₦airaland Forum

DrSuleiman100:
Kwuption is more in the south than in the north

And yet 90% the people living in poverty in Nigeria live in the north. Please explain.

Difference in climate (less rain fall), different soil and roads in the north get less use because there are fewer cars, probably fewer people and much less industry.

https://afritechnet..com/2016/04/swift-bank-transfer-system-infected.html

The SWIFT (Society for Worldwide Interbank Financial Telecommunications) messaging platform used by 11,000 banks in more than 200 nations has been blamed for a breach that cost the Bangladesh Bank $81 million; cost the head of said bank to lose his job; and may yet lead to a civil suit against the US Federal Reserve.

SWIFT is a Brussels-based, member-owned (3,000 in total) cooperative that provides international codes to facilitate payments between banks globally. Hackers used malware hidden in the servers housed at the Bangladesh Bank to access the information needed to fake a legitimate bank transfer. The thieves used the data to transfer $81 million from the US Federal Reserve Bank of New York to banks and then casinos in the Philippines, from where the thieves had access to their loot.

BAE Systems research suggests that the malware was designed to delete any trace of a breach. It was the hackers inability to spell that lead to their heist being uncovered. The spelling of 'foundation' as 'fandation' lead to the phone call from Deutsche Bank that brought an abrupt halt to a robbery that could have netted the cybercrooks $1 billion, instead of the $81 million.

The malware has been identified as evtdiag.exe, a program designed to make slight changes to the SWIFT’s Access Alliance software installed at the Bangladesh Bank. The malware was carefully constructed for the purposes of attacking the Bangladesh Bank, allowing for database editing and message intercepting.

SWIFT have been criticized by the head of the Forensic Training Institute of Bangladesh’s police criminal investigation department, Mr Alam, who claimed that SWIFT failed to advise Bangladesh Bank prior to the heist. The bank itself has been criticized for its failure to implement even the most basic of security necessities such as a firewall and using cheap ($10), second-hand switches for its local servers. It is felt that better quality hardware and industry standard software would have made the breach more difficult.

SWIFT have promised to release a software update on the 25/4/16 along with a reminder to banking institutions to scrutinize their security procedures.

https://afritechnet..com/2016/04/swift-bank-transfer-system-infected.html

I think he's Chinese - they do this kind of nonsense there too.

https://afritechnet..com/2016/04/cybercrime-costs-nigeria-n127bn.html


The NSA has released a statement informing Nigerian citizens as to the extent of the cybercrime on the local economy. According to Major-General (retired) Babagana Manguno, Nigeria lost N127 billion as a result of malware attacks, software piracy and intellectual property theft between 2013 and 2014.

The National Security Adviser called for cooperation between civil society and the private sector to combat the growing online menace faced by government, business and private individuals alike.

The NSA drew attention to the The Cybercrime Advisory Council as mandated by Section 42 of the Cybercrime Act 2015 - a 31-man council drawn from a number of ministries, institutions and commissions including the EFCC, the Nigerian Stock Exchange and the Nigerian Police Force.

http://afritechnet..com/2016/04/cybercrime-costs-nigeria-n127bn.html

https://afritechnet..com/2016/03/happy-world-back-up-day-how-to-back-up.html

Personal data is the most important element of your computer experience. A good back up makes disaster recovery easier – should your hardware be compromised in some manner or operating system be corrupted, it is vital that there is a copy of your most cherished files.

Data backups are more important now that smartphones have become ubiquitous and seemingly indisposable. Losing a phone is an unpleasant experience but insurance covers the hardware, it’s the data that is irreplaceable. Making a backup of your data should be a priority, a back up of the operating system in its last working form may also be a good idea. Thankfully, the process of backing up data is now cheaper and easier than ever.

There are two main options – backing up to an external drive or backing up ‘the cloud’.
The process of backing up to an external drive begins with purchasing a hard drive (or flash drive) from a reputable company that has sufficient capacity for your data. Western Digital provide a number of good options.

