Liberal Free Chat Zone

[EZ2]

The Morning Risk Report: Sony Debacle Starts New Age of Cyber Risk

DOW JONES & COMPANY, INC. 7:32 AM ET 12/19/14

Symbol Last Price Change
TGT 74.64up 0 (0%)
SNE 21.14 0 (0%)
BFFAF 86.1down 0 (0%)
QUOTES AS OF 04:02:53 PM ET 12/18/2014

Sony Pictures Entertainment Inc.'s cancelling of the release of "The Interview," after a devastating attack on its servers, signals the beginning of a dangerous new period of cyber risk, with experts fearing that hackers will become more successful at hijacking major business decisions.

In the past, hacker attacks usually meant stolen data, resulting in expensive breach notifications, harm to companies' reputations and class-action law suits from customers. But even the largest attacks, like last year's assault on Target Corp.(TGT), haven't caused companies to fearfully retreat from major investments. Cyber risk experts say they have only just begun to grasp how the incident will affect future threat calculus."Before today, the losses were the costs of doing a forensic investigation, breach notifications," said Paul Ferrillo , a cyber risk specialist at the law firm Weil Gotshal & Manges LLP. "Companies weren't thinking about 'what if my wind turbines go down, what happens if I can't show my movie." And few have plans in place to handle such major business disruptions.

What made the hacker onslaught against Sony(SNE) so damaging was the combination of terroristic threats against customers and the release of personal data about company executives themselves. The effectiveness of that campaign is already sending chills through corporate boardrooms, who fear that cyber attackers have set a precedent that could soon be repeated. The incident "empowers hackers to influence business decisions at publicly traded corporations," said Alba Alessandro, an attorney at Hodgson Russ LLP, specializing in cyber liability. "And that's very dangerous territory."

Readers can subscribe to The Morning Risk Report here: http://on.wsj.com/MorningRiskReportSignup Follow us on Twitter at @WSJRisk.

EXCLUSIVE ON RISK & COMPLIANCE JOURNAL

OECD slams Argentina. The Organization for Economic Cooperation and Development said Thursday it is "gravely concerned" about Argentina's commitment to fighting bribery. Argentina has no law to punish companies for foreign bribery or to prosecute its citizens who commit it overseas, the OECD said in its latest peer review report. Complex economic crime investigations face widespread delays, the judicial system is compromised and few companies have anti- foreign bribery measures beyond limited codes of ethics, the OECD said.

Brokers plead guilty over Venezuela bribery. The former chief executive and a former managing director of defunct broker-dealer Direct Access Partners pleaded guilty to their roles in a bribery scheme that stretched from Wall Street to Caracas.

Mother-in-law put under sanction. The U.S. Treasury Department said it placed Kingpin Act sanctions on the mother-in- law of a reputed drug trafficker, saying she held and concealed assets in her name on his behalf.

New terrorist listings. The U.S. State Department said Thursday it named an Egyptian extremist group and a senior adviser to al Qaeda's Yemen-based branch as terrorists.

Vote in our poll. What were the major compliance issues of 2014, who is the regulator you fear most. Vote on these and other questions.

COMPLIANCE

Thomas Kwok found guilty of corruption. A jury here found Thomas Kwok, the co-chairman of one of Hong Kong's biggest property developers, guilty in a corruption trial involving the city's former No. 2 official, but found his brother, Raymond, not guilty of all charges, the WSJ reports. After five days of deliberations, the court also found former Hong Kong Chief Secretary Rafael Hui, 66 years old, guilty, while two alleged intermediaries for the bribes were found guilty.

Alstom CEO: bribery settlement talks to conclude soon . Alstom SA's Chief Executive Patrick Kron said Friday that he expects talks with the U.S. Department of Justice will reach a settlement "very soon," the WSJ reports. The French company said Wednesday that it is in talks with the DOJ, confirming media reports earlier this week.

The memo that cost banks $37 billion. Assistant U.S. Attorney Richard Elias was leafing through a pile of J.P. Morgan Chase & Co. documents while tending to his newborn son in 2012 when he found something that came back to haunt the three largest U.S. banks, the WSJ reports. In a memo, one J.P. Morgan employee warned her bosses they were putting bad loans into securities being created before the financial crisis hit. The U.S. attorney's office in Sacramento, Calif., soon started sending subpoenas to J.P. Morgan officials tied to the memo. Three months later, top Justice Department officials in Washington told investigative teams across the country to hunt for similar ammunition in tens of millions of documents from other banks, especially Bank of America Corp. and Citigroup Inc. Mr. Elias's discovery has delivered a whopping payoff so far: $36.65 billion.

HK regulator says no evidence of forex rigging. Hong Kong's de facto central bank said it found no evidence of rigging in Hong Kong's foreign exchange benchmark following an 18-month investigation into the trading operations of 10 banks, Reuters reports. However, it identified "inappropriate" behavior by individual traders at Standard Chartered and Deutsche Bank.

