

NotPetya also employed Eternal Romance, as well as another NSA tool called Eternal Blue. But Talos said they were used in a different way and there was no evidence Bad Rabbit contained Eternal Blue.

“It is highly likely that the same group of hackers was behind (the) BadRabbit ransomware attack on Oct. 25, 2017 and the epidemic of the NotPetya virus, which attacked the energy, telecommunications and financial sectors in Ukraine in June 2017,” Group-IB said in a technical report.

Matthieu Suiche, a French hacker and founder of the United Arab Emirates-based cyber security firm Comae Technologies, said he agreed with the Group-IB assessment that there was “serious reason to consider” that BadRabbit and NotPetya were created by the same people.

But some experts have said the conclusion is surprising as the NotPetya attack is widely thought to have been carried out by Russia, an allegation Moscow denies.

Ukrainian officials have said the NotPetya attack directly targeted Ukraine and was carried about by a hacking group widely known as Black Energy, which some cyber experts say works in favor of Russian government interests. Moscow has repeatedly denied carrying out cyber attacks against Ukraine.

The majority of BadRabbit’s victims were in Russia, with only a few in other countries such Ukraine, Bulgaria, Turkey and Japan.

Group-IB said some parts of the BadRabbit virus dated from mid-2014, however, suggesting the hackers used old tools from previous attacks. “This corresponds with BlackEnergy timeframes, as the group started its notable activity in 2014,” it said.

(Additional reporting by Eric Auchard; Editing by Jim Finkle/Mark Heinrich)

Kaspersky says it obtained suspected NSA hacking code from U.S. computer

Kaspersky says it obtained suspected NSA hacking code from U.S. computer

By Joseph Menn

SAN FRANCISCO (Reuters) – Moscow-based Kaspersky Lab on Wednesday acknowledged that its security software had taken source code for a secret American hacking tool from a personal computer in the United States.

The admission came in a statement from the embattled company that described preliminary results from an internal inquiry it launched into media reports that the Russian government used Kaspersky anti-virus software to collect National Security Agency technology.

While the explanation is considered plausible by some security experts, U.S. officials who have been campaigning against using Kaspersky software on sensitive computers are likely to seize on the admission that the company took secret code that was not endangering its customer to justify a ban.

Fears about Kaspersky’s ties to Russian intelligence, and the capacity of its anti-virus software to sniff out and remove files, prompted an escalating series of warnings and actions from U.S. authorities over the past year. They culminated in the Department of Homeland Security last month barring government agencies from using Kaspersky products.

In a statement, the company said it stumbled on the code a year earlier than the recent newspaper reports had it, in 2014. It said logs showed that the consumer version of Kaspersky’s popular product had been analyzing questionable software from a U.S. computer and found a zip file that was flagged as malicious.

While reviewing the file’s contents, an analyst discovered it contained the source code for a hacking tool later attributed to what Kaspersky calls the Equation Group. The analyst reported the matter to Chief Executive Eugene Kaspersky, who ordered that the company’s copy of the code be destroyed, the company said.

“Following a request from the CEO, the archive was deleted from all our systems,” the company said. It said no third parties saw the code, though the media reports had said the spy tool had ended up in Russian government hands.

The Wall Street Journal said on Oct. 5 that hackers working for the Russian government appeared to have targeted the NSA worker by using Kaspersky software to identify classified files. The New York Times reported on Oct. 10 that Israeli officials reported the operation to the United States after they hacked into Kaspersky’s network.

Kaspersky did not say whether the computer belonged to an NSA worker who improperly took home secret files, which is what U.S. officials say happened. Kaspersky denied the Journal’s report that its programs searched for keywords including “top secret.”

The company said it found no evidence that it had been hacked by Russian spies or anyone except the Israelis, though it suggested others could have obtained the tools by hacking into the American’s computer through a back door it later spotted there.

The new 2014 date of the incident is intriguing, because Kaspersky only announced its discovery of an espionage campaign by the Equation Group in February 2015. At that time, Reuters cited former NSA employees who said that Equation Group was an NSA project.

Kaspersky’s Equation Group report was one of its most celebrated findings, since it indicated that the group could infect firmware on most computers. That gave the NSA almost undetectable presence.

Kaspersky later responded via email to a question by Reuters to confirm that the company had first discovered the so-called Equation Group programs in the spring of 2014.

