Police busted a massive £215m money laundering ring in the Northern Ireland

Police busted a massive £215m money laundering ring in the Northern Ireland

PSNI police arrested 7 individuals following one of the biggest money-laundering investigations in the history of Northern Ireland. A senior detective describes it as one of the significant live money-laundering investigations in the UK which involve £215m.

The chief police officer said, “During our extensive investigation we identified that a significant volume of suspected criminal cash was being laundered out of the country through a number of shell companies and bank accounts held here in Northern Ireland. The investigation has identified over 50 companies and over 140 bank account.”

He further added that approximately £215m was deposited to thousands of bank accounts across the UK and also transferred out of the country through different foreign exchange companies since 2011. 

According to Ian Wilson, money laundering is one of the critical enablers of organized criminality. And the majority of this black money is derived from different criminal activities. 

Several other agencies were involved in this investigation, including the Garda economic crime branch, Criminal Assets Bureau, National Crime Agency, the United Kingdom Financial Investigation Unit, Her Majesty’s Revenue, and Customs and Europol.

Google CEO voices his concerns regarding AI and its potential harmful damages in the future

Google CEO voices his concerns regarding AI and its potential harmful damages in the future

Sundar Pichai, Google CEO gave a statement on Monday regarding Artificial Intelligence and its increasingly widespread applications in our daily lives. He stated that Artificial Intelligence technology needs to be regulated in order to save mankind from its potential damages in the future. He further emphasized that although artificial intelligence has changed our lives in numerous ways, one cannot overshadow the risks it possesses in the future. 

Google is one of the most prominent AI developers in the world and it’s product Google Assistant, is all about innovative technology. It is also working on a number of other AI products, such as driverless cars and Google Cloud.

Many technological innovations have eased human lives and efforts over time but have ultimately caused harm as well. Common examples include the internal combustion engines that revolutionized the concept of traveling but ultimately caused more accidents as well. Mr Pichai stated that companies shouldn’t be able to 

“just build promising new technology and let market forces decide how it will be used, It is equally incumbent on us to make sure that technology is harnessed for good and available to everyone.” 

Pichai further added that wicked uses of facial recognition and falsity on the internet, such as deepfakes, are examples of the negative consequences of AI.

Companies that are working on Artificial Intelligence technologies need to be legitimately held accountable for their actions and face severe penalties if they don’t follow international rules and regulations.

ICC Qatar is going to have a seminar on money laundering and terrorist financing

ICC Qatar is going to have a seminar on money laundering and terrorist financing

The International Chamber of Commerce (ICC) Qatar is conducting a compliance awareness seminar on January 28 at the Qatar Chamber. This seminar intends to highlight the fight against money laundering and terrorism funding. 

The seminar is titled “The Development in the Fight Against Money Laundering & Financing of Terrorism” and organized in collaboration with Refinitiv – renowned for the world’s largest provider of financial market data. ICC Qatar stated that “2020 will be an important year for Qatar” in its press statement. This year the country will be going through an evaluation by the international watchdog, Financial Action Task force (FATF).

This one-day seminar aims to focus on the latest developments in global AML/CFT compliance and regulations, and the fight against money laundering and terrorist funding in the non-banking institutes. Moreover, the seminar will highlight the various best practices that can facilitate the organizations to effectively mitigate these types of threats and risks by applying the required approach/solution.

The ICC Qatar secretary-general and Qatar Chamber board member Dr. Khalid Klefeekh al-Hajri said in their statement, 

“Qatar has made great strides in combating money laundering and terrorist financing, noting that this was obvious by the issuance of the laws.”

Al-Hajri emphasized on the importance of these laws that how they are in accordance with the latest international standards adopted by major organizations and reflect Qatar’s commitment to combat money laundering and terrorist financing in every form.

In his press statement, he said,

“Qatar’s achievements are the result of combined efforts exerted by all competent bodies, ministries, and other government agencies that are members of the National Anti-Money Laundering and Combating the Financing of Terrorism Committee, which is responsible for protecting Qatar’s financial system from the risks of money laundering and terrorist financing,” 

Refinitiv director of Business Development and Governance, Risk and Compliance (GRC), Mohamed Daoud who is one of the organizers of this seminar stated that many non-financial institutes have this wrong perception that AML/CFT regulations are for the banks and financial sectors only.