The steps for backing up data as a Windows 7 are to be found in the ‘Control Panel where users have the ‘Backup and Restore’ options within the operating system. Windows 8/10 users will find their backup options contained within the ‘File History Settings’. Mac users have ‘Time Machine’. Linux users have a plethora of great options.


For those looking for useful cloud backup options:


JustCloud - http://www.justcloud.com/

Carbonite - http://www.carbonite.com/

OneDrive - https://onedrive.live.com

Dropbox - https://www.dropbox.com/

Google Drive - https://drive.google.com

Amazon Cloud Drive - https://www.amazon.com/clouddrive/home/


Each service provides instructions as to how to safely store your data.

Backing up data is a good habit to get into but ensuring that the backup file is retrievable is of the utmost importance.

https://afritechnet..com/2016/03/happy-world-back-up-day-how-to-back-up.html

https://afritechnet..com/2016/03/introducing-petya-ransomware.html

Cyber-criminals are reverting to tactics from the playbook of yore to extort money from a new generation of victims. Older iterations of ransomware typically fell into the ‘device lockers’ category, recently crypto-ransomware such as Cryptolocker and Locky have proven to be successful by encrypting particular files and folders. Petya is a departure from the current trends in that the entire hard drive is compromised by malware instead of a few specific files.

Petya is distributed via email, one tailored to read like a business related message from a job applicant. The email provides a link to the fake applicant’s CV, usually a legitimate cloud storage service such as box.com or Dropbox.

On clicking the link the recipient is confronted with two files – one a self-extracting executable Trojan file masquerading as the applicant’s CV, the other a photo of the alleged applicant. Said Trojan blinds the most popular antivirus programs and before it downloads and executes Petya ransomware.

Petya overwrites the entire hard drive (including the MBR) crashes the operating system, causing the dreaded BsoD (blue screen of death) to appear at start up. Victims will find that they cannot boot their machines into safe mode, rather the start up screen will display a ransom demand requesting that the victim make payment (in bitcoin) or forever lose access to the hard drive.

Readers are advised to be wary of links from unsolicited emails and to be avoid downloading files from unknown sources. Additionally keep firewalls and anti-virus software up to date. In case of emergency, readers should make a back up of their most important files on an external hard drive.

https://afritechnet..com/2016/03/introducing-petya-ransomware.html

https://afritechnet..com/2016/03/introducing-locky-ransomware.html

Businesses and individuals are being sent an email with a Microsoft Word attachment. The email claims that the attached document is an invoice or vital executable macro program. In reality the illegible ‘invoice’ and macro is a conduit for the infamous ransomware known as ‘Locky’ . Locky relies on social engineering more so than any great technical ingenuity to infect systems by advising the reader to enable macros so as to view the content of the attached document. Locky has successfully infected hundreds of computers in a number of European nations, Russia, the US, Pakistan, and Mali.

Once installed, Locky scans local drives (and networked drives) and encrypts files such as documents, images, music, videos, archives, database, and other web application-related files. Encrypted files are renamed and appended with a “.locky” extension. In a manner similar to other ransomware variants, a .txt file (_Locky_recover_instructions.txt) in numerous languages is left in every infected directory. The message directs victims to a Tor network to make payment in Bitcoins (0.5 BTC, roughly equal to $210).



How to protect against Locky

Locky has some weak points, apparently by design. For example, it won't execute on a computer that has its language settings set to Russian, which probably gives an approximate region of where its authors are located.

Locky tries to create registry key called "HKCU\Software\Locky. Locky will stop running if that key is created prior to infection.

Ransomware authors quickly improve their code, particularly after security researches publish weaknesses. Microsoft has taken steps to ensure that fewer people fall prey to macro-based infections.

https://afritechnet..com/2016/03/introducing-locky-ransomware.html

https://afritechnet..com/2016/01/data-privacy-day.html

Data Privacy Data (or Data Protection Day in Europe) occurs on January 28th, the purpose of which is to promote awareness regarding data privacy/protection. Families, individuals and businesses all need to play safely online. Hackers will exploit anyone who leaves themselves exposed.



