Watch the WannaCry bitcoin ransom trickle in

Watch the WannaCry bitcoin
ransom trickle in

The malware that's locked up hundreds of thousands of computers has netted roughly $70,000 so far. Why the WannaCry cyber attack is so bad and so avoidable

  

The WannaCry ransomware made on average $23,333 a day.

Monday was its most successful payday. In just four days, the WannaCry ransomware reeled in enough money to buy 8,750 servings of avocado toast (or maybe a modest house, if you're into that sort of thing). And now the ransom has doubled. The global ransomware plague started infecting computers on Friday, abusing an exploit discovered by the NSA that was leaked to the public by the Shadow Brokers hacker group. It breached computers through phishing emails and then spread through networks using a Server Messaging Block vulnerability on outdated Windows computers.

Before it was accidentally (and only temporarily) shut down, WannaCry had locked down more than 200,000 computers in more than 150 countries, affecting banks, universities, and hospitals, with a demand that the targets pay $300 worth of bitcoins by May 20. On Tuesday, the ransom doubled from $300 to $600, and the tally of WannaCry victims had reached more than 374,000 computers. In the last 72 hours, more than 261 people have decided they would rather pay the ransom than lose their important files forever, according to trackers analyzing the three known bitcoin wallets. (You can track the amount yourself here.) A majority of the payments came on Monday, just hours before the first deadline passed and the ransom rose.

In total, the hackers behind WannaCry made $69,535 by Tuesday morning, as payments continued to flow in. While the original ransomware has been slowed down, patched variations of the malware — pointing to the same bitcoin wallets — have appeared, this time without a kill switch. If every ransom ends up being paid, the hackers could make more than $1 billion from the breach. One risk analysis firm estimates that WannaCry could cost the world's economy $4 billion in damages and losses. It's unclear who is behind the massive attack, but researchers have found clues in the code linking the ransomware to North Korea.

Chuck Reynolds
Contributor
Please click either Link to Learn more about TCC-Bitcoin.

Alan Zibluk Markethive Founding Member

DC Blockchain Advocates Seek Distance From Bitcoin Amid Ransomware Wave

 

Amid a flurry of negative publicity for bitcoin,

technology advocates are trying to distance themselves from the digital currency as part of a bid to protect the perception of more enterprise-facing blockchain initiatives. The change of public positioning follows an uptick in ransomware attacks using bitcoin as the medium of payment, the most recent of which (after causing major disruption within the UK's National Health Service and elsewhere) has sparked a global conversation.

At a briefing for congressional staff on Tuesday covering the potential uses of blockchain technology in the US healthcare system, the Chamber of Digital Commerce and a panel of other blockchain specialists acknowledged that the ransomware issue is again opening old wounds caused by the technology's association with illicit uses of bitcoin and cryptocurrencies.

In response, panelists sought to draw clear lines between the two technologies. "A lot of these initial attacks have been on healthcare systems and healthcare companies. This has come onto our radar because the ransomware is asking for the ransom in bitcoin," Perianne Boring, president of the Digital Chamber of Commerce, told an audience of roughly 70 healthcare and technology-focused staffers from congressional offices.

Elsewhere, the panelists sought to categorize bitcoin as merely "one application" of blockchain technology. Srinivas Attili, senior vice president and partner at IBM Global Business Services,

told attendees:

"Blockchain [gets] a lot of bad rap because of bitcoin, in my view. Bitcoin is just one application of blockchain, and you can have hundreds of applications of blockchain."

Blockchain good, bitcoin bad

Just how much regulatory attention is being aimed at bitcoin in the wake of the incidents is unclear, though a member of Congress introduced a bill Tuesday ordering the Department of Homeland Security to conduct a threat assessment regarding the use of virtual currencies by terrorists and criminals. It's happened before, so advocates worry bitcoin's bad press will rub off on the blockchain.

Attili drew the comparison to Amazon being just one among a countless number of businesses built on the HTTP protocol and highlighted Hyperledger as a promising blockchain technology suite that he believes is isolated from any nefarious activity associated with cryptocurrencies. "It's built for business. There's no concept of cryptocurrencies on Hyperledger," he said. Yet, Micah Winkelspecht, chief executive of Gem, a blockchain solutions company, did defend bitcoin, asserting that it's serving a legitimate use as a means of exchanging value.

