André is a senior technology leader and manager within financial services, with a 20-year background as an architect and technical leader in the financial services industry. He has worked with internet trading platforms, exchange technology, real-time risk management and information distribution.

André told SiliconRepublic.com that his role as CIO has evolved beyond maintaining regular IT software. Now, he must ensure the company is keeping pace with evolving customer demands, which can often mean looking for support from third-party experts.

“Comparatively, as a tech-first payments bank, Banking Circle is uniquely positioned when it comes to developing technological solutions in-house. This is because progressing the banking and technological innovation are both important components influencing our engineering strategy and market offering,” he said.

“As CIO, my responsibilities lie in leading the development of solutions and platforms that uniquely marry the banking-tech product with wider business initiatives.”

‘Traditional rule-based approaches used in transaction monitoring are incredibly poor’
^{– MICHEL ANDRÉ}

Are you spearheading any major product or IT initiatives you can tell us about?

Though there has been an exciting change in digital transformation momentum within the industry, the transferral of money between countries remains a slow and expensive process with transactions taking up to five days.

Cross-border payments are at the core of Banking Circle’s offering and we are always working towards making payments as fast and cost effective as we can for our clients.

Undergoing the shift to the cloud and establishing our foundation there has strongly positioned us for developing our tools and access to local payments on a global scale.

In turn, this is propelling our geographical expansion and mission for 2022 as we aim to broaden our reach and increase real time payments whilst scaling Banking Circle to the next level.

How big is your team?

Prior to joining Banking Circle three years ago, there were 15 people in our team. We have been in a lucky position to be able to expand over the course of the pandemic, last year doubling the size of our team.

Within the engineering team, there are around 100 people. Within the combined product and engineering team there are approximately 140 people.

What are your thoughts on digital transformation within the finance industry?

It is both an exciting and pressurising time for banks and payments businesses. They are servicing the global e-commerce sphere and having to evolve quickly to meet the demands of increasingly savvy consumers, who expect a seamless experience with instant access service options.

This trend is only going to accelerate. Therefore, it is critical for those working within payments to undergo digital transformations, adopting tools that will empower teams and appeal to customers, or else risk being left by the wayside.

This is where Banking Circle closes the gap between evolving payments trends and incumbent banks that rely on outdated legacy systems. Banking Circle’s platform was built in the cloud from the outset, so we could focus purely on developing a technology platform that could meet and exceed our clients’ expectations.

The cloud strengthens our agility when it comes to delivering cross-border payments, enhancing both functionality and an intuitive user experience, decreasing the cost and time associated with sending money across the globe.

What big tech trends do you believe are changing the world?

It’s been an exciting start to the year for fintech. In the UK, investment in the industry rose seven-fold last year compared to 2020, fuelling all sorts of new trends on the horizon.

Though there is a lot of noise surrounding the metaverse and augmented reality, I wouldn’t go as far as to say this will play a fundamental role in shaping the financial services industry specifically. Instead, AI and machine learning have the power to disrupt and define the industry going forward.

Utilising AI and machine learning will influence an array of factors, from how we onboard clients to enhancing transaction monitoring. Though the fintech industry received record high investment levels last year, simultaneously 2021 was the year anti-money laundering fines rocketed.

With this in mind, I urge governments and regulators alike to prioritise digital transformations and adopt AI and machine learning to prevent fraudulent activity slipping through the cracks. These technologies will pave the way for disrupting the security landscape for good in the fight against financial crime.

How can we address the security challenges currently facing the fintech industry?

As technology evolves, as do criminal tactics when it comes to fraudulent transactions. Traditional rule-based approaches used in transaction monitoring are incredibly poor because they use behavioural rules to detect crime, capturing and operating on limited parts of the transaction information.

As a result of this, the industry sees false positive rates at a crippling 97pc-99pc. Such erroneous mishaps can grievously harm customer relations and client experience. So, given the current landscape, it comes as no surprise clients are expecting a high level of security measures, as older processes and approaches do not cut the mustard.