“A key shortcoming identified by FATF across many jurisdictions in Mena is the role of designated non-financial businesses and professions (DNFBPs) in failing short of FATF expectations.”

Daoud noted that in recent years evaluation reports of several countries that DNFBPs such as real estate agents, cross-border trading and shippings, metal/stone dealers, and some other non-financial organizations have limited or sometimes no proper understanding of AML/CFT regulation and the risk that can emerge from the lack of compliance.

In the new round of FATF evaluations, many countries are being cautious because it is not focusing on technical compliance but also on the effectiveness of deployment. Daoud pointed out

“The fourth round of mutual evaluations from FATF is a key changer as it is not anymore focusing on technical compliance and whether country laws and regulations have been amended and are in place in accordance with the 40 recommendations, but also a high focus on the effectiveness of the deployment of the regulations which proves to be very challenging for many countries.”

UK Fines Dixons Carphone for Massive Breach

Dixons Carphone is one of the largest electronics and phone retailers in the UK. Recently British regulators have fined the company £500,000 ($653,000) because of the data breach that exposed millions of the customers’ records.

According to the Information Commissioner’s office, Dixons has violated the U.K’s data protection act 1988. The company had poor security arrangements and failed to take proper steps to protect personal data. In its report, ICO claimed regarding inappropriate measures that

“This included vulnerabilities such as inadequate software patching, absence of a local firewall, and lack of network segregation and routine security testing”

Dixons Carphone is also known as DSG retail and has stores in eight countries; this is the second time in two years that DSG has been fined. Firstly, it was fined £400,000 ($523,000) in January 2018 for the 2015 breach of its carphone warehouse subsidiary. In the breach, the attacker exploited an outdated WordPress installation.

Dixons’ breach began in July 2017 and persisted until April 2018, which means before the enforcement of GDPR in May 2018. Hence it avoided the larger fine that would have imposed under EU’s strict GDPR privacy law. The organizations can face fines up to 4 percent of the annual global revenue. But in Dixon’s case, the regulators applied the previous protection law which allowed a maximum fine of £500,000. 

As per ICO’s investigation, in the breach, the attackers installed malware in 5,390 e-cash registers accross the company’s stores. The malware exploited the personal information of 14 Million individuals nd collected details of 5.6 million payment cards. The exposed information included full names, emails, postcodes and failed credit checks from internal services.

Reddit follows Facebook suit and bans impersonation on its platform

Earlier this week, Facebook announced its new policy to ban manipulated pictures and videos known as deepfakes from its platforms. Following the suit, yesterday Reddit announced the updated policies about the impersonation. It said a Reddit is no longer going to allow impersonation of an individual or entity in a misleading or deceptive manner.

Reddit wrote on their site regarding the new policy:

Do not impersonate any individual or entity in a misleading or deceptive manner.

Reddit does not allow content that impersonates individuals or entities in a misleading or deceptive manner. This not only includes using a Reddit account to impersonate someone, but also encompasses things such as domains that mimic others, as well as deepfakes or other manipulated content presented to mislead, or falsely attributed to an individual or entity. While we permit satire and parody, we will always take into account the context of any particular content.

It means that new policies aren’t directed towards deepfakes and altered videos only but also the simple lies that people make by impersonating others online. 

In the announcement post, Reddit admin said that the updated policy is to “hedge against things that we haven’t seen much of to date, but could see in the future.” Moreover, the impersonation on Reddit was recorded as the second-lowest class of reported policy violation in 2018 making up 2.3% of total reports. Multiple malicious deepfakes of the politicians were presented in the announcement post as a sample content, the platform intends to prevent with the new policy.

According to updated policies, any derogatory content or misleading impersonation whether a deepfake or not could result in removal or permanent ban from the platform. It means that, for instance, any account impersonating the presidential candidate or making false posts that may be misleading candidate’s character, results in a ban. 