Winkelspecht said:

"Bitcoin is to those types of attacks as the dollar is to the drug trade. Just because the dollar exists doesn't mean that it's the cause of the drug trade. Bitcoin is just a tool that these criminals are using because it is a good form of exchanging value. It's actually serving a really good purpose as an exchange of value. They are leveraging it as a tool."

"Blaming bitcoin for ransomware would be like blaming the Federal Reserve for any illicit transaction that happens in cash," Boring added.

Recasting the narrative

Still, the damage dealt by the ransomware attacks, compounded by past black eyes like Mt Gox and Silk Road, may cut deeper than many in the cryptocurrency community may wish to recognize. Congressional staffers speaking privately after the event said the concept of blockchain must be, to all intents and purposes, disassociated from bitcoin to gain serious traction in the legislative arena. Boring tried to flip the narrative by saying that, instead of blaming bitcoin for the attacks, there should be a greater focus on the potential of blockchain to protect against ransomware and other cyber attacks in the future.

She said:

"I would even argue that when we talk about protecting our healthcare systems or other systems that might be vulnerable to ransomware or other types of cyberattacks, that blockchain technology could be the silver bullet to protecting our infrastructure."

Winkelspecht concurred, arguing that blockchain could provide a better, more secure way to store data as hackers become more sophisticated in the future. "Before we used to see attacks that were more DDoS — they were attacks on infrastructure trying to bring systems down," he said. "Now we're starting to see more infiltration. They’re basically putting a ransom on data because that data is so valuable and they know that people will pay to unlock it."

Winkelspecht predicted that the next phase of cyber attacks will be "data integrity" attacks that involve breaking into a system and actually altering existing data in a way that "tricks" downstream systems. "Those are the most dangerous and potentially the most costly types of attacks because you may not know it's happening for literally years," he explained. The immutability of blockchain technologies, though, could be the only true line of defense against such intrusions,

he said adding:

"One of the things that blockchains can provide is an immutable proof of data integrity. We can guarantee beyond a shadow of a doubt that data has not been modified or changed.”

Chuck Reynolds
Contributor
Please click either Link to Learn more about TCC-Bitcoin.

Alan Zibluk Markethive Founding Member

Bitcoin logos are displayed at the Inside Bitcoins conference and trade show

AP Explains:
What is bitcoin?
A look at the digital currency

  

Bitcoin logos are displayed at the Inside Bitcoins conference and trade show

In this April 7, 2014, file photo, Bitcoin logos are displayed at the Inside Bitcoins conference and trade show in New York. It's worth more than an ounce of gold right now, it's completely digital and it's the currency of choice for the cyber attackers who cyber attackers networks around the world in recent days. Bitcoin has a fuzzy history, but it's a type of currency that allows people to buy goods and services and exchange money without involving banks, credit card issuers or other third parties.

It's worth more than an ounce of gold right now, it's completely digital and it's the currency of choice for the cyber attackers who crippled computer networks around the world in recent days. When the attackers' "ransomware" sprang into action, it held victims hostage by encrypting their data and demanding they send payments in bitcoins to regain access to their computers. Bitcoin has a fuzzy history, but it's a type of currency that allows people to buy goods and services and exchange money without involving banks, credit card issuers or other third parties.

Here's a brief look at bitcoin:

HOW BITCOINS WORK

Bitcoin is a digital currency that is not tied to a bank or government and allows users to spend money anonymously. The coins are created by users who "mine" them by lending computing power to verify other users' transactions. They receive bitcoins in exchange. The coins also can be bought and sold on exchanges with U.S. dollars and other currencies.

HOW MUCH IS IT WORTH?

One bitcoin recently traded for $1,734.65, according to Coinbase, a company that helps users exchange bitcoins. That makes it more valuable than an ounce of gold, which trades at less than $1,230. The value of bitcoins can swing sharply, though. A year ago, one was worth $457.04, which means that it's nearly quadrupled in the last 12 months. But its price doesn't always go up. A bitcoin's value plunged by 23 percent against the dollar in just a week this past January. It fell by the same amount again in 10 days during March.

WHY BITCOINS ARE POPULAR

Bitcoins are basically lines of computer code that are digitally signed each time they travel from one owner to the next. Transactions can be made anonymously, making the currency popular with libertarians as well as tech enthusiasts, speculators — and criminals.

