News

Tech Giant Olympus Hit by Ransomware Attack from ‘BlackMatter’, Successor of DarkSide

Richard Marley
September 13, 2021
2 minutes read
394

More than 40 ransomware attacks have been attributed to BlackMatter, a ransomware-as-a-service group that has targeted Japanese tech giant Olympus.

In a brief statement on Sunday, Olympus said that it is “currently investigating a potential cybersecurity incident” that has affected its European, Middle East and Africa computer network.

The statement says, “Upon detection of suspicious activity, we immediately mobilized a specialized response team including forensics experts, and we are currently working with the highest priority to resolve this issue. As part of the investigation, we have suspended data transfers in the affected systems and have informed the relevant external partners”.

The group behind the ransomware attack on Olympus has been identified as BlackMatter – a Ransomware-as-a-Service (RaaS) group that is considered as a successor of criminal groups DarkSide and REvil. High-profile cases initiated by these two groups include the Colonial Pipeline and Kaseya ransomware attacks.

A ransom note positioned on the infected computers claims the attack has been launched by BlackMatter. It says, “Your network is encrypted, and not currently operational,” it reads. “If you pay, we will provide you the programs for decryption.”

Ever since the BlackMatter group emerged in June, more than 40 ransomware attacks have been attributed to them. However, the total number of victims is likely to be significantly higher.

Olympus is a world-renowned multinational Japanese technology company, which originally focused on optics and reprography products. It is best known for its cameras, which are commonly used in the industry of photography and other forms of media.

While no updates have been provided by either sides, the BlackMatter and Olympus ransomware attack shows how big of a threat is directed at Big Tech companies.

Disclaimer: No warranty is herein provided that the information contained in this document is accurate, up-to-date, and/or complete. In no circumstance(s), does such information constitute legal or any other advice. Any person who intends to use, rely, pass-on, or re-publish the information contained herein in any way is solely responsible for the same. We suggest to verify the information and/or obtain expert advice independently if required.

Latest News

News
Increasing Incidents of Fraud Becoming a Threat to UK’s National Security: UK Finance
Automated systems prevented approximately 736 million pounds ($1 billion) from being stolen through fraudulent means in the first half of 2021.

According to a Reuters report published on Wednesday (Sept. 22), UK Finance has stated that the rising incidents of fraud observed in the e-commerce and online banking sector since the start of the COVID-19 pandemic are slowly becoming “a national security threat”.

The banking industry lobby group UK Finance said that government-backed schemes have become a need of the hour to counter the rising financial crime threats.

Government-coordinated action is needed as criminals have shifted their focus to exploit weaknesses outside the banking system, according to UK Finance’s latest fraud report which covers the first half of 2021.

Read more here: https://t.co/kiWNaBxmjt pic.twitter.com/8b4N6xgafS

— UK Finance (@UKFtweets) September 22, 2021

In the first half of 2021, criminals stole nearly 754 million pounds ($1.03 billion) through bank fraud. This amount represents a 30% rise in bank-related fraud compared to the same time period in 2020, reveals a UK Finance report.

Among the rising fraud schemes was Authorized Push Payment (APP) fraud, whereby customers make payments to criminals, thinking they are legitimate entities. APP fraud went up by 71% in 2021, the report said, moving ahead of card-based fraud for the first time.

Additionally, the UK Finance’s report shows 70% of APP scams were based online and highlighted a rise in the number of online ads that seek individuals as young as 14 to turn them into so-called “money mules” for illegal activities.

The banking group asserted the need for government action through a planned Online Safety Bill, which currently does not include online ads.

“The level of fraud in the U.K. is such that it is now a national security threat,” said Katy Worobec, Managing Director for economic crime at UK Finance, in the report. “The banking sector cannot solve this on its own.”

The report further encouraged the use of automated solutions for combating financial crime, stating that bank security systems prevented approximately 736 million pounds ($1 billion) from being stolen through fraudulent means in the first half of 2021.

Last week, the Financial Conduct Authority stated that the UK lost about 570 million pounds ($778 million) in investment fraud through April 2021, an amount that makes three times the 2018 total.

Suggested Read: UK Exposed to Significant Trade-based Money Laundering Risks Post-Brexit

Recent Posts

Blog
A Brief Overview of 2021 AML Trends
Over the last decade, regulatory scrutiny on Anti-Money Laundering (AML) compliance has remained a key area of focus. Well into 2021, the AML landscape has substantially transformed owing to the introduction of new regulatory regimes, unexpected fraud statistics, adoption of regtech technologies, and binding standards set by the global money laundering/terrorist financing watchdog, Financial Action Task Force (FATF).