To address such challenges, fintechs and payments businesses must build technologies with security at the core, which is why, at Banking Circle – as part of our mission to prevent financial crime – we developed our own AI and machine learning tools.

What’s exciting about AI and machine learning is they can spot red flags which we as humans never could, greatly reducing the margin of error. With these tools, Banking Circle’s platform ensures vigilant security measures and insights when it comes to transaction monitoring.

Vigilance and investment is also needed to elevate your broader security posture to mitigate cyberthreats. This needs to be done using modern approaches such as zero trust, multifactor authentication, zero-standing access and AI/machine learning approaches to monitoring and detection of potential breaches.

This level of in-depth security, combined with a human element of security awareness, is key to meet the new security landscape.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

The post Banking Circle CIO: ‘AI can spot red flags that humans never could’ appeared first on Silicon Republic.

The game, called Twitter Data Dash, is a side-scrolling platformer where users play as a dog called Data. The player guides Data through Twitter-themed levels, such as a ‘sea of DMs’ and tackling ‘trolls’, while collecting bones that offer information about Twitter’s privacy settings.

The game, made by video game designer Momo Pixel, is part of a broader push by Twitter to make its privacy policy more transparent and accessible to its users.

“Through Twitter Data Dash, we hope to encourage more people around the world to take charge of their personal information on our service and maybe even have a little fun in the process,” Twitter said in a blogpost yesterday (11 May). “Transparency is core to our approach and we want to help you understand the information we collect, how it’s used and the controls at your disposal.

“We hope Twitter Data Dash introduces a fun and interactive way to learn about a topic that has historically been anything but,” Twitter said.

The social media platform has rewritten its privacy policy to contain less “legalese” and use more easily understood language. The redesigned privacy policy site now has three primary sections covering data collection, data use and data sharing.

The site has answers to commonly asked questions and new illustrations designed to bring the company’s “privacy policy to life”.

Twitter also shared plans to update its privacy iconography – the visual symbols that represent core settings related to security and privacy. The platform said its goal is to propose “standardised privacy icons” for privacy settings, similar to how the magnifying glass is an easily recognisable icon for search functions.

“We’ve been ideating and conducting research into privacy iconography and plan to publish our findings and ideas soon,” Twitter said.

The future of the Twitter remains uncertain as it recently entered into an agreement to be acquired by Elon Musk in a $44bn deal that will take the company private.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

The post Twitter has made a game to help users level up their privacy knowledge appeared first on Silicon Republic.

Scanlon is founder and executive chairperson of Dublin-based speech recognition tech company SoapBox Labs. She will take up her role immediately.

The appointment of an AI Ambassador is one of the provisions under the Irish Government’s national AI strategy, which was launched last year. The ‘AI – Here For Good’ strategy said it would focus on how technology can be used in human-centred and ethical ways to improve the lives of Irish people.

Commenting on her appointment, Scanlon said: “In my new role I look forward to working to demystify AI and promoting the positive impacts it can have in areas such as health, agriculture, transport and education. I also am excited to hear the views of young people about the role they believe AI should have in shaping their futures and the future of Ireland in the coming decades.”

She said she saw “a clear opportunity for Ireland to become a leader in advocating for and adopting an ethical approach to AI, that puts humans first”.

A key part of Scanlon’s role will be engagement with young people. A National Youth Assembly on AI will be convened in September 2022 in conjunction with the Department of Children, Equality, Disability, Integration and Youth. This event will engage with young people on their attitudes, awareness and fears in relation to AI. It will also promote careers in technology.

As well as engaging with young people and working to improve understanding of AI, Scanlon will become a member of the Enterprise Digital Advisory Forum.

“As an AI developer, Dr Scanlon has used this powerful technology to help children to learn. She will draw on her experience and expertise as an Irish SME in the field to help to demystify artificial intelligence for people and for small businesses who may be hesitant to engage with AI,” said Minister of State for Trade Promotion, Digital and Company Regulation Robert Troy, TD.