It also did not say how often it takes uninfected, non-executable files, which normally would pose no threat, from users’ computers.

Former employees told Reuters in July that the company used that technique to help identify suspected hackers. A Kaspersky spokeswoman at the time did not explicitly deny the claim but complained generally about “false allegations.”

After that, the stories emerged suggesting that Kaspersky was a witting or unwitting partner in espionage against the United States.

Kaspersky’s consumer anti-virus software has won high marks from reviewers.

It said Monday that it would submit the source code of its software and future updates for inspection by independent parties.

(Reporting by Joseph Menn in San Francisco; Editing by Jim Finkle and Eric Auchard)

Exclusive: U.S. widens surveillance to include ‘homegrown violent extremists’ – documents

Exclusive: U.S. widens surveillance to include 'homegrown violent extremists' - documents

By Dustin Volz

WASHINGTON (Reuters) – The U.S. government has broadened an interpretation of which citizens can be subject to physical or digital surveillance to include “homegrown violent extremists,” according to official documents seen by Reuters.

The change last year to a Department of Defense manual on procedures governing its intelligence activities was made possible by a decades-old presidential executive order, bypassing congressional and court review.

The new manual, released in August 2016, now permits the collection of information about Americans for counterintelligence purposes “when no specific connection to foreign terrorist(s) has been established,” according to training slides created last year by the Air Force Office of Special Investigations (AFOSI).

The slides were obtained by Human Rights Watch through a Freedom of Information Act request about the use of federal surveillance laws for counter-drug or immigration purposes and shared exclusively with Reuters.

The Air Force and the Department of Defense told Reuters that the documents are authentic.

The slides list the shooting attacks in San Bernardino, California, in December 2015 and Orlando, Florida, in June 2016 as examples that would fall under the “homegrown violent extremist” category. The shooters had declared fealty to Islamic State shortly before or during the attacks, but investigators found no actual links to the organization that has carried out shootings and bombings of civilians worldwide.

Michael Mahar, the Department of Defense’s senior intelligence oversight official, said in an interview that AFOSI and other military counterintelligence agencies are allowed to investigate both active duty and U.S. civilian personnel as long as there is a potential case connected to the military. Investigations of civilians are carried out cooperatively with the Federal Bureau of Investigation, Mahar said.

Executive order 12333, signed by former President Ronald Reagan in 1981 and later modified by former President George W. Bush, establishes how U.S. intelligence agencies such as the CIA are allowed to pursue foreign intelligence investigations. The order also allows surveillance of U.S. citizens in certain cases, including for activities defined as counterintelligence.

Under the previous Defense Department manual’s definition of counterintelligence activity, which was published in 1982, the U.S. government was required to demonstrate a target was working on behalf of the goals of a foreign power or terrorist group.

It was not clear what practical effect the expanded definition might have on how the U.S. government gathers intelligence. One of the Air Force slides described the updated interpretation as among several “key changes.”

‘CLOAK OF DARKNESS’

However, some former U.S. national security officials, who generally support giving agents more counterterrorism tools but declined to be quoted, said the change appeared to be a minor adjustment that was unlikely to significantly impact intelligence gathering.

Some privacy and civil liberties advocates who have seen the training slides disagreed, saying they were alarmed by the change because it could increase the number of U.S. citizens who can be monitored under an executive order that lacks sufficient oversight.

“What happens under 12333 takes place under a cloak of darkness,” said Sarah St. Vincent, a surveillance researcher with Human Rights Watch who first obtained the documents. “We have enormous programs potentially affecting people in the United States and abroad, and we would never know about these changes” without the documents, she said.

The National Security Act, a federal law adopted 70 years ago, states that Congress must be kept informed about significant intelligence activities. But the law leaves the interpretation of that to the executive branch.

The updated interpretation was motivated by recognition that some people who may pose a security threat do not have specific ties to a group such as Islamic State or Boko Haram, Mahar at the Defense Department said.

“The internet and social media has made it easier for terrorist groups to radicalize followers without establishing direct contact,” Mahar said.

“We felt that we needed the flexibility to target those individuals,” he said.

In August 2016, during the final months of former President Barack Obama’s administration, a Pentagon press release announced that the department had updated its intelligence collecting procedures but it made no specific reference to “homegrown violent extremists.”

