The Associated Press
15 May, 201715 May, 2017
SIGN UP FOR OUR NEWSLETTER
A Green Card-holder who previously escaped deportation is accused of killing two U.S. doctors in a high-profile South Boston murder case.
Bampumim Teixeira, an African national living in the U.S. on a Green Card, is accused of murdering Drs. Richard Field, 49, and Lina Bolanos, 38, in their apartment, according to Sentinel & Enterprise. Field and Bolanos were attacked when Teixeira allegedly tied them up and slit their throats. According to police, Teixeira had written a message on the wall of the apartment and cut up photos of the couple that were in the apartment. Before dying, Field texted a friend of his to call the police. When police arrived, they said they thought Teixeira was armed, therefore shooting him multiple times. Teixeira was a former security guard at the building, which police said is how the foreign national got inside.
Teixeira s criminal history is under review, as the Boston Herald obtained court records which show the foreign national should have never been in the U.S. to begin with. According to the Herald, Teixeira avoided deportation in 2016 after robbing two banks, one in 2014 and another in 2016. Teixeira, who is from Guinea-Bissau in Africa, got his Green Card in 2010. Rather than being deported for the bank robberies, the foreign national s defense attorneys and prosecutors worked out a plea deal which allowed him to remain in the U.S. after serving 364 days.
The foreign national is being charged with the murder of the two doctors and faces life in prison and deportation, should he ever be released from prison at any time.
LONDON/WASHINGTON The global WannaCry “ransomware” cyber attack spread more slowly on Monday with no major infections reported, as attention shifted to investment and government policy implications of lax cyber security.
There were 213,000 infected machines in 112 countries as of 1000 GMT on Monday, according to Czech security firm Avast, making it one of the largest coordinated attacks to hit computers across the world.
The countries most affected by WannaCry were the same as Friday: Russia, Taiwan, Ukraine and India, Avast’s data showed.
The number of infections has fallen dramatically since Friday s peak when more than 9,000 computers were being hit per hour. By afternoon on the U.S East Coast, new infections had fallen to the low hundreds of machines and continue to decline, Avast said.
Earlier on Monday, Chinese traffic police and schools reported they had been targeted as the attack rolled into Asia for the new work week, but no there were no major disruptions.
Authorities in Europe and the United States turned their attention to preventing hackers from spreading new versions of the virus.
Tom Bossert, U.S. President Donald Trump’s homeland security adviser, said people “should be thinking about this as an attack that for right now we have under control, but as an attack that represents an extremely serious threat,” speaking on ABC’s “Good Morning America” show.
Shares in firms that provide cyber security services jumped on the prospect of companies and governments spending more money on defenses, led by Israel’s Cyren Ltd (CYRN.O) and U.S. firm FireEye Inc (FEYE.O)..
Cisco Systems (CSCO.O) rose 2.8 percent, making it the leading gainer in the Dow Jones Industrial Average, which was up more than 100 points in afternoon trading, as investors focused more on opportunities the attack presented rather than the risk it posed to corporations.
The perpetrators of the attack are still not known. Bossert said that while U.S. officials had not ruled out the possibility that it was a “state action,” he said it appeared to be criminal, given the ransom requests.
Some victims were ignoring official advice and paying the $300 ransom demanded by the cyber criminals to unlock their computers, which was due to double to $600 on Monday for computers hit by Friday’s first wave.
So far only a few victims of the attack appeared to have paid, based on publicly available bitcoin accounts on the web, where victims have been instructed to pay.
The initial ransom demand was $300 per machine. Three days after becoming infected the demand doubles. Starting on Monday, the first victims began facing demands of $600 to unlock their machines.
This coming Friday, victims face being locked out of their computers permanently if they fail to pay the $600 ransom, said Tom Robinson, co-founder of Elliptic, a London-based private security company that investigates ransomware attacks.
As of 1400 GMT, the total value of funds paid into anonymous bitcoin wallets the hackers are using stood at just $55,169, from 209 payments, according to calculations made by Reuters using publicly available data.
Brian Lord, managing director of cyber and technology at cyber security firm PGI, said victims had told him “the customer service provided by the criminals is second-to-none,” with helpful advice on how to pay: “One customer said they actually forgot they were being robbed.”
Companies and governments spent the weekend upgrading software to limit the spread of the virus. Monday was the first big test for Asia, where offices had already mostly been closed for the weekend before the attack first arrived.
Renault-Nissan (RENA.PA) (7201.T) said output had returned to normal at nearly all its plants. PSA Group (PEUP.PA), Fiat Chrysler (FCHA.MI), Volkswagen (VOWG_p.DE), Daimler (DAIGn.DE), Toyota (7203.T) and Honda (7267.T) said their plants were unaffected.
British media were hailing as a hero a 22-year-old computer security whiz who appeared to have helped stop the attack from spreading by discovering a “kill switch” – an internet address which halted the virus when activated.
Individual European countries and the United States saw infections at a rate of only 10 percent to 20 percent of the most affected countries, according to the researcher who stumbled on the kill switch.
The virus hit computers running older versions of Microsoft Corp (MSFT.O) software that had not been recently updated. Microsoft released patches last month and on Friday to fix a vulnerability that allowed the worm to spread across networks. The company’s shares were down about 1 percent on Monday, in a slightly higher broad market.
Infected computers appear to be largely out-of-date devices. Some have also been machines involved in manufacturing or hospital functions, difficult to patch without disrupting operations.
The U.S. Senate Intelligence Committee is monitoring the attack and expects to receive a briefing in the coming days from the Trump administration, a panel aide said.