To commemorate the day here are some important tips to keep your data safe:



1. Do not use these passwords if you wish to keep your email, social media, online bank log in details safe. https://afritechnet..co.uk/2016/01/do-not-use-these-passwords-in-2016.html



2. Use a good password manager to create and manage your numerous passwords. https://afritechnet..co.uk/2015/08/best-password-managers.html



3. Use a privacy-focused search engine. https://afritechnet..co.uk/2015/07/best-privacy-focused-search-engines.html



4. Be cautious when using Free/Open Wi-Fi portals. Avoid exposing personal or financial details when using free Wi-Fi. https://afritechnet..co.uk/2015/05/the-dangers-of-free-wi-fi.html



5. Use a VPN. A good VPN will encrypt communications and prevent unwanted disclosure of private data. https://afritechnet..co.uk/2015/11/why-you-should-use-vpn.html



6. Keep your smartphone secure. https://afritechnet..co.uk/2015/10/smartphone-security-tips.html





General tips - https://afritechnet..co.uk/2015/12/end-of-year-reminders-how-to-safeguard.html





Don't forget to subscribe to Afritechnet for further tips and to be kept abreast of the latest news, analysis and trends pertaining to data protection.

https://afritechnet..com/2016/01/data-privacy-day.html

Jorussia:
.mugabe concentrate on how to revive your currency,that currently has thesame value with a piece of paper.leave nigeria alone and face your dead economy.mugabe,you are the president of a country,that is on the verge of being a failed state economically,with out going through any form of arm conflict.

They've scrapped their local currency.

They now take US Dollars and SA Rand.

http://www.bbc.co.uk/news/world-africa-33105400

http://afritechnet..com/2015/06/cbn-orders-banks-to-establish.html


The Central Bank of Nigeria (CBN) on Friday announced the establishment of the Nigeria Electronic Fraud Forum (NeFF) as part of its effort to combat fraudulent activities in the banking industry, particularly those associated with increased use of electronic payment systems.

The bank’s Director, Banking and Payments Systems Department, Dipo Fatokun, said the establishment of the new industry desk followed submissions to the NeFF and consultation with the deposit money banks as well as electronic payments service providers.

The new desk, Mr. Fatokin said, would set up effective mechanisms for receiving and responding promptly to fraud alerts, to help manage and reduce electronic payments fraud in the country’s banking industry.

In a memo to all DMBs, switches and payment service providers, the CBN gave all banks and e-payment platforms July 1 deadline to set up and staff a functioning Fraud Desk.

The staff of the desks must be trained on emerging fraud trends on various electronic payments channels, the circular said. The desk would provide, among other services, support to customers on electronic fraud with a minimum of 10 dedicated phone lines, manned and available at all times, to handle calls directed from contact centre for fraud alerts and complaints.

The desk would also log on all customer fraud alerts and complaints and redirect them to the appropriate authorities in line with internally predefined path, while preparing and submitting reports regularly to the Nigeria Inter-bank Settlement System (NIBSS) on fraud information.

In addition, the desk would have the responsibility to sensitise customers on e-fraud and fraud desk services as well as manage/resolve all intra-bank issues by leveraging an enterprise fraud management system.

Under the new arrangement, the NIBSS would be responsible for coordinating the industry as provider of electronic platform for all the fraud desks across all banks, mobile money operators, switches and payments service providers to log frauds.

The NIBSS will also maintain direct and dedicated lines and email contacts of all stakeholders for the purpose of exchanging information and coordinating industry response to fraud attempts and incidents.

It will also ensure that DMBs receive enhanced e-fraud portal/instant payment platform, with capabilities for banks to initiate ‘block’ and’ hold funds’ electronic messages from a bank’s fraud desk to the other, while providing operational rules for effective fraud desk coordination.

Under the new arrangement, all interbank transactions on all electronic channels are expected to be passed through the central anti-fraud solution in NIBSS, which shall have access to each bank record of fraudulent transactions and provide monthly reports to the CBN.