“If we are to rebuild a resilient, future-proofed economy we must prepare for it and part of that is to start a national conversation to better understand technologies such as AI,” he concluded.

Last year, Scanlon stepped down as CEO of the company she founded in 2013. She was replaced by Dr Martyn Farrows, who joined SoapBox Labs in 2017 as COO.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

The post SoapBox Labs’ Patricia Scanlon appointed Ireland’s first AI ambassador appeared first on Silicon Republic.

This includes a $10m reward for any info that leads to the identification or location of individuals holding key leadership positions in the organised crime group behind Conti, as well as a $5m reward for any info leading to the arrest of anyone conspiring or attempting to participate in a Conti attack.

First observed in 2020, the Conti ransomware has been linked to a group believed to be based near St Petersburg, Russia, and has been responsible for hundreds of cyberattacks in the past two years.

In May 2021, the Conti group was behind the HSE ransomware incident that saw more than 80pc of the IT infrastructure of healthcare services across Ireland impacted in what was said to be the most serious cyberattack ever to hit the State’s critical infrastructure.

Even though Ireland did not pay the group a ransom, the hackers behind Conti made money elsewhere. The FBI estimates that as of January 2022, there had been more than 1,000 victims of attacks associated with Conti ransomware, with victim payouts exceeding $150m.

The US Department of State, which announced the rewards for information last Friday (6 May), said that this makes the Conti ransomware variant the “costliest strain of ransomware” ever documented.

“In offering this reward, the United States demonstrates its commitment to protecting potential ransomware victims around the world from exploitation by cybercriminals,” a statement read. “We look to partner with nations willing to bring justice for those victims affected by ransomware.”

Most recently, the group behind Conti perpetrated a ransomware incident against the government of Costa Rica that severely impacted the country’s foreign trade by disrupting its customs and taxes platforms. Costa Rica declared a state of national emergency yesterday (8 May) as a result.

In the immediate aftermath of Russia’s invasion of Ukraine earlier this year, a Ukrainian researcher took the cybersecurity world by storm after publishing more than 60,000 internal messages of the Conti group.

According to BleepingComputer.com, he was angered by a blogpost made by the hacker group declaring its allegiance to Russia and accessed the back-end of Conti’s XMPP chat server and extracted 60,694 internal messages of the group between January 2021 and February 2022 – potentially providing vital information for investigations.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

The post US offers $15m reward for info on Conti group behind HSE cyberattack appeared first on Silicon Republic.

Prior to Toshiba, Yamamoto worked at IBM, where he was global electronics industry CTO. He is a leading expert in advanced digital technologies and IoT, including big data processing, service-oriented architecture and the promotion of the capabilities necessary to achieve industry 4.0.

As part of his current role, Yamamoto leads the refinement of Toshiba’s Spinex IoT architecture, which is a framework that helps the company deploy its industrial internet of things (IIoT) services.

“We often see when setting up an IIoT framework that different parties use the same terminology, but they are referring to different things,” he told SiliconRepublic.com.

“This can get complicated not only for us but for third parties using our services to build ecosystems, so my role is to standardise that.”

‘We must start looking at the ways technology can help fuel sustainability initiatives’
 ^{– HIROSHI YAMAMOTO}

What are some of the biggest challenges you’re facing in the current IT landscape?

Our biggest challenge is to make IIoT and cyber physical systems (CPS) a business initiative for our customers – to show the value of this service when the return on investment might not be immediately apparent.

This means that we must understand the business imperatives and challenges our customers are facing. We do this by meeting our customers in the middle, carrying out the organisation’s business imperatives top-down and implementing the technology bottom-up at the same time.

We aim to always show our customers a return on investment as quickly as possible so the impact on their business is clear and that is one of the shared challenges in the broader tech industry as well, to show the return on investment even when the investment is not tangible.