WHO'S USING BITCOIN?

Some businesses have jumped on the bitcoin bandwagon amid a flurry of media coverage. Overstock.com accepts payments in bitcoin, for example. The currency has become popular enough that more than 300,000 daily transactions have been occurring recently, according to bitcoin wallet site blockchain.info. A year ago, activity was closer to 230,000 transactions per day. Still, its popularity is low compared with cash and cards, and many individuals and businesses won't accept bitcoins for payments.

HOW BITCOINS ARE KEPT SECURE

The bitcoin network works by harnessing individuals' greed for the collective good. A network of tech-savvy users called miners keep the system honest by pouring their computing power into a blockchain, a global running tally of every bitcoin transaction. The blockchain prevents rogues from spending the same bitcoin twice, and the miners are rewarded for their efforts by being gifted with the occasional bitcoin. As long as miners keep the blockchain secure, counterfeiting shouldn't be an issue.

HOW BITCOIN CAME TO BE

It's a mystery. Bitcoin was launched in 2009 by a person or group of people operating under the name Satoshi Nakamoto. Bitcoin was then adopted by a small clutch of enthusiasts. Nakamoto dropped off the map as bitcoin began to attract widespread attention. But proponents say that doesn't matter: The currency obeys its own internal logic. An Australian entrepreneur last year stepped forward and claimed to be the founder of bitcoin, only to say days later that he did not "have the courage" to publish proof that he is.

Chuck Reynolds
Contributor
Please click either Link to Learn more about TCC-Bitcoin.

Alan Zibluk Markethive Founding Member

Ripple Market Capitalization Soars, Surges Past Ethereum

Ripple Market Capitalization Soars, Surges Past Ethereum

Ripple Market Capitalization Soars, Surges Past Ethereum

 

Ripple tokens have hit a massive upswing in market capitalization over the last day, surging past Ethereum and nipping at bitcoin’s heels.

At end of day May 14, Ripple’s market capitalization was at about $8,345,000,000. Ripple continued surging well into the next day at about $11,500,000,000, continuing to climb. This has occurred in an oscillating fashion over the last few weeks, as Ethereum and the blockchain transfer token duke it out for supremacy.

Several news sites and other sources suggest this upswing in market capitalization was spurred by recent partnerships in the ripple network. These partnerships include large banking conglomerates and other banking organizations opting to work with or adopt the Ripple network.
 

An April 26 Ripple press announcement said,

Ripple is proud to announce the addition of 10 new customers to our growing global network. These financial institutions include MUFG, BBVA, SEB, Akbank, Axis Bank, YES BANK, SBI Remit, Cambridge Global Payments, Star One Credit Union and eZforex.com, representing some of the world’s largest banks, innovative smaller banks, and payment service providers (PSPs).

Differences Between Ripple tokens and Bitcoin: Ripple is a “Bank Coin”

Even though Ripple is gaining ground on market capitalization, there are distinctions between Ripple tokens and currencies like bitcoin and Ethereum. For instance, Ripple has enjoyed its market capitalization skyrocket as a result of gaining the aforesaid partnerships.

This happened because Ripple is a “bank coin.”Ripple Market Capitalization Soars, Surges Past Ethereum Several commentators pointed out ripple is not a decentralized cryptocurrency. It is a centralized bank-to-bank transfer coin. Ripple’s own commentary from their labs suggested the same when they mentioned being able to use a global freeze feature.

“The freeze protocol extension gives gateways the ability to 1) globally freeze all their issued funds, or 2) freeze funds issued to a particular user. Frozen funds may only be sent back to the gateway who issued them.”

This ability to freeze funds means that Ripple is not a decentralized blockchain protocol, but instead a distributed database that maintains control of the network from a central hub. This is a feature that would be impossible to execute if the coin was founded on decentralized algorithms.

This comes to no surprise to many, though, because this fact is not a hidden agenda. Ripple’s website explained the purpose of their technology: Its purpose is to be an inter-bank transfer protocol to smooth out the financial interactions between banks.

Conclusion: Ripple’s Market Position

In this regard, Ripple’s market cap has increased as a result of their partnerships. These alliances caused the market capitalization to swell beyond Ethereum, even though Ripple is not in the same category of coin.

