Dear Colleague ,
Last month, authorities signaled a renewed focus on cyber resilience, U.S. Law Enforcement seized illicit cryptocurrency, anxiety rose about security in the quickly shifting fintech landscape, and a hack-and-leak of financial data occurred as part of the Nagorno-Karabakh war.
Authorities signal renewed focus on cyber resilience with COVID-19. The Financial Stability Board published a stream of reports, including on third-party risk and cyber incident reponse. In the U.S., financial authorities released a paper on "Sound Practices to Strengthen Operational Resilience" while SEC Chairman Jack Clayton warned that cyber incidents “have not gone away with the unfortunate, unforeseen risks we’ve faced with COVID…they’re there more than ever.” In APAC, HKMA announced its Cybersecurity Foundation Initiative 2.0 and Ravi Manon, MAS’ Managing Director, warned that as the pandemic continues, “resilience will come under greater stress as cyber attackers look for new vulnerabilities.”
U.S. law enforcement seize crypto, dry out launderers. DoJ’s seizure of a bitcoin wallet worth linked to previous Silk Road proceeds is another demonstration that U.S. law enforcement has a newfound capability—with support from Chainalysis c—to track illicit cryptocurrency transactions and seize virtual assets. For example, consider recent seizures from Brazilian criminals and Hamas, Al-Qaeda, and ISIS.
Key shifts in FinTech lost amidst coverage of Ant’s stalled IPO. While eyes were on Jack Ma’s gaffe that stalled what looked to be the largest IPO ever, the fintech landscape shifted elsewhere: the Indian government approved WhatsApp payments, Square, Paypal, and Revolut enable payments with cryptocurrency, and Stripe expanded its presence in Nigeria. But the speed of digital transformation, particularly in emerging economies, is raising concerns about security. The Ugandan government is focused on security of mobile money after a major hack disrupted a key mobile money platform. Concerns are rising to head-of-state level as President Jokowi of Indonesia called for fintech players to “mitigate” cybersecurity.
Alleged hack of financial system in Nagorno-Karabakh war. Armenia’s Public Radio reported that Armenian actors hacked Azerbaijani banks and leaked financial data amidst the conventional conflict in October. The actors published the data to PasteBin with a threat to “publish all information about your banks, financial and military infrastructures…we can take down all your infrastructures.”
If you’d like to dive deeper, please take a look at the curated News Round-Up below. As always, we also invite you to sign up for regular updates from Carnegie’s Cyber Policy Initiative, join the FinCyber Network on LinkedIn, and to follow @MaurerTim, @ArthurRobNelson, and @CarnegieCyber on Twitter.
Tim Maurer, Arthur Nelson, and the Cyber Policy Initiative Team at the Carnegie Endowment for International Peace