WCA July 2016

From the Americas

hackers roughly $4 million. Unlike other cyberattacks that target either systems or employees of the bank, GozNym reportedly employs a phishing scheme to trick the customer into clicking a malicious link in an email. The link installs the virus on the victim’s computer, where it lies dormant until the bank account is accessed online. Etay Maor, a senior fraud prevention strategist at Trusteer, the Boston-based IBM computer security division, told the Wall Street Journal that GozNym is able to record and transmit information in different ways, including recording keystrokes or taking screen captures of the bank account screen. According to Mr Maor, IBM believes the attackers originate from a criminal organisation in Eastern Europe.  Ms Williams noted that the USA has been cracking down on Eastern European nationals who profit from malware. Last Autumn, Russian national Dimitry Belorossov was sentenced to four-and-a-half years in prison for his role in distributing and managing banking malware that infected over 11 million computers worldwide and is thought to be responsible for over $500 million in losses. That scheme linked spam emails and commercial Internet ads to malware to distribute and install a bot known as Citadel onto victims’ computers. Like Citadel, the GozNym virus discovered by IBM in April is a Trojan – malware masquerading as legitimate software. A testing lab best known for its stamp of approval on microwaves and TV sets rolls out standards for Internet-connected products As well as enhancing awareness and protections at the government level, President Barack Obama’s Cybersecurity National Action Plan (CNAP), released in February, aims at empowering Americans to take better control of their own digital security. In response, Underwriters Laboratories (UL) in April announced its Cybersecurity Assurance Program (CAP), which uses a new set of standards to test network-connected products for software vulnerabilities. The new UL certification is intended for both vendors of Internet of Things (IoT) products and buyers of those products who want to mitigate their cybersecurity risks. It is also expected to be used for testing and certifying IoT devices within critical infrastructures such as energy and utilities. UL, an independent provider of safety-focused advice, testing and certifications for over 120 years, worked with the US Department of Homeland Security to develop CAP. As reported by Matt Hamblen of Computerworld , the Northbrook, Illinois-based company developed the new testing standards with input from industry officials and academics as well as the government. (“UL Takes on Cybersecurity Testing and Certification,” 5 th April) Ken Modeste, leader of cybersecurity technical services at UL, noted that information on the software elements in a given device is not as readily available as with hardware, where flaws can be traced to a known source. Thus one cause of security breaches is that remedial “patches” are not always incorporated into the finished product. Mr Modeste told Computerworld that CAP will help

According to co-founder Michael Pitteric, at full strength the mill will process 50,000 tons of carbon, alloy and tool-grade steel into flat, round and square steel bar in one shift. Indiana has led the USA in steel production for 35 straight years, but layoffs and plant closings have taken a severe toll on the industry. Nuco, like Posco, sought local help with its financing and reportedly obtained $600,000 in incentives from the Indiana Economic Development Corp on its pledge to create new jobs.  WLWT News 5 in Cincinnati, Ohio, reported that the Kentucky House of Representatives on 1 st April voted 97-0 in support of a bill that sweetens an economic incentives package intended to persuade AK Steel (West Chester, Ohio) to resume full operations at its Ashland steel mill in northeastern Kentucky. The measure, which awaits the governor’s signature, would extend existing incentives and offer new ones that would help offset the costs of re-starting the blast furnace at the mill. Citing unfair competition from imported steel, AK Steel in December shut down the furnace and related steelmaking operations at Ashland, putting hundreds of people out of work. The hot-dip galvanising line that primarily serves automotive customers was kept running, according to the company.  Global steel giant ArcelorMittal has permanently idled the 84 " hot strip mill at its Indiana Harbor facility in East Chicago, Indiana, in accord with the Action 2020 “strategic roadmap” announced by the company when it posted its 2015 earnings. With 4,770 employees, Indiana Harbor is the largest integrated steelmaking facility in the United States. Karen Caffarini of the Chicago Post-Tribune reported (2 nd April) that the move was expected by the United Steelworkers local at the mill, who said that the 300 workers there would be reassigned elsewhere onsite or at the company’s Burns Harbor complex in Illinois, or out of the area. Arcelor Mittal spokeswoman Mary Beth Holdford told the Post-Tribune that the company was considering all options at its mills in the USA and beyond, to optimise assets but “without layoffs by leveraging natural attrition.” While energy faces more cyber attacks than any other USA industry, shape-shifting malware continues to plague the individual As reported on 15 th April by Katie Bo Williams in the Washington-based daily The Hill , researchers at IBM Corp discovered a new type of malicious software used to steal from banking customers. To that point in the month, the so-called GozNym virus — a hybrid of two known malware strains — had targeted 22 banks, credit unions, and popular e-commerce platforms in the USA, and two financial institutions in Canada. The incursions netted the Cybersecurity

41

www.read-wca.com

Wire & Cable ASIA – July/August 2016