In a blog post on Sunday, Microsoft President Brad Smith confirmed what researchers had already widely concluded: the attack made use of a hacking tool built by the U.S. National Security Agency that had leaked online in April.
He poured fuel on a long-running debate over how government intelligence services should balance their desire to keep software flaws secret – in order to conduct espionage and cyber warfare – against sharing those flaws with technology companies to better secure the internet.
Russian President Vladimir Putin, noting the technology’s link to the U.S. spy service, said it should be “discussed immediately on a serious political level.”
“Once they’re let out of the lamp, genies of this kind, especially those created by intelligence services, can later do damage to their authors and creators,” he said.
In Britain, where the virus first raised global alarm when it caused hospitals to divert ambulances on Friday, it gained traction as a political issue just weeks before a general election. The opposition Labour Party accused the Conservative government of leaving the National Health Service (NHS) vulnerable.
“The government’s response has been chaotic,” the British Labour Party’s health spokesman Jon Ashworth said. “If you’re not going to allow the NHS to invest in upgrading its IT, then you are going to leave hospitals wide open to this sort of attack.”
Britain’s NHS is the world’s fifth-largest employer after the U.S. and Chinese militaries, Wal-Mart Stores and McDonald’s. The government says that under a previous Labour administration the trusts that run local hospitals were given responsibility to manage their own computer systems.
Asked if the government had ignored warnings over the NHS being at risk from cyber attack, Prime Minister Theresa May told Sky News: “No. It was clear (that) warnings were given to hospital trusts.”
British health minister Jeremy Hunt said on Monday it was “encouraging” that a predicted second spike of attacks had not occurred, but the ransomware was a warning to public and private organizations.
China appeared over the weekend to have been particularly vulnerable, raising worries about how well the world’s second-largest economy would cope. However, officials and security firms said the spread was starting to slow.
“The growth rate of infected institutions on Monday has slowed significantly compared to the previous two days,” said Chinese Internet security company Qihoo 360.
An official from Cybersecurity Administration China (CAC) told local media on Monday the ransomware had affected industry and government computer systems but the spread was slowing.
Energy giant PetroChina (601857.SS) said payment systems at some petrol stations were hit although it had restored most of the systems.
Elsewhere in Asia, Conglomerate Hitachi Ltd (6501.T) said the attack had affected its systems over the weekend, leaving them unable to receive and send emails or open attachments in some cases.
At Indonesia s biggest cancer hospital, Dharmais Hospital in Jakarta, attacks affected scores of computers. By late morning, some people were still manually filling out forms, but 70 percent of systems were online.
India’s government said it received only a few reports of attacks and urged those hit not to pay any ransom. No major Indian corporations reported disrupted operations.
(Additional reporting by Cate Cadell, Jemima Kelly, Eric Auchard and Tim Ahmann; Writing by Peter Graff and Nick Zieminski; Editing by Peter Millership and Bill Rigby)
Next In Cyber Risk
European, Asian companies short on cyber insurance before ransomware attack
LONDON/NEW YORK Many companies outside the United States may not have cover for a recent computer-system attack, leaving them potentially with millions of dollars of losses because there has been relatively little take-up of cyber insurance, insurers say.
Ransomware hits small number of U.S. critical infrastructure operators: official
WASHINGTON A small number of U.S. critical infrastructure operators have been affected by the global ransomware worm, but there has been no significant disruption in their work, a Department of Homeland Security official told Reuters on Monday.
More disruptions feared from cyber attack; Microsoft slams government secrecy
WASHINGTON/FRANKFURT Officials across the globe scrambled over the weekend to catch the culprits behind a massive ransomware worm that disrupted operations at car factories, hospitals, shops and schools, while Microsoft on Sunday pinned blame on the U.S. government for not disclosing more software vulnerabilities.
For air travelers, security checks are often the most stressful part of the airport experience. Even for seasoned passengers, changing security rules and technology can come as a surprise. One of the latest changes in Finnish airport security has to do with checking for traces of explosives and has led to minor changes in other security routines.
Helsinki Airport is currently testing the Avatar security scanners. The new technology promises smoother and faster security checks. How will it work? A security check officer will direct the passenger to the Avatar scanner only if the metal detector s alarm is set off. The scanner then uses low-frequency waves to create a generic and unrecognizable image that lets the officer know which part triggered the alarm. This enables the security officer to check only that part manually.
Security Services Supervisor, Joni Pekkanen, told finavia.fi about the changes in security check technology, and what we can expect in the future. In Finland, the legislation for aviation security is set by the EU. The latest major change came into effect in 2015, and requires the use of explosive trace detectors in security checks, Pekkanen says.
It has changed the random hand inspections. For instance, passengers no longer need to take their belts off for the random inspection.Belts or belt buckles must still be taken off, however, if they cause an alarm at the metal detector gate. We have tested, among others, body scanners and a shoe scanner and partially automated security lines. Our aim is to find equipment that ensures the smoothest, most comfortable and functional security check for both the passengers and the staff. As technology advances it becomes easier to detect possible threats and the security processes can speed up. The recent Avatar body scanning pilot was a good example: We were able to decrease the amount of hand inspections while maintaining a high level of security.
Last year, Helsinki Airport tested new face recognition technology for staff members security checks. The results were encouraging and the technology is now being piloted at check-in, in cooperation with Finnair.
Utilizing new, biometric technology at airports makes travelling faster and easier. The goal is to enable passengers to travel hands in the pockets, i.e. removing the need to present boarding passes at different checkpoints.
I myself am looking forward to hand luggage X-ray technology, which, in the future, could enable passengers to keep their computers and liquids inside their carry-ons during security check. I believe that this technology could start to be implemented three to five years from now Pekkanen said.