What are your thoughts on digital transformation within your industry?

Digital transformation is inevitably coming across all industries and the question is how quickly and efficiently companies can adopt it to meet the needs of their niche.

At Toshiba, we have evolved from a general electronics manufacturer to a global infrastructure systems and services company and our focus is enabling and accelerating the digital transformation initiatives of our clients.

Our Spinex service (a customisable IoT architecture interface) combines operational technology (OT) from the physical world with IT to maintain equipment and devices that support essential infrastructure. This is the ultimate evolution from a focus on hardware solutions to using data and digital software to fuel our customers’ business decisions.

We have taken to approaching business with a hybrid strategy. A manufacturer like Toshiba who owns OT DNA needs a hybrid business strategy, both to sell a product and a service subscription.

Most companies we are working with today are not heritage. This means our customers are also looking for our skill in using our hardware, which is what we provide with the Spinex interface.

Additionally, in terms of IoT services or subscription services, only dealing with our hardware is not enough, so we also have expanded our scope to work with third-party hardware and competitor hardware as well.

How can sustainability be addressed from an IT perspective?

To approach sustainability from an IT perspective means we must start looking at the ways technology not only itself must be more sustainable, but also how technology can help fuel sustainability initiatives.

For example, social infrastructure is in Toshiba’s DNA and management philosophy of ‘committed to people, committed to the future’, and the social infrastructure support that Toshiba services offer impacts many target areas for sustainability, including energy, social infrastructure, water treatment.

While there are certainly ways that sustainability can be directly addressed from an IT perspective, like reducing/recycling hardware or limiting energy consumption, it is also important that the IT industry considers how our services can be used to bolster the sustainability efforts of companies in the future using data, services and analytics.

Toshiba Group committed to a plan for sustainability in 2007 called Toshiba Group’s Environmental Future Vision 2050, a new long-term vision with a global perspective that responds to the drive for decarbonisation, the transition to a circular economy and a society that lives in harmony with nature.

We are focusing on three areas: climate change, the circular economy and ecosystems. Toshiba’s approach is two-fold: to approach sustainability in terms of the energy used and how that affects climate change, and then to create Earth-conscious products that are based on an assessment of customer value and environmental impacts.

We aim to enhance our eco-efficiency (measuring the environmental impact of a business process or product relative to its value) in both its energy services and electronic products worldwide.

What big tech trends do you believe are changing the world?

One of the most exciting trends to me is digital transformation and how we can utilise cyber physical systems to expand our data and analytics capabilities. We already have seen the widespread adoption of CPS in critical infrastructure – things including oil and water treatment.

As a part of CPS, we work with digital twins that allow us to improve our predictive capabilities and merge our physical systems with digital data, as well as apply AI technologies to solve complex hurdles.

Once we can mirror the physical into a digital space, the possibilities of the data and planning we can do with these models is game changing.

How can we address the security challenges currently facing your industry?

In the IIoT space, we are often working with social infrastructure – power plants, nuclear power plants, water plants – which are obviously critical pieces of society. Because of this, one major concern for our industry is how to keep up with the ever-developing world of security.

At Toshiba, we believe that this requires a multifaceted approach. As we see more companies adopt digital transformation, our security must evolve too to cover not only the secure management of data but also to make security a key consideration during the design of any product or service.

We also can and should use technology to our advantage in remotely monitoring products and services for security threats and quickly communicating for rapid response to issues.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

The post Toshiba CTO: ‘The possibilities of digital twins is game changing’ appeared first on Silicon Republic.

On World Password Day (today, 5 May) the three companies shared plans to support a common passwordless sign-in standard created by the FIDO Alliance and the World Wide Web Consortium.

These companies already support passwordless sign-in options, but usually require users to sign in to each website or app before they can use passwordless functionality.