These new policies are in favor of Reddit since it can be considered a new method to shut down misleading campaigns that the platform had faced in the past years. In 2018, 944 suspicious accounts – that were suspected to be linked with the Internet Research Agency – were identified; claimed Reddit. These accounts were majorly seen circulating fake news and negative posts about Hillary Clinton.

Nonetheless, these policies allow impersonation that doesn’t have any harm and just seen as a parody. But of course, it will be quite hard to enforce since it Reddit needs to give itself flexibility to judge the context and then come up with a decision to either ban or not.

2020 Election is coming up! Facebook bans deepfakes

2020 is up and the United States’ presidential election campaign is underway. Prior to these elections, Facebook recently announced to ban manipulated photos and videos, i.e. deepfakes.

This new policy was announced on Monday, 6 Jan through a blog post which was later on highlighted on 8 January in The Washington Post. In their post, Facebook said that they are changing their policies for the manipulated videos identified as deepfakes. It would start removing the manipulated media that might be misleading people. 

In the blog post, Monika Bickert describes the following criteria for the videos to consider deepfakes.

“It has been edited or synthesized – beyond adjustments for clarity or quality – in ways that aren’t apparent to an average person and would likely mislead someone into thinking that a subject of the video said words that they did not actually say and It is the product of artificial intelligence or machine learning that merges, replaces or superimposes content onto a video, making it appear to be authentic.”

However, the policy doesn’t include the pictures or videos that are for parody, or even when the video is edited to remove or change the order in which they appear.

The policy change was presented ahead of House Energy and Commerce hearing on “Manipulation and Deception in the Digital Age” that was scheduled for 8 January 2020. In this conference, Bickert represented Facebook in front of lawmakers in the hearing.

The deepfakes become a serious concern after the altered video of the House Speaker Nancy Pelosi went viral in the last summers. The video was shared on multiple social media platforms. Nevertheless, the new Facebook policies on deepfakes still don’t address such videos because that video didn’t involve AI but was edited by readily available software.

Other platforms are also revising their deepfakes policies, yet there is no proper announcement regarding new guidelines.

Cybercriminals demanded $3 million ransom from Travelex

The hackers behind a cyber attack on a foreign exchange firm Travelex ordered to pay $3 million ransom to release their grips on its system.

The group behind the attack told Bleeping Computer that they had encrypted the entire Travelex and copied more than 5GB of personally identifiable information (PII), including sensitive data.

Hackers threatened to publish data if Travelex failed to pay group’s ransom. Kevin Beaumont, a security researcher posted on social media that Travelex is using the “an incredibly bad vulnerability”.

According to Beaumont, the flaw allow those without valid username and passwords to remotely connect to the corporate network and switch off two-factor authentication. 

Firm provides currency exchange services for consumers as well as banks like HSBC, Barclays, and Virgin Money. The banks have suspended their currency exchange and Travel money services. Travelex responds that they are “working around the clock” to fix the issue. 

The attack occurred following the New Year Eve’s and the despite the reports that downtime has been caused by a cyberattack, communications from Travelex maintained that the issues are due to a scheduled maintenance.

‘Businesses need to brace for Iranian Cyberattacks’ – warns Homeland Security

The news of the assassination of Iranian military commander, Qaem Soleimani, is all over the media recently. The incident has led to heightened tensions with Iran. As an aftermath of an ongoing situation, Homeland Security issued a warning for U.S. companies to beware of possible impacts and threats of a cyberattack on their businesses.

Homeland Security is warning the companies to consider and access the impacts of possible cyberattacks. It is the first official guidance published by the cyber advisory unit – the Cybersecurity and Infrastructure Security Agency after the slaying of Soleimani. Previously, the U.S. government had him of targeting and killing U.S. personnel in the middle east.

Soleimani was killed on Friday in a drone strike authorized by U.S President Donald Trump. Abu Mahdi al-Muhandis, a deputy in a coalition of Iran-backed militias in neighboring Iraq, was killed in the very same strike. 

The recent insights published CISA on January 6, reported

“the increased geopolitical tensions “may result in cyber and physical attacks against the homeland and also destructive hybrid attacks by proxies against U.S. targets and interests abroad.”

