BOMBING at BUDAPEST BANK BEGS ANSWERS

Here at SCI we do not work by way of body counts but we focus on areas where our teammates and clients may be working or their families shopping and enjoying life – unaware of the Damoclean threat hanging over them.

MID-DAY Monday 13 January 2014 – Downtown Budapest, Hungary

An unlikely ‘random’ bomb was apparently thrown in front of a Magyar National Bank (CIB) by a rider on a motorcycle who fled the scene at a high speed. No initial reports of injuries. Questions remain.

This report will examine the implications of the following scenarios for the investigation: the intricate web of Hungarian national government control of banking; Hungary versus the EU in banking regulation conflicts; national banks competing with foreign banks for dominance in Magyar markets and the possibility of a random bomber attempting simply to create mayhem in the city center with the complicated bank issues and investigations as a carefully chosen ruse.

For nationals and those living or visiting Budapest in the short-term, this report offers a new reality based on the introduction of a threat requires personal vigilance and mental preparation.

Should bombings continue – Avoid high risk areas as future events identify those locations.

1.    Maintain a watchful eye whenever in a public place

2.    Particularly watch for the M.O. of a person on a motorcycle carrying a satchel ready to throw

3.    Watch your children and be ready to seek cover if needed

 

 

 

 

 

 

 

 

 

THE INVESTIGATION

Why? And why CIB? Two primary questions that require context. It follows:

The recent violence in downtown Budapest is so much an anomaly that it would be easy to bypass the mention of it. International media outlets, if they carried the bombing at all, had just a very short blurb between the sports scores and the weather. The major intelligence sources noted it, but in a simple chronology of ‘what’s happening around the world.’ Unfortunately, the news of terrorist attacks in the world has become common place. The media assigns priority to stories based on body counts and when violence, as in Budapest, comes away with no one dead, it goes to the bottom of the news headlines list. Here at SCI we do not work by way of body counts but we focus on areas where our teammates and clients may be working or their families shopping and enjoying life – unaware of the Damoclean threat hanging over them. Such was the case Monday when a suspect, seen fleeing the scene on a motorcycle drove past the CIB bank building in downtown Budapest. SCI sources are working on providing more details on the location of the branch office. (See map)

Map of CIB sites in Budapest
Map of CIB sites in Budapest

 

 

As recently as February 2012, Hungarian Central Bank was involved in complex political maneuvering regarding the inter-connectedness between the national government and the operation of the bank. The prime minister held the power to dismiss the head of the Data Protection Agency, Judges and to vacate laws that made CIB an ex-officio part of the national government. Government officials wanted, at that time, to require that bank officers take oaths of office and acquiesce to salary caps determined by the government. The appearance of impropriety and the allegations of corruption for some time has led Hungarians to be concerned about the CIB interconnectedness with the national government.

The 2012 political drama was followed by intercession from European officials who saw the Hungarian government’s controlling power over the CIB as a major hurdle for the nation to receive full membership in the EU. In April of 2012, European officials were notified that the Hungarian Economy Ministry had drafted legislation that amended previous laws which the EU believed limited the independence of the CIB to operate within the EU trade markets. Two immediate changes were to eliminate the requirement for a member of the national government to be present for meetings of the bank’s business. The law also eliminated the requirement that minutes of all meetings be copied to a member of the national government. Perhaps the most extensive and politically challenging issue was that the agency was pressed to drop its move for a constitutional amendment that would have permanently  merge the bank with the country’s financial regulator, making the bank an official arm of the national government. These changes were submitted to the European Commission and are under review to determine to what degree these changes will enhance the country’s bid for full membership in the EU.

That returns the discussion back to the two questions: Why? Why CIB? The second question is perhaps the easier of the two to answer. The CIB may have been singled out for the terrorist bombing simply because of its relationship to Hungary’s national government. No other bank in Hungary is entangled with the government as deeply as CIB. International banks and financial institutions of all kinds flocked to Hungary after the Cold War but now operate throughout the city center and beyond with ever-increasing difficulty and financial losses. Many of the international banks and financial institutions are looking for ways out of the financial messes they have encountered while in Hungary. (More on that to follow.)