Over the next year, the tech giants will expand this support and allow users to automatically access their FIDO sign-in credentials without having to sign in to every account. Users will also be able to use FIDO authentication mobile devices to sign in to an app or website on a nearby device, regardless of the operating system or browser they are running.

“This milestone is a testament to the collaborative work being done across the industry to increase protection and eliminate outdated password-based authentication,” Google senior director of product management Mark Risher said.

“For Google, it represents nearly a decade of work we’ve done alongside FIDO, as part of our continued innovation towards a passwordless future.”

FIDO, an open industry association that is looking to reduce reliance on passwords, described password-only authentication as “one of the biggest security problems” on the web. This is because many users end up reusing the same password across multiple services, which can lead to data breaches and account takeovers.

The alliance said that through expanded standards-based capabilities, users can sign in to accounts and apps by using the same action they take to unlock their devices, such as a fingerprint or a device PIN.

FIDO said this is more secure than passwords or “legacy multifactor technologies” such as one-time passwords being sent through email or text.

“Ubiquity and usability are critical to seeing multifactor authentication adopted at scale, and we applaud Apple, Google and Microsoft for helping make this objective a reality by committing to support this user-friendly innovation in their platforms and products,” FIDO Alliance CMO Andrew Shikiar said.

“This new capability stands to usher in a new wave of low-friction FIDO implementations alongside the ongoing and growing utilisation of security keys – giving service providers a full range of options for deploying modern, phishing-resistant authentication,” Shikiar added.

Many security experts are advocating for passwordless-authentication methods to minimise the risk of breaches. However, Craig Lurey, CTO and co-founder of cybersecurity company Keeper Security, told SiliconRepublic.com last year that “no matter how much we innovate, passwords are here to stay”.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

The post Apple, Google and Microsoft take new step towards a ‘passwordless future’ appeared first on Silicon Republic.

The figures released today (3 May) show electricity consumption by data centres increased by 32pc between 2020 and 2021. Data centre power usage rose 265pc between the first three months of 2015 and the last three months of 2021.

The figures also show the percentage of Ireland’s electricity consumed by data centres rose from 11pc in 2020 to 14pc in 2021. This percentage has been accelerating in recent years, as it was only 5pc in 2015.

Meanwhile, the CSO said that rural dwellings consumed 12pc of Ireland’s metered electricity last year, while urban dwellings consumed 21pc.

The figures show Ireland’s total metered electricity consumption increased by 16pc or 3,906 GWh between 2015 and 2021. The amount of electricity consumed by data centres last year was 3,993 GWh, an increase of 2,757 GWh compared to 2015.

Niamh Shanahan, statistician in the CSO’s environment and climate division, said these figures show “a steady increase from quarter to quarter”.

“The increase in consumption was driven by a combination of existing data centres using more electricity and new data centres being added to the grid,” she added.

Growing energy concerns

Data centres have grown into a contentious topic in Ireland due to their environmental impact and the toll they may take on the country’s energy supply.

The CSO released figures on their electricity consumption for the first time in January, showing the increased strain they have put on the country’s power grid in recent years.

Last year, grid operator EirGrid predicted “electricity supply challenges” for Ireland in the coming years in part due to the growth of demand driven by large energy users. It added that data centres could account for a quarter of the country’s electricity usage by 2030.

To ensure data centres do not put pressure on Ireland’s grid in a way that would see demand outstrip supply, the Commission for Regulation of Utilities issued new directions last November on connection applications from data centres for electricity grid operators.

These include assessing facilities based on their location as well as the ability to generate their own power and to power the grid in times of peak demand.

In January, Eirgrid confirmed that it will not connect new data centres in Dublin for the foreseeable future, saying that the area is already constrained and data centre applications will only be considered for other parts of the country on a case-by-case basis.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

The post Irish data centres consumed more electricity than rural dwellings in 2021 appeared first on Silicon Republic.