Moreover, CISA said that Iran could launch some destructive and disruptive cyber operations against phone and energy companies. The agency also warned the businesses that its allies could carry out “cyber-enabled espionage” for a better understanding of U.S. foreign policy decision making. 

These warnings were issued shortly after the security experts in private sectors notified the possible retaliatory attacks as a result of drone strikes. John Hultquist, director of intelligence analysis at cybersecurity firm FireEye said:

“We will probably see an uptick in espionage, primarily focused on government systems, as Iranian actors seek to gather intelligence and better understand the dynamic geopolitical environment. We also anticipate disruptive and destructive cyberattacks against the private sphere,” 

Cyberattacks aren’t the only threats, CISA also warned of kinetic attacks including bombings.

Iran is a strong country with the world’s most powerful adversaries in cyberspace. Critics are pointing out that the government hadn’t thought of consequences before planning the strike. Sen. Ron Wyden, a senior lawmaker on the Senate Intelligence Committee, said 

“The killing was a reckless escalation that will take us further down the road to ruinous war.”

US government favours a hands-off approach to AI’s regulation

The white house listed 10 principles that federal agencies should consider when drafting laws and rules for the use of Artificial Intelligence in the public sector but stresses that the key concern was limiting regulatory overreach.

Michael Kratsios, chief technology officer of the United States, is set to announce the principles at CES 2020 in Las Vegas. The guidelines have the potential to shape the development of innovative and valuable technologies, from autonomous vehicles to imaging medical tools. They arrive amid growing worry over the unchecked spread of AI tools, especially facial recognition. This will help facial recognition gaining prominence in the new decade. 

Kratsios says that other nations could follow America’s lead when developing its regulations for AI. He further said, “The best way to counter authoritarian uses of AI is to ensure that America and its global partners remain global hubs of innovation.”

However, some experts questions the effectiveness of these 10 principles. A senior follower at the Center for New American Society says “A lot of this is open to interpretation to each company.”

The principles are believed to be a US effort to shape AI globally. The White House wants the United States alone to define the rules when it comes to AI. The principles will officially be announced at the CES and will then be presented to the experts for further improvements, however, the first impression shows that regulations are too permissive and will help in AI innovations across the United States.

News Source: Shufti Pro News

A lawsuit is filed against LifeLabs for a data breach incident

A lawsuit is filed against LifeLabs for a data breach incident

As reported earlier, the Canadian laboratory testing company, LifeLabs was hit with a cyber-attack which resulted in a data breach of 15 million customers. Following the incident, the lawsuit is filed against the company.

On October 28, 2019, LifeLabs reported the data breach to the government partners, however, waited until December 17, to announce publically. The accessed data included some sensitive information, customers’ name, emails, addresses, login credentials, dob, health card numbers, and lab test results.

LifeLabs paid an undisclosed amount to the cyber-criminals who accessed the data with a promise that they won’t disclose any information publically. Nevertheless, the lawyers Peter Waldmann and Andrew Stein filed the statement against LifeLabs in Ontario Superior Court accusing them of contract breach and negligence, on December 27. Moreover, the statement indicated the violation of consumer protection laws and their customers’ privacy. 

The lawsuit was filed on the behalf of plaintiffs also included the lead plaintiff Christopher Sparling. He alleged in the statement that LifeLabs violated their own privacy policy since they failed to implement and follow the adequate cybersecurity measures and checks to detect the potential risks and threats to Customers’ data and swiftly respond them within time.

In addition, the statement also accused LifeLabs to store the customers’ information on unsecured servers and networks without any encryption protocol and they neglected the need to hire cybersecurity professionals for network security management.

While the lawyers are seeking more than $1.13 billion in compensation for the breach victims to make up for the mental anguish, damage to credit reputation and the wasted time that had to undergo, the plaintiffs are looking for additional moral and punitive damages.

After the public announcement of the breach, LifeLabs set up a toll-free helpline on December 18 and received more than 5000 calls from concerned customers. 

Landry’s Inc. warns customers of the potential data breach

Landry’s Inc. warns customers of the potential data breach

Landry’s Inc., a parent company of more than 60 restaurant chains, installed a payment processing solution at all Landry’s owned locations back in 2016. This solution uses end-to-end encryption technology to secure the customer’s data.