As such, financial institutions can no longer afford to lose focus on the critical responsibility of detecting, preventing, and reporting suspicious activities. At the same time, institutions are being pushed towards exploring the adoption of robust technologies for keeping pace with fraudsters and money launderers.

Brief Summary of AML Trends in 2021

New AML Guidelines

On January 1, 2021, the Anti-Money Laundering Act of 2020 (AMLA 2020) officially became law, following the US Congress’ vote in favour of the National Defense Authorization Act for Fiscal Year 2021 (NDAA). The new AML law has made some sweeping changes to the Bank Secrecy Act and other AML rules, such as the introduction of new beneficial ownership requirements, the addition of virtual currencies in the AML framework, mandatory Suspicious Activity Reporting (SAR) requirements, and expanded civil penalties for the violators of the AMLA.

UAE

The United Arab Emirates has been at the forefront of the battle against money laundering and terrorist financing threats in 2021. In June 2021, the UAE Central Bank mandated the reporting of suspicious activities and the development of robust AML programs to minimize the risks of money laundering and terrorist financing.

Following this move, Dubai set up a specialized court for combating money laundering challenges, while the National Committee for Combatting Money-Laundering and Financing of Terrorism and Illegal Organisations (NAMLCFTC) introduced new regulatory requirements for virtual asset providers in September 2021. Under the new AML framework, all virtual currency providers including cryptocurrencies have been obligated to comply with the FATF’s travel rule.
Singapore

Singapore is among the few countries that are effectively combating financial crimes such as money laundering and financing terrorism. The country has successfully developed strong AML policies to comply with international AML standards. Additionally, Singapore is also one of the founding members of the Asia/Pacific Group on Money Laundering – the intergovernmental body that ensures the implementation of AML strategies.

In July, the Monetary Authority of Singapore (MAS) proposed to expand the scope of AML requirements. This proposal was made to deter financial crimes taking place in financial institutions that deal with precious stones, metals and products (abbreviated to PSM).

Hong Kong

As part of Hong Kong’s two-year roadmap to promote regtech adoption in banking, the Monetary Authority of Hong Kong (HKMA) published new anti-money laundering guidelines in April, emphasizing the benefits of merging data from internal and external sources, proactive data analysis and information sharing for tackling emerging AML risks.

Philippines

In January, the government of Philippine expanded the scope of the Anti-Money Laundering Act (AMLA), bringing offshore gaming operators, real estate developers and brokers into the AML framework. Later, in February, the country’s central bank revised its AML/CFT risk assessment framework and introduced a four-point rating scale to facilitate companies in evaluating risks and the quality of their anti-money laundering and counter-terrorism financing program.

The Philippines had managed to make adequate progress of strengthening the effectiveness of its AML/CFT regime to be removed from FATF’s grey list in 2017. However, it has been placed in the grey list following the FATF’s “Jurisdictions under Increased Monitoring” report of 2021.

Financial Institutions are Investing in AI for AML Compliance

Traditional mechanisms of ensuring KYC and AML compliance have proven to be inadequate given today’s robust regulatory landscape. Thus, an increasing number of organizations are moving towards AI and ML-backed technologies. Not only do such technologies allow companies to cut down costs, but it also enhances the due diligence processes necessary for effective fraud prevention.

Based on research by SAS, KPMG and the Association of Certified Anti-Money Laundering Specialists (ACAMS), more than a third of financial institutions deem AI and ML technologies crucial for streamlining AML compliance. Over half (57%) of surveyed respondents stated that they had either already deployed AI/ML into their AML compliance processes, are currently piloting AI solutions, or plan to implement them within the next 12-18 months. According to the survey by SAS, KPMG, and ACAMS, the following two factors have been identified as the primary drivers behind AI and ML adoption:

They improve the quality of investigations and regulatory filings (40%)

They reduce false positives and resulting operational costs (38%)

Suggested Read: AI a Blessing – AML compliance cost reduced by $217 billion

Regulators Urge the Use of Tech for AML Compliance

In January 2021, the Hong Kong Monetary Authority published case studies that highlighted the benefits of adopting RegTech solutions, particularly for meeting Anti-Money Laundering and Countering the Financing of Terrorism (AML/CFT) compliance targets.