Ally gets subpoena over auto finance. Ally Financial Inc. has received a subpoena from the U.S. Justice Department asking for information related to the bank's subprime automotive finance lending practices, the bank said, the WSJ reports. The Justice Department has also asked for information on the lender's related securitization activities, Ally said in a filing.

EPA set to release coal ash rules. Electric utilities are bracing for the first federal rules on how they handle the millions of tons of waste ash produced by coal-fired power plants, the WSJ reports. The regulations, due Friday, are aimed at coal ash stored as a slurry in about 700 earthen pits around the country. The Environmental Protection Agency agreed to issue the rules as part of a legal settlement after a 2008 accident in Harriman, Tenn., where a dam failed and 5.4 million cubic yards of wet ash covered about 300 acres and flowed into two rivers.

HK may regulate persons in OTC derivatives. Hong Kong regulators may soon regulate systemically important persons as they seek to ensure that non-financial institution entities holding significant positions in over-the-counter derivatives do not cause instability to the financial system, Thomson Reuters reports. The Hong Kong Monetary Authority and the Securities and Futures Commission have said that they will consult the market further in the first quarter of 2015 on the oversight of SIPs as part of their continuing reform of Hong Kong's OTC derivatives regulation.

Wal-Mart accused of withholding documents . Wal-Mart Stores Inc. was accused by investors of ignoring a court order to turn over more internal files on what directors knew about claims that officials handed out bribes to facilitate Mexican real-estate deals in an effort to build the chain's presence in the country, Bloomberg reports. Officials of the world's largest retailer should be ordered to pay more than $1 million in sanctions for ignoring a Delaware Chancery judge's demand to provide more documents and e-mails about the internal probe of the bribery allegations, according to a pension fund that contends Wal-Mart directors didn't properly oversee company operations. The company said today said it had worked hard to comply with the court order on the Mexican bribery files.

Alleged terrorist group denied fundraising. An organization that was formally branded a terrorist group last spring has been denied permission by Public Safety Minister Steven Blaney to raise money to fight the move, Canadian Press reports. The Canadian branch of the International Relief Fund for the Afflicted and Needy is asking the Federal Court of Canada to set aside Blaney's decision as unconstitutional and affirm its right to solicit funds to pay a lawyer.

RISK

BASF, Gazprom cancel deal . Germany'sBASF SE(BFFAF), the world's largest chemical company by revenue, and Russia's OAO Gazprom have called off an asset-swap deal amid mounting political tensions between Russia and the West, BASF said Thursday, the WSJ reports. The collapse of the deal means BASF now expects an only "slightly higher" increase in earnings before interest and taxes for 2014, rather than the "considerable rise" the company previously forecast, as it won't collect expected income from the transaction.

DATA SECURITY

U.S. seeks EU immunity for tech companies. The U.S. is attempting to secure immunity from investigation for online security breaches by major U.S. companies under negotiations between Washington and Brussels, according to leaked documents seen by the Guardian. Such a deal would prevent US companies that were operating inside the EU from being prosecuted by regulators or law officers for data breaches or claims of negligence in the host country, forcing European governments to pursue cases in the US courts.

Sony (SNE) hackers may have lurked for months . Hackers who broke into Sony Corp.'s(SNE)Hollywood unit probably spent months collecting passwords and mapping the network before they committed a last act of vandalism, setting off a virus that wiped out data and crashed the system in 10 minutes, Bloomberg reports. Trend Micro Inc. arrived at these conclusions after running simulations on a copy of the virus that struck Sony Pictures Entertainment's computers.

German iron plant harmed by hackers. A German federal agency has acknowledged in a report Wednesday that a cyberattack caused physical damage to an iron plant in the country. It was a rare admission by a government tying a cyber action to actual physical destruction, the WSJ's CIO Journal reports. The attackers gained access to an unnamed plant's office network through a targeted malicious email and were ultimately able to cross over into the production network. The plant's control systems were breached which "resulted in an incident where a furnace could not be shut down in the regular way and the furnace was in an undefined condition which resulted in massive damage to the whole system," according to the report, called the IT Security Situation in Germany in 2014.

GOVERNANCE

Hedge fund governance progresses . Hedge Week looks at developments in hedge fund governance, including more independent boards and more attention paid to governance at the Master Fund level.

Access Investor Kit for BASF SE(BFFAF)

Visit http://www.companyspotlight.com/partner?cp_code=P479&isin=DE000BASF111

Access Investor Kit for Sony Corp.(SNE)

Visit http://www.companyspotlight.com/partner?cp_code=P479&isin=JP3435000009

Access Investor Kit for BASF SE(BFFAF)

Visit http://www.companyspotlight.com/partner?cp_code=P479&isin=US0552625057

Access Investor Kit for Sony Corp.(SNE)

Visit http://www.companyspotlight.com/partner?cp_code=P479&isin=US8356993076

Access Investor Kit for Target Corp.(TGT)

Visit http://www.companyspotlight.com/partner?cp_code=P479&isin=US87612E1064


(END) Dow Jones Newswires
12-19-140732ET
Copyright (c) 2014 Dow Jones & Company, Inc.