The Houston-based company that owns more than 600 restaurants, hotels and casinos in the United States, recently warned the customers about the data breach. This breach could have compromised the credit card information of the users. As per company warning, the data breach has more likely affected the cards used during March 13 and October 17, 2019.

As Landry stated on its website about the unauthorized access to their network, it claimed that the breach may have occurred at the time when the servers swiped customers’ cards in machines. The card swiping was intended to place food and drink orders to the kitchen/bar. Moreover, as per Landry’s, these machines are separate from those used on point-of-sale terminals.

Though the company hasn’t exactly given proper numbers and stats about the breach, it has warned the customers to be cautious and look out for any unusual activity happening to their card. 

Let’s see how much customer’s data have been compromised.


Danske to face $2 billion fine for money laundering

Danske to face $2 billion fine for money laundering

According to Jyske Bank, Danske will probably be fined around 13.5 billion kroner (around $2 billion) over the money laundering case by authorities in Denmark, the USA, and the UK, as the investigations in Europe’s biggest money-laundering scandal draw to a close.

Danske Bank was previously indicted for suspicious transactions of 200 billion euros at there Estonian unit. The Denmark-based bank is cooperating with probes by the U.S. Department of Justice and U.S. Securities and Exchange Commission, among others. Another writ, which was filed on December 27th, 2019, in the district court of Cophengan by law firm Nemeth Sigetty, is for about 1.5 billion kroner, according to a statement.

Penalties tied to investigations will drive up Danske’s operating expenses to 42.4 billion kroner this year, according to an analyst at Jyske Bank. The costs are expected to return to normal next year.

As Danske Bank released the full dimensions of laundering scandal in September 2018, it’s shares have taken a beating. It now trades at large discounts to peers and Jyske, which recommends buying the stock, says the current price more than incorporates the consequences of the money-laundering scandal.

CCPA in effect - Mozilla firefox will let users delete their collected data

CCPA in effect – Mozilla firefox will let users delete their collected data

The California Consumer Privacy Act came into effect on Wednesday, Jan 1. Being obliged by the new privacy law, the maker of Firefox web browser Mozilla announced that to give more control to users over their data.

CCPA provides California residents the right to know what personal data is being collected by the companies and for which purpose. Moreover, the users have the right to ask the companies to delete their collected data. According to Mozilla, the changes it is making won’t be just for California residents, but all Firefox users. 

These new changes will be applicable to the release of the new browser version, which is scheduled for the coming Tuesday, i.e. January 7 as written by Mozilla in its blog post

“In line with the work we’ve done this year to make privacy easier and more accessible to our users, the deletion control will be built into Firefox and will begin rolling out in the next version of the browser on January 7. For Firefox, privacy is not optional. We don’t think people should have to choose between the technology they love and their privacy. We think you should have both. That’s why we are taking these steps to bring additional protection to all our users under CCPA.”

Though Firefox doesn’t collect any data of the users form visited websites or search queries, it let users delete telemetry data (e.g. session time or the number of tabs opened). This data is collected just to improve the performance and security of the browser. 

Since it is not worth to create two separate interfaces and policies for the browser’s users in different states, companies may follow suit of Mozilla, including Microsoft. Moreover, other states have also started considering laws similar to CCPA which may be applicable in the near future and could extend beyond California.


ProtonMail added an encrypted calendar to its encrypted Gmail competitor

ProtonMail added an encrypted calendar to its encrypted Gmail competitor

Previous year Google faced a hefty fine of $170 million by the Federal Trade Commission following the investigations into Youtube over alleged violations of children’s privacy law. The scrutiny on Google is potentially increased that how it collects and utilizes the consumers’ data and information.

Many people are looking out for some alternative to Gmail because of privacy concerns. ProtonMail is efficiently utilizing this opportunity to grab the attention of users who want to wean themselves off Google. It has recently launched an encrypted calendar “ProtonCalendar” through which paid users can privately manage their schedules in a calendar.