The revision was signed off by the Department of Justice’s senior leadership, including the attorney general, and reviewed by the Privacy and Civil Liberties Oversight Board, a government privacy watchdog.

Mahar said that “homegrown violent extremist,” while listed in the Air Force training slide, is not an official phrase used by the Defense Department. It does not have a specific list of traits or behaviors that would qualify someone for monitoring under the new definition, Mahar said.

Hunches or intuition are not enough to trigger intelligence gathering, Mahar said, adding that a “reasonable belief” that a target may be advancing the goals of an international terrorist group to harm the United States is required.

The updated Defense Department manual refers to any target “reasonably believed to be acting for, or in furtherance of, the goals or objectives of an international terrorist or international terrorist organization, for purposes harmful to the national security of the United States.”

Mahar said that in counterterrorism investigations, federal surveillance laws, including the Foreign Intelligence Surveillance Act, continue to govern electronic surveillance in addition to the limitations detailed in his department’s manual.

(Reporting by Dustin Volz; editing by Grant McCool)

Senators push bill requiring warrant for U.S. data under spy law

Senators push bill requiring warrant for U.S. data under spy law

By Dustin Volz

WASHINGTON (Reuters) – A bipartisan group of at least 10 U.S. senators plans to introduce on Tuesday legislation that would substantially reform aspects of the National Security Agency’s warrantless internet surveillance program, according to congressional aides.

The effort, led by Democrat Ron Wyden and Republican Rand Paul, would require a warrant for queries of data belonging to any American collected under the program. The bill’s introduction is likely to add uncertainty to how Congress will renew a controversial portion of a spying law due to expire on Dec. 31.

Section 702 of the Foreign Intelligence Surveillance Act is considered by U.S. intelligence officials to be among their most vital tools used to combat national and cyber security threats and help protect American allies.

It allows U.S. intelligence agencies to eavesdrop on and store vast amounts of digital communications from foreign suspects living outside the United States.

The surveillance program, classified details of which were exposed in 2013 by former NSA contractor Edward Snowden, also incidentally scoops up communications of Americans, including if they communicate with a foreign target living overseas.

Those communications can then be subject to searches without a warrant, including by the Federal Bureau of Investigation, a practice that the USA Rights Act authored by Wyden and Paul would end.

The measure is expected to be introduced with support from a wide berth of civil society groups, including the American Civil Liberties Union and FreedomWorks, a Wyden spokesman said.

It would renew Section 702 for four years with additional transparency and oversight provisions, such as allowing individuals to more easily raise legal challenges against the law and expand the oversight jurisdiction of the Privacy and Civil Liberties Oversight Board, a government privacy watchdog.

A bipartisan group of lawmakers in the House of Representatives earlier this month introduced legislation seeking to add privacy protections to Section 702, including a partial restriction to the FBI’s ability to access U.S. data when seeking evidence of a crime.

But that was criticized by privacy groups as too narrow.

Separately, the Senate Intelligence Committee is expected to privately vote on Tuesday on a bill to reauthorize Section 702 that privacy advocates say will lack their reform priorities.

Wyden sent a letter on Monday urging committee leaders to allow a public vote, saying the bill “will have enormous impact on the security, liberty, and constitutional rights of the American people” and should be debated in the open.

(Reporting by Dustin Volz; Editing by Leslie Adler)

After massive quakes, millions in Mexico turn to early warning app

After massive quakes, millions in Mexico turn to early warning app

By Sheky Espejo

MEXICO CITY (Reuters) – Since two massive earthquakes hit Mexico in September, claiming more than 460 lives, an early warning start-up called SkyAlert has doubled its users to 5.8 million, making it one of the country’s most downloaded apps.

SkyAlert has also found a market selling alarms to small businesses in the capital, said its co-founder and director Alvaro Velasco. And it is looking to expand to Latin America, mainly Colombia, Peru and Chile, which lack an official alerting system despite frequent quakes in those countries.

Velasco said that he and SkyAlert co-founder Alejandro Cantú are talking to investors from Mexico and elsewhere about raising 100 million pesos ($5.35 million) in capitalization in 2018.

He said the surge in users after the most recent deadly quake in Mexico City had heightened the interest of existing investors including U.S.-based American Messaging and attracted interest from two Mexico-based private equity funds.