France is a certified information systems security professional (CISSP) with more than 25 years of experience building and leading diverse technology and security teams. Prior to joining (ISC)2, he led the industry security function at GSMA, the member-led organisation representing mobile operators and the wider telecommunications industry.

There, he was responsible for ensuring that the mobile sector anticipated and addressed security and fraud threats across the mobile ecosystem by working closely with operators, vendors, governments, regulators, standards bodies and industry leadership.

France is the first chief information security officer for (ISC)2 and was appointed to the role in January 2022.

In this position, his responsibilities include advocating for cybersecurity professionals and narrowing the skills gap, working with the organisation’s leadership and IT teams to ensure its operations are secure, and highlighting the wider cybersecurity profession and the value of training, skills and development.

‘Good security is effective, great security is seamless’
^{– JON FRANCE}

What are some of the biggest challenges you’re facing in the current IT landscape?

The complexity of systems and the volumes of data that systems now process, store and move, along with the nature of distributed systems. Technology stacks are diverse and complex, as well as geographically distributed, involving many vendors.

Coupled to this is ensuring appropriate controls, which requires the right skills and leadership. As a result, we have a few challenges such as systems complexity and diversity. The solution to these is risk management, ensuring you have the right people to address and a voice at the right level.

What are your thoughts on digital transformation in a broad sense within your industry?

The continued rapid digitisation of many industries, especially those that traditionally have not had to rapidly adopt deep digital business methods, but now must due to Covid-19, is driving demand for a broad diverse skilled IT and cybersecurity workforce.

At (ISC)2, our mission is to be a pivotal champion in developing and accrediting these skills, contributing to closing the workforce gap as well as building a pathway for people to get into cybersecurity.

More directly for our business, we have moved even more of our learning and services online to support our members and those pursuing a certification, building capability and capacity to support those changes.  

How can sustainability be addressed from an IT perspective?

The collective response to Covid-19 has demonstrated that many aspects of industry and services can deepen their digital footprint, gain efficiency and reduce the need for movement of people, so in one sense IT is helping in both dimensions.

Communications connect people globally to each other and to services with minimal effort – saving not only distance travelled but also the time taken to travel.

Movement of goods and physical items of course still happens, but is far more efficient through exploiting digitising logistics chains, using digital twinning to generate data and insights that can be used in modelling, and leveraging machine learning, etc.

Part of ensuring resilience in this area is also the ability to maintain and secure digital components, as well as having an appropriately skilled workforce.

What big tech trends do you believe are changing the world and your industry specifically?

There are many to choose from, but three are front of mind right now.

Machine learning and artificial intelligence are doing a great job at getting answers from large datasets, reducing the amount of time to get to insights. They’re also highly effective in the cybersecurity world for sifting through large logs and getting to possible internet of computing and internet of things issues.

Hyperconnectivity – all things connected to all things, again bringing us back to the IoT. This is really driving the world of efficiency and capability, as well as producing some of the key data that can be mined using ML/AI.

For the (ISC)2 mission, it’s about lowering the barrier to entry for people to get into and involved with cybersecurity at all levels.

How can we address the security challenges currently facing your industry?

Education, awareness, voice at leadership level and good risk management are all essential. Most of the security challenges are well known and already have proven solutions to the problem they pose. We just need the knowledge, understanding and discipline to implement and carry them out.

Good security is effective, great security is seamless. It is part of the engineering conversation, not applied to it. In operation, the basics – patching, removing defaults, knowing where your assets are, knowing what’s in your footprint – do make a significant positive difference. Importantly, stay curious and don’t ever think you have anything 100pc solved.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

The post (ISC)2 CISO: We aim to lower the barrier to entry in cybersecurity appeared first on Silicon Republic.

The findings have been published today (28 April) in PwC’s Global Economic Crime and Fraud Survey 2022.

Of the companies that reported experiencing financial crime in the last 24 months, 70pc said they were victims of fraud because of Covid-19 disruptions.