All banks are expected to implement across all electronic channels an enterprise fraud monitoring system that would ensure behavioural monitoring, patterns and hold/block controls on transactions suspected to be fraudulent.

http://afritechnet..ae/2015/06/cbn-orders-banks-to-establish.html

http://afritechnet..com/2015/06/china-vs-washington-dc-4-million.html

It is now estimated that data belonging to up to 14 million current and former US government employers may have been exposed by the attack on the Office of Personnel Management. Some analysts have since referred to the breach as the digital equivalent of Pearl Harbor.

The initial figure was placed at around 4 million, the realization that more American's may have had their data compromised by foreign hackers has amplified the embarrassment already felt by US security agencies. The updated estimate is based on the understanding that attackers also had access to the information of veterans and retired personnel, information going back to the 1980s.

J. David Cox, president of the American Federation of Government Employees, said in a letter Thursday to OPM director Katherine Archuleta that based on incomplete information OPM provided to the union, "we believe that the Central Personnel Data File was the targeted database, and that the hackers are now in possession of all personnel data for every federal employee, every federal retiree, and up to 1 million former federal employees."

Cox went on to state that the union fear information on military records, veterans' status, address, date of birth, job and pay history, health insurance, life insurance, pension information, age, gender and race data has been exposed.

The OPM data file contains the records of most federal civilian employees, though not members of Congress and their staffs, members of the military or staff of the intelligence agencies.


http://afritechnet..ae/2015/06/china-vs-washington-dc-4-million.html

http://afritechnet..com/2015/06/chinese-hackers-vs-washington-dc.html

China-based hackers are suspected of breaking into the computer networks of the U.S. government personnel office and stealing identifying information of at least 4 million federal workers, American officials said Thursday.

The Department of Homeland Security said in a statement that data from the Office of Personnel Management and the Interior Department had been compromised.

“The FBI is conducting an investigation to identify how and why this occurred,” the statement said.

The hackers were believed to be based in China, said Sen. Susan Collins, a Maine Republican.

Collins, a member of the Senate intelligence committee, said the breach was “yet another indication of a foreign power probing successfully and focusing on what appears to be data that would identify people with security clearances.”

A U.S. official, who declined to be named because he was not authorized to publicly discuss the data breach, said it could potentially affect every federal agency. One key question is whether intelligence agency employee information was stolen. Former government employees are affected as well.

The information stolen could be used to impersonate or blackmail federal employees with access to sensitive information. Cyber-security experts also noted that the OPM was targeted a year ago in a cyber-attack that was suspected of originating in China. In that case, authorities reported no personal information was stolen. One expert said it’s possible that hackers could use information from government personnel files for financial gain. In a recent case disclosed by the IRS, hackers appear to have obtained tax return information by posing as taxpayers, using personal information gleaned from previous commercial breaches.

The Office of Personnel Management is the human resources department for the federal government, and it conducts background checks for security clearances. The OPM conducts more than 90 percent of federal background investigations, according to its website.

The agency said it is offering credit monitoring and identity theft insurance for 18 months to individuals potentially affected. The National Treasury Employees Union, which represents workers in 31 federal agencies, said it is encouraging members to sign up for the monitoring as soon as possible.

Cyber-security experts also noted that the OPM was targeted a year ago in a cyber-attack that was suspected of originating in China. In that case, authorities reported no personal information was stolen.

One expert said it’s possible that hackers could use information from government personnel files for financial gain. In a recent case disclosed by the IRS, hackers appear to have obtained tax return information by posing as taxpayers, using personal information gleaned from previous commercial breaches.

DHS said its intrusion detection system, known as EINSTEIN, which screens federal Internet traffic to identify potential cyber threats, identified the hack of OPM’s systems and the Interior Department’s data center, which is shared by other federal agencies.

It was unclear why the EINSTEIN system didn’t detect the breach until after so many records had been copied and removed.

Federal agencies are currently playing catch-up in trying to install two-factor authentication with smart cards, a system designed to make it harder for intruders to access networks.

http://afritechnet..ae/2015/06/chinese-hackers-vs-washington-dc.html

Overpopulation is the greatest cause of poverty.

Deal with that issue and you will have more resources to allocate.

Sustainable growth is the solution.