At a glance.
- Binance shares intel with Russia’s Rosfin.
- Ukrainian tears quench cybercriminal thirst.
- Philippines introduces new breach notification system.
- Spain investigates surveillance of Catalan leaders.
Binance shares intel with Russia’s Rosfin.
An investigation from Reuters reveals that about a year ago, Russia's financial intelligence unit, known as Rosfinmonitoring or Rosfin, met with the regional head of the world’s largest cryptocurrency exchange, Binance, in an effort to convince the crypto giant to share client data with Moscow. Rosfin was seeking intel about millions of dollars of bitcoin connected to jailed Russian opposition leader Alexei Navalny, who had been added to a national terrorist list for allegedly attempting to expose corruption inside the government of President Vladimir Putin. According to a series of text messages, Binance's head of Eastern Europe and Russia Gleb Kostarev acquiesced, stating he didn’t have "much of a choice." Binance claims it was never contacted by Russian authorities about Navalny, but has admitted that Russia’s invasion of Ukraine the exchange was "actively seeking compliance in Russia” and responding to "appropriate requests from regulators and law enforcement agencies” in an effort to strengthen its business in Russia. Though other leading fintech companies like PayPal, American Express, and Binance competitor EXMO.com have agreed to discontinue their operations in Russia during the war, Binance continues to serve Russian users, with CEO Changpeng Zhao explaining he is opposed to the war, but not to "the people on both sides of Ukraine and Russia that are suffering."
Ukrainian tears quench cybercriminal thirst.
Demonstrating that there’s no limit to the heartlessness of cybercrime, the Hill explains how hackers are using global concern over the war in Ukraine to their advantage. Researchers at Bitdefender found that cybercriminals were posing as Ukrainian government officials and charities like UNICEF and Act for Peace and even the brother of Ukrainian mayor Vitali Klitschko in order to convince targets to hand over their private data or funds. The United Kingdom’s National Fraud & Cyber Crime Reporting Centre issued a public advisory warning of cryptocurrency investment scams exploiting the crisis. As well, state-backed threat actors from China, Russia, Iran, and North Korea have been using war-related content as bait in phishing operations. China-tied Mustang Panda group’s deployment of a malicious zip file labeled “Situation at the EU borders with Ukraine.zip”, and threat group “Curious Gorge,” tied to China’s People Liberation Army Strategic Support Force, was found to be targeting the military forces in Ukraine, Russia, Kazakhstan and Mongolia. Experts say that in order to combat such operations, the US and its allies will need to seek collaboration between the private and public sectors and agree to share information.
Philippines introduces new breach notification system.
BusinessWorld reports that on April 20 the Philippines National Privacy Commission (NPC) has launched its Data Breach Notification Management System (DBNMS), a data breach reporting system that will support personal information controllers in submitting annual security incident reports and personal data breach notifications. The NPC explains, “The DBNMS addresses the limitations of manual submission and processing, as well as increases public transparency by allowing PICs to access pertinent and real-time information on their data breach notification.” The NPC will no longer accept Breach Notification and Annual Security Incident Reports via email, personal filing, or physical submission, and Privacy Commissioner John Henry D. Naga said that digitization of this process is part of the NPC’s efforts to embrace “emerging technologies that will revolutionize data privacy and protection.”
Spain investigates surveillance of Catalan leaders.
As we noted last week, an investigation conducted by Citizen Lab revealed that over sixty politicians, lawyers, and activists linked to the Catalan separatist movement were targeted with NSO Group’s Pegasus spyware. Reuters reports that yesterday Spain's Ombudsman said it plans to investigate allegations that the Spanish government could be behind the surveillance, in addition to a probe that will be carried out by the government’s CNI intelligence agency. The Ombudsman stated it will be assessing "a possible inappropriate use of the Pegasus software tools" that may have put "fundamental rights", including privacy, at risk. Spain's defense ministry released a statement in support of the investigation, confident it will clear CNI of any wrongdoing. The current president of the Catalan regional government, Pere Aragonès, was among the individuals targeted and says that the revelations have impacted negotiations about the semi-autonomous region’s upcoming elections with the incoming Spanish prime minister. Aragonès told Haaretz, “a democratic state does not spy on its citizens ... a democratic state does not listen in on the private conversations of its political opponents.” In a video conference interview he also stated that although it has not yet been proven that Madrid is to blame for the surveillance, “we suspect the Spanish intelligence agency. Who can be the other government that could be interested in my activities? This software can only be bought by states. The Spanish intelligence agency declared [in the past] that they bought this software. So yes, everybody is looking at Madrid.” He added that Catalan is “committed to a peaceful political solution to the conflict between Catalonia and Spain.”