American Messaging did not respond to requests to comment on any potential new investment.

Velasco said SkyAlert was in talks with those funds and existing investors to inject around 20 million pesos (1.05 million dollars) into SkyAlert.

Still, finding a sustainable business model for the quake monitoring app has been a challenge partly because recent regulation in Mexico City has limited SkyAlert’s ability to access funds through public financing.

MAKING A PROFIT NOT EASY

Shomit Ghose at Onset Ventures, a U.S. private equity company with experience in software start-ups, said quake apps have struggled to get adequate financing because of the lack of a clear path to profits.

“If the business model is B2B where the earthquake early-warning is sent to companies, or railways, or hospitals, or high-buildings then perhaps a strong B2B case can be made for start-up investment,” Ghose said.

SkyAlert’s predicament echoes that of companies seeking funding to develop earthquake alert apps in the United States. Seismic activity is hard to monetize without government support.

It competes with its former partner, Mexico’s official alerting system run by government-funded non profit CIRES, which was created after an earthquake in 1985 killed thousands in the country.

One of the world’s few widely deployed seismic alarms, CIRES runs a network of sirens positioned around Mexico City that warn of a coming quake. SkyAlert mainly warns people through a mobile app.

Both sell quake warning systems, but a 2016 regulatory reform requires public buildings in Mexico City to purchase alarm systems from CIRES, limiting SkyAlert’s public financing.

SkyAlert initially replicated CIRES’ alerts, but in 2015 it decided to deploy its own detection sensors to increase coverage with greater accuracy, Velasco said.

“After a few false alerts from CIRES that affected SkyAlert’s credibility, we decided to invest in our own technology,” he said.

SkyAlert also is exploring ways to monetize its free app.

Currently, it sells a “premium” version for $4 a year that allows users to personalize alerts. However, Mexico has an average per capita income of $8,200, and the company said only around 4 percent of users pay for it.

Velasco said SkyAlert’s revenue is split fairly evenly between those fees and income from selling to businesses.

The newest version of the app allows for paid advertising, but ads would not be visible during a seismic alert.

SkyAlert, founded in 2011, has few peers, but one similar service in Japan is called YureKuru Call, which relies on government seismic data. YureKuru has received some government funding on an ad-hoc basis, but like SkyAlert is mostly funded by fees, said Rina Suzuki, an official at RC Solution Co., the Tokyo-based firm that developed YureKuru.

Detection technologies are evolving and they are all perfectible, Jennifer Strauss, external relations officer at the Berkeley Seismology Lab told Reuters.

“In the end, what matters is how effective they are at alerting people to save lives,” said Strauss.

(Additional reporting by Christine Murray in Mexico City and Minami Funakoshi in Tokyo; Editing by Frank Jack Daniel and Diane Craft)

Ford to recall about 1.3 million vehicles in North America

FILE PHOTO: An airplane flies above a Ford logo in Colma, California, U.S., October 3, 2017. REUTERS/Stephen Lam

(Reuters) – Ford Motor Co said on Wednesday it would recall about 1.3 million vehicles in North America, including certain 2015-17 Ford F-150 and 2017 Ford Super Duty trucks, to add water shields to side door latches. (http://ford.to/2ySvCBJ)

The No.2 U.S. automaker said the safety recall is due to frozen door latch or a bent or kinked actuation cable in the affected vehicles, that may result in a door not opening or closing.

The company said it was not aware of any accidents or injuries associated with the issue but said because of the fault the door may appear closed, increasing the risk of the door opening while driving.

The cost of the recall was estimated to be $267 million and would be reflected in its fourth quarter results, the company said. (http://bit.ly/2yT3EWu)

Ford said it continues to expect full-year adjusted earnings in the range of $1.65 to $1.85‍​ per share.

(Reporting by Ankit Ajmera in Bengaluru; Editing by Anil D’Silva and Arun Koyyur)

Researchers uncover flaw that makes Wi-Fi vulnerable to hacks

FILE PHOTO: A magnifying glass is held in front of a computer screen in this picture illustration taken in Berlin May 21, 2013. REUTERS/Pawel Kopczynski

(Reuters) – Cyber security watchdogs and researchers are issuing warnings over risks associated with a widely used system for securing Wi-Fi communications after the discovery of a flaw that could allow hackers to read information thought to be encrypted, or infect websites with malware.