It happened as a result of their positioning in the market. It happened because of a business alliance. By definition and design, Ripple is not meant to be a cryptocurrency. It is a “database coin” that is controlled via centralization and economic engineers.

Will Ripple’s token continue to grow on into the future? Can it maintain the second position in terms of market capitalization?

David Ogden
Entrepreneur

 

By Sterlin Lujan

Alan Zibluk Markethive Founding Member

The Intersection of Social Media and the Blockchain

The Intersection of Social Media
and the Blockchain

  

Every major social media platform has offered users

a way to communicate with others and earn social currency, such as followers, traffic to their content, likes and retweets. Now, a new breed of social media networks has emerged — one that uses blockchain technology to build platforms enabling users to control their data and escape the censorship imposed by the likes of Facebook and Twitter. In addition, these new social networks reward users with cryptocurrency.

One such new social media platform is Steemit , which runs on top of a decentralized network known as Steem. Steemit rewards users with its own cryptocurrency in addition to social currency. Much like Reddit and Facebook, Steemit uses its incentives to encourage users to post, share and react to content. When someone likes or upvotes a post, it becomes more visible on the site. Steemit rewards the original poster with Steem digital currency that can be exchanged for real cash via Bitcoin or reinvested into "Steam Power," a token that represents how much influence a person has on the Steemit platform.

So, the more Steem Power people have, the more their upvotes will count. Steem Power also allows users to earn additional Steem Power and Steem Dollars from the platform. Put simply, "Steem is a blockchain database that supports community building and social interaction with cryptocurrency rewards," according to the company. Last year, Steem issued a $1.3 million payout to Steemit users. Half was distributed in Steem Dollars, each worth about $1, and a half in Steem Power.

"Because it's based entirely on a blockchain, Steemit shows what social media can look like without censorship," said Steemit CEO Ned Scott at the time. "Everything we see on Steemit.com comes from the open source Steem blockchain, so the entire network is replicable on any front-end application." Another example of a decentralized social network based on the blockchain protocol is AKASHA, which uses the Ethereum blockchain to store user-created content.

AKASHA lets users publish, share and vote for entries, much like Medium and other modern publishing platforms. The difference, though, is that user content is published over Ethereum's decentralized network rather than on the company's servers. The votes are bundled with Ethereum microtransactions, so users can earn some Ethereum if their content is good and other users vote for it. It is "in a way, mining with your mind ." In the second and third quarters of this year, the company expects to open source the code powering AKASHA and run a community breakathon to find and fix the bugs that might have slipped by during development. The AKASHA team is aiming to launch the Ethereum main network in the fourth quarter of this year.

Blockchain startup Synereo is also creating a decentralized, next-generation social networking and content delivery platform. Recently, Synereo released Qrator, a tool that lets users monetize original content, get rewarded for sharing quality content with others and also discover the best content on the internet. Qrator is the first step toward Synereo's vision of a freer and fairer internet. The app will give users a look into the "Attention Economy" that puts creators and curators on top of the internet's "monetary food chain."

With Qrator, the company is looking to develop a cross-platform social graph, laying the groundwork for a fully-decentralized social content app based on blockchain and distributed storage technologies that will be built on the Qrator foundation later this year. Even as the world of social media is constantly evolving, blockchain technology is changing the world around us. Not just when it comes to financial transactions, but also by introducing decentralization that encourages free speech while doing away with the restrictions imposed by the social media giants.

Chuck Reynolds
Contributor
Please click either Link to Learn more about Bitcoin.

 

 

Alan Zibluk Markethive Founding Member

SEC Petition Calls for Blockchain Token Rules

A New York-based broker-dealer

has asked the Securities and Exchange Commission (SEC) to propose rules to cover blockchain-based assets. According to the petition, Ouisa Capital wants the SEC to weigh in on the use of crypto tokens and resolve “the lack of regulatory clarity with respect to the regulation of digital assets and blockchain technology”.

The firm went on to write:

"Ouisa encourages the SEC to engage in a meaningful discussion of how to regulate FinTech companies that are issuing digital assets that may be deemed securities and the platforms and broker-dealers that facilitate the issuance and trading of those digital assets. We believe digital assets in several contexts are securities and that existing laws provide a mechanism for regulation of the issuance and trading of digital assets."