MNB What does the Hungarian government say about their relationship with the Magyar Nemzeti Bank?  ‘The primary objective of the MNB shall be to achieve and maintain price stability. Without prejudice to its primary objective, the MNB shall support the economic policy of the Government using the monetary policy instruments at its disposal.’ (Stratfor)

“The Magyar Nemzeti Bank” is the Hungary National Bank which is also known as the CIB.

 CIB logo

According to the Act CXXXIX of 2013 on behalf of the Magyar Nemzeti Bank (MNB) which went into effect 1 October 2013: The Hungarian Financial Supervisory Authority and the MNB are integrated into one institution. Understanding that, the MNB reports that the European Supervisory and Market Authority has begun work on a reports on market abuse which may take into consideration the intra-relationship between the HFSA and the MNB (CIB).

Some background on the ESMA reveals that: ESMA is an independent EU Authority that was established on 1 January 2011 and works closely with the other European Supervisory Authorities responsible for banking (EBA), and insurance and occupational pensions (EIOPA), and the European Systemic Risk Board (ESRB). Its mission is to enhance the protection of investors and promote stable and well-functioning financial markets in the European Union (EU). As an independent institution, ESMA achieves this aim by building a single rule book for EU financial markets and ensuring its consistent application across the EU. In this current investigation for it s report on abuses, among other issues the ESMA is focused on:

• Indicators and signals of market manipulation;

    • Criteria to establish Accepted Market Practices;

    • Arrangement, systems and procedures to put in place for the purpose of suspicious  transactions and order reporting as well as its content and format;

     • Issues relating to public disclosure of inside information and the conditions for delay;

In a SITREP just issued today, intelligence sources in the United States report that Hungary is trying to gain more control over its banking sector. On Jan. 5, Hungarian media reported that Szechenyi Bank, which is partly controlled by the Hungarian government, has made a bid for the Hungarian branch of Austria’s Raiffeisen Bank. Unconfirmed rumors also suggest that another Austrian bank, Erste Bank AG, could receive a bid from the state. The rumors come as Gyorgy Matolcsy, the head of the Hungarian central bank announced that four major foreign banks could leave Hungary in the next year and a half.

In the coming months, Budapest will continue its efforts to put more foreign-operated banks in Hungarian hands. Rather than expropriating banks directly, the government is more likely to execute its strategy incrementally, pressuring banks to deleverage their assets so that Budapest and local companies can buy them out relatively cheaply. Mostly it will do so with the help of domestic businessmen closely tied to the government. This strategy is just one aspect of a broader evolution in Hungary’s foreign and domestic policies, which increasingly deviate from those of the European Union

Foreign banks account for roughly two-thirds of the Hungarian market, and with the exception of the country’s largest lender in terms of assets – OTP, most of the major banks are foreign-owned.


The European crisis changed this dynamic. From a purely financial perspective, the devaluation of the Hungarian forint created serious problems for foreign banks operating in Hungary. Most of these institutions used to offer loans — most notably, mortgages — denominated in euros or Swiss francs. As people became increasingly incapable of repaying their loans, the Hungarian government passed two series of measures (in 2011 and 2013) that converted some of those loans to forints at a lower exchange rate. Brussels criticized Hungary, but it did not actually punish the government for converting the loans.

Could there be a link between the European based ownership of the majority of Hungarian banks, the expected hostile appropriation of these banks by both the Hungarian government and business resources inside Hungary loyal to the government and the terrorist attack on 13 January 2014?

Is it possible that a non-aligned actor, driven by the mortgage crisis be responsible?

Could it be not financially motivated at all but rather simply a random act of violence which either used the bank/government political crisis as a ruse or it was simply a coincidence that it was in front of CIB?

 

As of this report, no group has claimed responsibility for the bombing.