The report, which surveyed 1,296 business leaders across 53 countries, found cybercrime to be the leading overall cause of fraud.

While customer fraud previously held the top position, 42pc of large businesses reported that they experienced cybercrime over the past two years, compared to 34pc experiencing customer fraud.

Among large companies with revenues exceeding $10bn, 52pc said they had experienced fraud in this period and nearly one in five reported that their most disruptive incident had a financial impact of more than $50m.

For smaller companies, 38pc said they had experienced fraud and one in four reported total impact exceeding $1m.

Ireland on ‘high alert’ for cybercrime

Pat Moran, cybersecurity and digital forensics leader at PwC Ireland, said that ongoing environmental, geopolitical and financial instability is “creating a risk landscape that is more volatile than ever”, and that can be exploited by bad actors from external fraudster groups.

“Organisations need to be more agile than ever to respond to these converging threats and adopt new approaches and technologies to predict and prevent fraud,” he said.

While there was not enough data on Ireland in the report to extract specific figures, PwC Ireland said that the country has seen increased levels of cybercrime since the onset of the pandemic, particularly phishing and ransomware attacks.

Moran said this trend could be partially attributed to an increase in remote working as well as higher levels of sophistication seen among cybercriminal groups.

“We continue to be a target for cybercriminals due to our large concentration of foreign direct investment. Although the Government has recently strengthened our national defences, we continue to be on high alert.”

While cybercrime and customer fraud were found to be the leading types of financial fraud in PwC’s survey, other emerging areas such as digital platform fraud and ESG reporting fraud were also reported to be on the rise.

Deirdre McGrath, a partner in PwC Ireland’s forensics and transaction services team, said that companies need to start thinking more creatively in the face of growing external fraud to protect themselves.

“Understanding the end-to-end lifecycle of customer-facing products, striking the proper balance between user experience and fraud controls, and having a holistic view of data will help arm businesses in the never-ending fight against fraud,” she said.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

The post Cybercrime now leads the way in global financial fraud, finds report appeared first on Silicon Republic.

Three people familiar with an investigation into the matter told Bloomberg that these companies have all complied with fraudulent requests, though the number of successful requests is unclear.

Google confirmed to the publication that it uncovered a fraudulent data request last year, while other companies did not go into detail or refused to comment.

It was reported last month that Apple and Meta provided user data to cybercriminals last year who requested information using fraudulent ‘emergency data requests’, which can be made when officials require speedy access to data.

Sources told Bloomberg that it can be difficult for companies to know when they have been tricked in this manner, as the requests can look like they come from legitimate law enforcement agencies.

At that time, three people familiar with the matter told Bloomberg that hackers compromised law enforcement accounts and requested sensitive user data such as a customer’s address, phone number and IP address. They appeared to use the data mainly for financial fraud schemes.

In a further report published this week, sources told Bloomberg that personal information obtained in this method was used to befriend women and minors before encouraging them to provide sexually explicit photos.

If the demands weren’t met, hackers reportedly used harassment techniques, such as calling a fake threat to local law enforcement with the victim’s address or threatening to leak personal information online.

Newest criminal tool

Law enforcement officials and investigators told Bloomberg that the method has become more prevalent in recent months and appears to be the newest criminal tool being used to obtain personal information for both harassment and financial gain.

A Krebs on Security report published last month also said the tactic of compromising accounts tied to law enforcement and then sending unauthorised emergency data requests is becoming more common.

Tech companies have strict rules about who they hand out user data to. Usually, law enforcement officials can make requests for information as part of criminal investigations – but, in the US for example, must submit an official court-ordered warrant or subpoena.

However, an emergency request can be submitted in certain cases involving imminent danger, which can bypass official rules and court-approved documents. But hackers may now be trying to compromise this system.

Krebs on Security previously reported that at least one of the emergency requests for data sent to Discord was fulfilled.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

The post Big Tech data from fake legal requests reportedly used to harass minors appeared first on Silicon Republic.