Additionally, Ouisa asked the SEC to create a so-called 'regulatory sandbox', through which startups and financial firms can test new products in limited settings. Unlike other major regulators like the Internal Revenue Service (which views digital currencies as kinds of intangible properties) and the Commodity Futures Trading Commission (which views them as commodities), the SEC has yet to weigh in with any kind of classification for a blockchain token. When contacted, the SEC declined to comment on the petition and whether it has begun the process of either developing regulations or responding to Ouisa's request. Given its past moves related to space — shooting down a pair of bitcoin exchange-traded funds while continuing to consider a third — such work wouldn't be surprising at this stage, however.

Further, recent comments from officials suggest that the agency is generally weighing the issue, invoking its aim of consumer protection at the same time. During an appearance last week at the North American Securities Administrators Association Section 19(d) Conference, SEC Commissioner Kara Stein remarked on the impact of technology on her agency's work, noting "we will need to adapt and make technology a bigger part of our mission". "Similarly, I hope we continue to examine the range of possible uses of blockchain technology while remaining mindful of vulnerabilities associated with potential cybersecurity risks and investor protection," she said.

Chuck Reynolds
Contributor
Please click either Link to Learn more about Bitcoin.

Alan Zibluk Markethive Founding Member

Blockchain Tech Offers Solution to WannaCry-Type Cyberattacks, Contrary to MSM Brainwashing

Blockchain Tech Offers Solution to WannaCry-Type Cyberattacks,
Contrary to MSM Brainwashing

Some mainstream media

put the blame for the latest WannaCry cyber attack on Bitcoin, thoughtlessly copy-pasting the statements that a cryptocurrency is a convenient tool for terrorists. In reality, the technologies behind Bitcoin and other cryptocurrencies might very well become the next level security against future attacks.

Ransomware

Ransomware attacks on an unprecedented scale put hundreds of thousands of computers at risk. As Bitcoin and Blockchain take the limelight again, Blockchain may offer a viable solution. NSA tools and Windows vulnerability caused the largest cyber attack in history. While Bitcoin and Blockchain can easily be singled out as a scapegoat, companies are already tackling the vulnerability of centralized systems and creating groundbreaking solutions around ID security and verification on the Blockchain.

Extortion

In the wake of WannaCry, the question of security has become more pronounced than ever. The same technology that allows Bitcoin extortion to the hacker might very well be the protection from such events happening again. After the NHS was hacked, Blockchain experts were quick to point out that secure verification on the Blockchain might have prevented the exploits.

Blockchain solutions

The Blockchain and a decentralized ledger have been praised for its security strengths since the inception of Bitcoin. Now after the WannaCry attacks, the focus on this has become even more pronounced. Sphre, the identity management firm has announced a partnership with Airbitz, which is a data security platform and Bitcoin wallet. According to the firm, Sphre’s AIR is a smart contract based platform that looks to join the secure management and monetization of digital identities.

Sphre Director, Daren Seymor tells Alexander Geralis of Cointelegraph in an

exclusive comment:

“The Airbitz wallet integration will form a key part of the Air Platform to deliver XID micropayment and send/exchange functionality.”

Future ID security

Regarding the high-profile attacks of WannaCry that have put hundreds of systems at risk, he sees that there is a need for security, now it is more evident than ever. Seymor went on to point out the need for decentralized solutions in security as opposed to

centralized ones:

“The current high-profile zero-day exploit of WannaCry shows us that the Internet is still a dangerous place for people and institutions. Centralized identity solutions such as Facebook and Google now represent ever increasing value to bad actors based on constantly evolving attack[s]… centralized solutions will become [necessary] as we continue to evolve with, and transact more of our lives via the Internet.”

AIR, which will have its crowd sale later this month, is not the only company working towards identity security and verification. South African entrepreneur and Bitcoin advocate, Vinny Lingham’s Civic is another project aiming to give users identity security.

Chuck Reynolds
Contributor
Please click either Link to Learn more about Bitcoin.

Alan Zibluk Markethive Founding Member

Cloud-based blockchain for enterprises

Cloud-based blockchain for enterprises

   Cloud-based blockchain technology

to secure, share and track data across decentralized infrastructures within enterprises sounds magical. Gospel Technology claims to have this with the launch of Gospel Cloud Version 1, based on a private, permission led distributed ledger system. “We’re living in a new data culture where information is the most vital asset for a business. Constant reports of breaches, malicious hacking from external parties and the corruption of facts to disseminate “fake news” has exacerbated an atmosphere of mistrust in game-changing technologies such as cloud, AI and IoT. High profile brands with large security budgets even appear not to be immune” Ian Smith, the founder of Gospel Technology says.