ProtonMail is previously renowned for its encrypted mail services. Currently, the encrypted calendar is only available with a paid ProtonMail plan. But the company is planning to launch this calendar for all the users in the near future. The company wrote in its blog post

“We believe everyone has the right to plan dinner with friends without announcing to Google who will attend,”

Google has faced allegations from its own employees that it was using some browser extensions to spy on them; however, these accusations were declined by the company. In 2017, Google stopped scanning user’s emails for advertising, ProtonMail still claims that some parties use calendar data for target advertising.

Calendars are a lot more than just organizing tool as ProtonMail writes in their blog post

“For the longest time, to easily organize these events, you had to let large corporations monitor these special moments. These companies snoop on your calendar and use that information to inform their advertising. A calendar is more than just a tool. It’s a record of the moments that make up your life.”

ProtonMail is still in its basic beta version. The company ought to add more advanced features and then launch it in the future. The new features will enable the users to invite other users and share their calendars with other ProtonMail users.


Pakistan’s State Bank unveils new AML/CFT regulations for Forex Firms

Pakistan’s State Bank unveils new AML/CFT regulations for Forex Firms

State Bank of Pakistan on Tuesday amended Anti-money laundering (AML) and Counter Financing of terrorism (CFT) related regulations in foreign exchange companies manual 2018 to further align them with the FATF action plan.

The global finance watchdog is going to announce its decision regarding the country’s deficiencies in AML/CFT laws.

“Exchange Companies shall take steps to ensure that there AML/CFT policies adhere to FATF regulations,” the SBP said. To achieve this, their policies, SOPs, compliance programs, and delivery channels will be monitored on an ongoing basis by the board of directors.

Foreign Exchange companies are further required to identify the customers and verify their identity on the basis of authentic documents, data or information. The need to identify if there is a beneficial owner who isn’t the customer.

For exchanging any foreign currency equal to, or below, the threshold of USD 500, exchange firms may resort to normal customer due diligence, wherein details like name and number of identity documents should be obtained at the minimum if there are no circumstances of a suspicious transaction.

According to the amendments by SBP, Forex firms shall employ automated systems for customer risk profiling, AML screening, and transaction monitoring. Moreover, the firms are required to take appropriate measures to manage and eliminate any risk that may arise afterward. 

Uber joins lawsuits to exempt itself from California law

Uber joins lawsuits to exempt itself from California law

California law effective from today, i.e. Jan 1 is all set to give equal protection to independent contractors.

Uber, the ride-sharing company and Postmates, on-demand meal delivery service, filed a lawsuit on 30 December in U.S. Court Los Angeles, to block the California law that was supposed to give protection and wage to the independent contractors. 

The lawsuit argued that the new California law violates the federal and state constitutional obligations of equal protection benefits and due process. Moreover, Uber said that it will try to link this lawsuit to the other challenge filed by the association (representing photographers and freelance writers) in mid-December.

In November 2019, the first challenge to the law was filed by California Trucking Association on behalf of independent truckers.

This new law is coming up with the nation’s strict rules according to which the independent workers must be considered as employees and this can set an example for other states. Lydia Olson, the ride-share drive wrote about his concerns in a Facebook post cited by Uber

“This has thrown my life and the lives of more than a hundred thousand drivers into uncertainty,” 

Lorena Gonzalez – democratic assemblywoman of San Diego raised her concern that more than one million California workers lack primary benefits including minimum wage, paid sick leaves, medical expense coverage, mileage reimbursements, etc. and therefore, the employee rights must be extended.

When the lawmakers were trying to craft the law, uber has tried to exempt itself from the obliged entities claiming it would defend its labor model from legal challenges. Moreover, uber joined DoorDash and Lyft in a vow to spend $30 million each to upturn the law if they don’t win the case in 2020.

Gonzalez said in one of her statement

“The one clear thing we know about Uber is they will do anything to try to exempt themselves from state regulations that make us all safer and their driver employees self-sufficient. In the meantime, Uber chief executives will continue to become billionaires while too many of their drivers are forced to sleep in their cars.”

The lawsuit by Uber contends that the law exempts some industries and it meddles the worker’s right to choose how they make living hence, they can void their existing contracts.


More posts