An alert from the U.S. Department of Homeland Security Computer Emergency Response Team on Monday said the flaw could be used within range of Wi-Fi using the WPA2 protocol to hijack private communications. It recommended installing vendor updates on affected products, such as routers provided by Cisco Systems Inc <CSCO.O> or Juniper Networks Inc <JNPR.N>.

Belgian researchers Mathy Vanhoef and Frank Piessens of Belgian university KU Leuven disclosed the bug in WPA2, which secures modern Wi-Fi systems used by vendors for wireless communications between mobile phones, laptops and other connected devices with Internet-connected routers or hot spots.

“If your device supports Wi-Fi, it is most likely affected,” they said on the www.krackattacks.com website, which they set up to provide technical information about the flaw and methods hackers might use to attack vulnerable devices.

It was not immediately clear how difficult it would be for hackers to exploit the bug, or if the vulnerability has previously been used to launch any attacks.

Finnish security firm F-Secure said experts have long been cautious about Wi-Fi’s ability to withstand security challenges of the 21st century.

“But the worst part of it is that it’s an issue with Wi-Fi protocols, which means it affects practically every single person in the world that uses Wi-Fi networks,” it said on its website.

Microsoft Corp <MSFT.O> said it had released a security update for Windows. Customers who applied the update, or had automatic updates enabled, would already be protected, it said in a statement emailed to Reuters.

CERT New Zealand and CERT India asked users to apply security updates. CERT NZ suggested using ethernet cables and to connect directly into the network, when possible.

“Given the complexity of updating smart devices such as mobile phones, CERT NZ also strongly recommends disabling Wi-Fi when it isn’t required,” it said in its advisory. (http://bit.ly/2gfho2b)

The Wi-Fi Alliance, an industry group that represents hundreds of Wi-Fi technology companies, said the issue “could be resolved through a straightforward software update”.

The group said in a statement it had advised members to release patches quickly and recommended that consumers quickly install those security updates.

(Reporting by Jim Finkle in Toronto and Dustin Volz in Washington; Additional reporting by Aradhana Aravindan in Singapore; Editing by Susan Thomas, Dan Grebler and Jacqueline Wong)

SWIFT says hackers still targeting bank messaging system

FILE PHOTO : The Swift bank logo is pictured in this photo illustration taken April 26, 2016. REUTERS/Carlo Allegri/File Photo

By Jim Finkle

TORONTO (Reuters) – Hackers continue to target the SWIFT bank messaging system, though security controls instituted after last year’s $81 million heist at Bangladesh’s central bank have helped thwart many of those attempts, a senior SWIFT official told Reuters.

“Attempts continue,” said Stephen Gilderdale, head of SWIFT’s Customer Security Programme, in a phone interview. “That is what we expected. We didn’t expect the adversaries to suddenly disappear.”

The disclosure underscores that banks remain at risk of cyber attacks targeting computers used to access SWIFT almost two years after the February 2016 theft from a Bangladesh Bank account at the Federal Reserve Bank of New York.

Gilderdale declined to say how many hacks had been attempted this year, what percentage were successful, how much money had been stolen or whether they were growing or slowing down.

On Monday, two people were arrested in Sri Lanka for suspected money laundering from a Taiwanese bank whose computer system was hacked to enable illicit transactions abroad. Police acted after the state-owned Bank of Ceylon reported a suspicious transfer.

SWIFT, a Belgium-based co-operative owned by its user banks, has declined comment on the case, saying it does not discuss individual entities.

Gilderdale said that some security measures instituted in the wake of the Bangladesh Bank heist had thwarted attempts.

As an example, he said that SWIFT had stopped some heists thanks to an update to its software that automatically sends alerts when hackers tamper with data on bank computers used to access the messaging network.

SWIFT shares technical information about cyber attacks and other details on how hackers target banks on a private portal open to its members.

Gilderdale was speaking ahead of the organization’s annual Sibos global user conference, which starts on Monday in Toronto.

At the conference, SWIFT will release details of a plan to start offering security data in “machine digestible” formats that banks can use to automate efforts to discover and remediate cyber attacks, he said.

SWIFT will also unveil plans to start sharing that data with outside security vendors so they can incorporate the information into their products, he said.

(Reporting by Jim Finkle, Editing by Rosalba O’Brien)