The purpose

At the heart of Gospel Cloud is this private, permission led distributed ledger, containing:

  • key enterprise data (whether this is intellectual property, personal, sensitive content, healthcare records, or whatever)
  • an absolute record of trusted transactions
  • access unlocked by Gospel’s Distributed Data Logic
  • a real time user consent engine
  • rendered real-time data views of historical changes at the data content level
  • LedgerBridge, with support for SAP, Oracle, instructed filesystems, etc
  • enhanced end-to-end encryption (TLS)
  • delivery as a built platform (allegedly enterprises can be deployed it without extensive customization and/or services)
  • blockchain agnosticism; Gospel Cloud is a derivative from the Hyperledger using pluggable consensus; this can change to align with defined threat models.

 

Gospel Cloud takes the distributed consensus and immutability features of the blockchain. It implements this without the time and resource draining downside of public blockchains. In so doing it removes the replication and risk of corruption, accidental deletion, and malicious data. Distributed Data Logic drives a rethinking of consent and real-time transactional approval. It takes into account not only multi-layer authentication but elements of transactional context — including identity, location, action, time, trend and other aspects — to ensure absolute trust and authentication at the point of transaction.

Combining such a private permission led distributed ledger eliminates many of the expensive, inefficient and insecure workarounds required to share data with third parties. Gospel sees these workarounds as an unnecessary if inevitable consequence of the new digital age clashing with traditional siloed solutions. Furthermore, in the new threat dynamics of the modern digital enterprise, a privately distributed blockchain offers a level of confidence which a conventional distributed database could never hope to attain in terms of efficiency and security.

Conclusion

The ability to avoid the inefficiencies of public blockchains — while continuing to deliver immutable proof of provenance, usage history, integrity, and authenticity — makes the Gospel Cloud concept simpler than a public blockchain. Placing it in a cloud environment matches the move to reduce the cost of running your own IT.

Boiled down, Gospel Cloud’s core benefits enable enterprises to collaborate securely as users upload and share sensitive data and records. The result means enterprises can comply with the far stricter rules on treatment and protection of personal data (such as those in the looming EU General Data Protection Regulation (GDPR). Delivered in a cloud the claimed utility could prove attractive, especially if performance and cost don’t become gating factors.

Chuck Reynolds
Contributor
Please click either Link to Learn more about Bitcoin.

Alan Zibluk Markethive Founding Member

Blockchain technology creeps ever more into Irish banking system

Ulster Bank.

Ulster Bank is leading a new investigation into blockchain underpinning Irish payments systems, with partners including AIB, PTSB and Deloitte. Blockchain’s impact on various industries has been considerable, most notably through its foundation of bitcoin, the largest cryptocurrency in the world. However, predictions were always such that cryptocurrencies were just the start. Everything from supply chain management to the entire financial services model would be overhauled, in theory, by a ledger system like no other.

Blockchain’s broad reach

Those predictions are already proving accurate in some areas. The shipping industry, for example, is diving deep into blockchain investigations, with billions of dollars predicted to be saved in the coming years. However, it’s banking that’s the most intriguing, with Irish institutions in no mood to be left behind at the moment. A new project at various financial institutions is exploring the application of blockchain technology developed by Royal Bank of Scotland (RBS) to improve domestic payments systems.

Called Project GreenPay, Ulster Bank is teaming up with AIB, Permanent TSB (PTSB), Deloitte and RBS to run the program. The cross-bank team has specifically concentrated on enhancements to speed, resilience and security for customers and is working on “an enhanced potential alternative platform for domestic payments”.

From lab to live

Dogpatch Labs played host to an early test of the project, with payments sent between the banks to check for performance, accuracy, and scalability. The next step is to run a pilot using live payments and explore further use cases of the technology in the international payments and foreign exchange space. “Blockchain has the potential to disrupt multiple industries for the benefit of customers, and we’re determined to investigate how we can harness this force for the financial sector,” said Ciarán Coyle, chief administrative officer with Ulster Bank.