The new guidance encouraged the adoption of regtech solutions in the area of customer identity verification and transaction monitoring – a mandatory task performed by banks to comply with AML/CFT regulations.

Additionally, the FATF examined the use of automated technologies in a report published in June, stating that with the fusion of a risk-based approach and innovative technologies, financial inclusion can be promoted. Other benefits of using automated technologies for AML compliance highlighted by the FATF include secure payments and transactions, enhanced due diligence on high-risk entities, and ongoing transaction monitoring.

“They can help financial institutions and supervisors, assess these risks in ways that are more accurate, timely and comprehensive.” – FATF

Trade-based Money Laundering on the Rise

Trade-based money laundering refers to the process of moving funds through trade transactions in an attempt to disguise its source and reintroduce the money into the legal financial system. The FATF’s president, Marcus Pleyer, declared trade-based money laundering a new kind of fraud that enabled criminal organizations to launder over $400 million in recent years. In March, the Financial Action Task Force (FATF) and Egmont group published a new report on risk-indicators of Trade-based Money Laundering. The report was issued to assist the private and public sector in recognizing suspicious activities that occur in overseas trade.

Additionally, research published in the latest “Journal of Money Laundering Control” states that in the post-Brexit landscape, the UK is at a high risk of trade-based money laundering owing to a rise in illicit outflows and unpreparedness of enforcement bodies.

The EU’s AML Proposal

To revamp the EU’s AML and CFT regime, the European Commission published a new AML proposal in July 2021. The EU AML draft consists of four legislative proposals that suggest the formation of a new AML authority (AMLA), a single EU rulebook for AML/CFT compliance, imposition of AML/CFT rules on the crypto sector, and the adoption of a 6AMLD which revokes 4AMLD.

These proposals seek to combat the challenges associated with the detection of suspicious activities and transactions, and the shortcomings of AML policies that criminals currently exploit. As stated in the EU’s Security Union Strategy for 2020-2025, enhancing the country’s AML/CFT framework will provide Europeans with better prospects of protecting themselves against terrorism, money laundering, and other organized crimes.

Suggested Read: The EU’s New AML Proposal, What’s in Store?

Growing List of Countries Support AML Regulations on Crypto

To prevent the misuse of cryptocurrencies for money laundering and terrorism financing, the Financial Action Task Force introduced the Travel Rule in June 2019. However, only 58 out of the 128 reporting jurisdictions had implemented the revised FATF standards by June 2021.
In the first half of 2021, Ireland undertook serious measures to regulate crypto-based firms by mandating all Irish VASPs (Virtual Asset Service Providers) to register with the country’s Central Bank within a deadline of three months. South Korea’s Financial Intelligence Unit (KoFiu) also imposed similar registration requirements on all crypto providers and stated, “any local crypto platform that fails to comply with the new rule will face an outright ban on operating in South Korea”.

In September, Ukraine officially adopted the Draft Law On Virtual Assets. Prior to that, Cuba passed a law to recognize and regulate cryptocurrencies, while Panama is currently in the planning phase for new cryptocurrency regulations. Other countries that support AML regulations on crypto include the UK, UAE, France, Switzerland, Germany, Netherlands, Thailand, Japan, and Australia.

Key Takeaways

Despite the rising incidents of money laundering, economies worldwide are implementing strategic programs to effectively minimize associated risks. On one end, regulators are introducing new guidelines to diminish ML/TF threats, while on the other, financial institutions are deploying fully automated technologies to streamline customer risk assessments, ensure continuous transaction monitoring, and screen all clients against global watchlists.

To perform AML screening in real-time with global coverage of PEP, Sanctions, and criminal watchlists, talk to our experts right away!

Talk to us

Tech Giant Olympus Hit by Ransomware Attack from ‘BlackMatter’, Successor of DarkSide

Brief Summary of AML Trends in 2021

New AML Guidelines

UAE

Singapore

Hong Kong

Philippines

Financial Institutions are Investing in AI for AML Compliance

Regulators Urge the Use of Tech for AML Compliance

Trade-based Money Laundering on the Rise

The EU’s AML Proposal

Growing List of Countries Support AML Regulations on Crypto

Key Takeaways

Let’s prove your

customer’s identity

with Shuftipro.

Let’s prove your customer’s

identity with Shuftipro.