 

Additional Information

percent of total assets

 

Hungarian Bank

(Note: Intelligence and analysis supplied in part by STRATFOR)

Safety on the WEB

spiderman Not every threat on the web will be obvious to you. Very few will look like this evil looking ‘Spidey’ knock-off. Most will be very much more like your sweet old uncle or a really amazing looking young, beautiful co-ed that for some reason thinks you are her only reason for living! A look at some recent data will be helpgrandfather-and-granddaughter-family-lifestyleful in understanding the nature of stalkers and other criminal ‘entrepreneurs.’ Beside the typical identity theft issues, persons like this young female may be attempting to use what is called legally as ‘undue influence’ where they step into a typically elderly person’s life who is lonely, less capable of decision making and they guide the decisions to their own benefit, often taking all the life savings and having the Last Will and Testament rewritten to their own advantage. SCI is going to review just a few one the issues currently hitting internet users which is called a new type of downloader.

The following report by Dr. Brett Stone-Gross and Russell Dickerson of the Dell Secure Works Threat Unit outlines a downloader threat that is currently loose within the cyber-world:

The Gameover ZeuS trojan, also known as Peer-to-Peer (P2P) ZeuS, is one of the largest and most sophisticated botnets involved in online banking fraud. The botnet operators are very well connected in the underground community, and they rely upon a variety of tools and services provided by other cybercriminals to run their operation. In particular, the group regularly uses the Cutwail spam botnet to lure new victims and the Pony Loader malware to steal credentials and download additional malware, including Gameover ZeuS. In August 2013, the Dell SecureWorks Counter Threat Unit™ (CTU) research team discovered that in addition to the Pony Loader, the group is using a new downloader known as Upatre to distribute its malware. The downloader has a small file size and is extremely simple, implementing its functionality entirely in a single function. It downloads and executes a file from a hard-coded URL over an encrypted Secure Sockets Layer (SSL) connection from a compromised web server and then exits. Figure 1 diagrams the malware distribution process.

The Gameover ZeuS botnet operators distribute both Pony Loader and the Upatre downloader through spam emails sent by the Cutwail botnet. Many lures have used social engineering techniques by impersonating financial institutions and government agencies to trick a victim into executing the malware. The spam emails have an embedded malware executable in a ZIP attachment, so user interaction is required to infect the system. Figure 2 shows an example spam email containing the Upatre downloader as an attachment.

Technical information can be found at: URL: http://www.secureworks.com/cyber-threat-intelligence/threats/analyzing-upatre-downloader/

SCI and the CTU research team advises organizations to remain vigilant and to deploy a defense-in-depth strategy that includes the following components:

  • Educate employees about the dangers of clicking on links and attachments in emails.
  • Filter email / scan email file attachment contents and consider blocking executable file types (including those found in ZIP attachments).
  • Deploy advanced malware protection devices in-line with incoming email streams containing malicious file attachments as well as subsequent file downloads.
  • Implement end-point controls on users’ computers to help limit opening of malicious file attachments and to catch malware installation / execution.
  • Apply post-infection controls such as firewall policies, web proxies, file downloads over HTTPS, and associated log monitoring to identify anomalies.
  • Keep antivirus, operating system, and browser software up to date.

This cyber-report is courtesy of Dell Secure Works at www.secureworks.com and is simply one of the threats that are currently out in the cyber-world preying on those who are browsing the web without the appropriate protecting software and without using some common sense in not opening emails with attachments that are suspicious.

Security Consulting Investigations, LLC is pleased to introduce SecCom 360 –  a video/audio communications system that is web based yet 100 per cent safe, not only protected by what we have dubbed ‘above military grade’ secure encryption but also with Cyber Agents that guard each com-meeting to prevent hackers and other cyber interlopers.

 

Watch for further information from SCI as Sec Com 360 is launched for 2014!

SCI – Building for Tomorrow – Today!

Follow SCI at www.security-consulting.us under NEWS for recent cyber-world updates and current threats. InSCIghts also on www.security-consulting.us provides current issues in law enforcement, security concerns, and cyber-world threats as well as comment on international terrorism.

You can also reach SCI at 330-956-9561 or at inquiry@security-consulting.us