“RBS has done a lot of work in this space with their partners through Emerald, and it was opportune for us to join with AIB, PTSB, and Deloitte to examine possible improvements for our customers. We are focused on an open collaboration like this project to help the industry make banking simpler and more secure for our customers.” There are other projects already underway in this area.

Varied approaches

While start-ups are seen as the driver of much of the innovation within the financial industry, some of the more traditional models are doing their utmost to keep ahead of the curve. Barclays recently revealed that it has opened a new fintech innovation lab in London, the largest of its kind in Europe.

Called Rise, the center will be a collaborative space for Barclays to work with start-ups, developers and some of its other corporate clients on projects to “help to create the future of financial services”. Blockchain will be a major focus. Belfast has also made attempts to build a hub of blockchain businesses, again with financial services as the target. However, this Ulster Bank project, given the collaboration with multiple major financial institutions, could prove the most interesting development of the lot.

Chuck Reynolds
Contributor
Please click either Link to Learn more about Bitcoin.

Alan Zibluk Markethive Founding Member

UK Security Researcher Pulls Handbrake on Global Ransomware Menace

UK Security Researcher Pulls Handbrake on Global Ransomware Menace

UK Security Researcher Pulls Handbrake on Global Ransomware Menace

A U.K.-based cyber researcher known as MalwareTech stopped the WannaCry ransomware that gained control of thousands of computers worldwide, forcing victims to pay $300 in bitcoin to restore their files.

WannaCry was able to exploit a Windows vulnerability leaked in April and use a hacking tool believed to be stolen from the National Security Agency (NSA).

The ransomware spread across 75,000 PCs, including 48 hospitals in the U.K.
 

Accidental Fix

MalwareTech discovered an unregistered domain name in WannaCry and purchased it for $10.69. Armed with the tool, the researcher pointed the domain to a sinkhole (a server that finds and analyzes malware traffic). The domain turned out to be a kill switch that enables someone to gain control of the ransomware.

The domain was intended to be unregistered, the MalwareTech noted. By registering it, subsequent actions were prevented.

The domain is a “sandbox” feature where security tools test code in a secluded environment on a PC. The address where MalwareTech registered his or her domain was pinged to all infected PCs, not just the sandboxed PCs.

The domain was meant as an “anti-sandbox” measure they didn’t think through sufficiently, MalwareTech said.

Cisco Talos and other security firms confirmed the malware attack ended thanks to MalwareTech’s actions. Computers already infected, however, could still be at risk.

 

Shadow Brokers Behind The Hack?

Talos said the malware was leaked by the Shadow Brokers, a hacking group believed to have dumped NSA hacking tools.

Talos said the hackers will try to install WannaCry by means of a backdoor called DoublePulsar leaked by Shadow Brokers. If the backdoor was not embedded on a target Windows PC, it would try to exploit a flaw in the Microsoft OS Server Message Block, which is a network file sharing protocol.

Victims have been told not to pay the $300 ransom.

Microsoft and anti-virus providers have introduced WannaCry detections.

Microsoft issued an advisory that it is releasing a patch for Windows XPs that are out of support and its recommending companies disable the SMBv1 protocol.

Up-to-date Windows machines are safe from the ransomware.

Rob Wainwright, head of Europol, Europe’s chief law enforcement official, told the media he is concerned the numbers of victims could grow when people turn on their machines Monday morning.

A researcher at Proofpoint, Darien Huss, first discovered MalwareTech’s sinkhole was stopping the spread of the malware.

Huss agreed that the actors involved are amateurs based on the kill switch deployment. He said it is likely another attack will be coming soon.

 Nearly $53k in bitcoin ransoms paid with WannaCry

Other Ransomware Versions Can Pose Risks

MalwareTech noted on Twitter that Version 1 was stoppable but Version 2 will likely remove the flaw.

The researcher claimed on Twitter to be providing the National Cyber Security Centre in the U.K. data to notify infected companies.

On Monday, MalwareTech advised people via Twitter they are at risk if they turn on a system without the MS 17-010 patch and TCP port 445 open.

MalwareTech, who did not reveal their gender, did not wish to be celebrated as a hero for stemming the spread of the malware. MalWareTech noted on Twitter that he or she wanted anonymity in order not to have to deal with journalists.

 

David Ogden
Entrepreneur

 

By Lester Coleman

Alan Zibluk Markethive Founding Member