Malaysian tycoon wanted by US in 1MDB scandal fights back
By ELAINE KURTENBACH
AP Business Writer
Friday, November 2
The young Malaysian tycoon wanted by the U.S. for his alleged role in ransacking a state investment fund says he’s innocent, and he’s been fighting back against the allegations while in hiding.
For 36-year-old Taek Jho Low, or Jho Low, it’s a far cry from earlier days of partying with jet-set celebrities like Paris Hilton in Las Vegas and Saint Tropez.
On Thursday the Justice Department charged Low for alleged involvement in a money laundering and bribery scheme that pilfered billions of dollars from Malaysia’s 1MDB investment fund. Prosecutors announced a three-count indictment against Low in the first charges arising from the epic corruption scandal at the now-insolvent state investment fund.
A Malaysian-Chinese born on the island of Penang whose grandfather was born in southern China’s Guangdong, Low describes himself on his website Jho-Low.com as a “global investor and philanthropist” with experience in many companies, financings and projects in media, entertainment, retailing, hospitality and real estate. The website mentions his support of the Gabrielle’s Angel Foundation, which funds research into cancer treatment and prevention.
Educated at Harrow, an elite British prep school, and later at Wharton, his family is said to have made its fortune in mining, trading and garment manufacturing.
Low has chafed over criticism of his partying and playboy lifestyle and vehemently objected to the recently published book “Billion Dollar Whale,” which says it tells the inside story of Low and 1MDB.
In a video to promote his family’s company, Jynwel, Low said he early on wanted to be a brain surgeon but gradually grew more interested in business and politics while attending meetings with his father.
He said he “finally landed on business because it was a good combination between the ability to influence change and also the ability to help people.” His company, he said, was interested both in sustainable development and social development.
In its LinkedIn profile, Jynwel Capital describes itself as an international private equity investment and advisory firm with 10-50 employees. It says it cultivates lifelong relationships with “significant investors such as leading sovereign wealth funds, major international investment companies and large family enterprises.”
The company’s own website is “undergoing major reconstruction.”
In a statement dated Nov. 1 that reiterated earlier comments, Low asked that people “keep an open mind” and said evidence will vindicate him.
He said billions in bond offerings detailed in the DOJ indictment were “undertaken openly and lawfully between experienced, well-regulated financial institutions and government entities.”
Low held no formal position at the 1MDB fund, which is insolvent but still exists pending payment of its billions of dollars in debts. The U.S. Justice Department says he had considerable influence over its dealings.
At Harrow he became friends with Riza Aziz, stepson of former Malaysian Prime Minister Najib Razak, who set up 1MDB to support the country’s economic development. Najib was ousted in an election upset in May after former leader Mahathir Mohamad, outraged by the scandal, came out of political retirement. The 93-year-old Mahathir is now prime minister and reopened the probe into the 1MDB fund, and Najib is facing criminal charges.
While his lawyers fight to have the charges against him dismissed, Low’s whereabouts are unknown.
In earlier statements, Low said he would not “submit to any jurisdiction” where he could not get a fair trial, especially Malaysia.
Mahathir has urged Low to return to Malaysia to sort out the legal issues. His government has put his luxury yacht, the Equanimity, on auction to help recoup some of the huge debts created by 1MDB.
“They would like to get Jho Low to put him on trial but he is nowhere to be seen,” Mahathir said Friday, referring to U.S. authorities. “We would like to get Jho Low; we have several charges against him.”
“Before, he was a man of the world, flitting around the world in jet planes and the Equanimity and living a great life, but now he has to hide like a mouse,” he said.
Justice Department documents cite multiple instances in which Low allegedly siphoned funds from bond offerings for kickbacks and bribes to Malaysian officials. They say many of the transactions were done through shell companies, which often are used to obscure origins and destinations of illicit activities.
But the documents emphasize that the charges are allegations and that Low and a former banker arrested this week in connection with the case, Ng Chong Hwa, “are presumed innocent until proven guilty beyond a reasonable doubt in a court of law.”
Singapore has fined eight banks for failing to carry out proper anti-money laundering measures in relation to 1MDB and ordered prison sentences for several bankers. It has seized 240 million Singapore dollars ($180 million) of property and cash and says about half of that belonged to Low and his immediate family.
30 years ago, the world’s first cyberattack set the stage for modern cybersecurity challenges
November 1, 2018
Associate Professor of Business Law and Ethics; Director, Ostrom Workshop Program on Cybersecurity and Internet Governance; Cybersecurity Program Chair, IU-Bloomington, Indiana University
Disclosure statement: Scott Shackelford does not work for, consult, own shares in or receive funding from any company or organization that would benefit from this article, and has disclosed no relevant affiliations beyond their academic appointment.
Partners: Indiana University provides funding as a member of The Conversation US.
Back in November 1988, Robert Tappan Morris, son of the famous cryptographer Robert Morris Sr., was a 20-something graduate student at Cornell who wanted to know how big the internet was – that is, how many devices were connected to it. So he wrote a program that would travel from computer to computer and ask each machine to send a signal back to a control server, which would keep count.
The program worked well – too well, in fact. Morris had known that if it traveled too fast there might be problems, but the limits he built in weren’t enough to keep the program from clogging up large sections of the internet, both copying itself to new machines and sending those pings back. When he realized what was happening, even his messages warning system administrators about the problem couldn’t get through.
His program became the first of a particular type of cyber attack called “distributed denial of service,” in which large numbers of internet-connected devices, including computers, webcams and other smart gadgets, are told to send lots of traffic to one particular address, overloading it with so much activity that either the system shuts down or its network connections are completely blocked.
As the chair of the integrated Indiana University Cybersecurity Program, I can report that these kinds of attacks are increasingly frequent today. In many ways, Morris’s program, known to history as the “Morris worm,” set the stage for the crucial, and potentially devastating, vulnerabilities in what I and others have called the coming “Internet of Everything.”
Unpacking the Morris worm
Worms and viruses are similar, but different in one key way: A virus needs an external command, from a user or a hacker, to run its program. A worm, by contrast, hits the ground running all on its own. For example, even if you never open your email program, a worm that gets onto your computer might email a copy of itself to everyone in your address book.
In an era when few people were concerned about malicious software and nobody had protective software installed, the Morris worm spread quickly. It took 72 hours for researchers at Purdue and Berkeley to halt the worm. In that time, it infected tens of thousands of systems – about 10 percent of the computers then on the internet. Cleaning up the infection cost hundreds or thousands of dollars for each affected machine.
In the clamor of media attention about this first event of its kind, confusion was rampant. Some reporters even asked whether people could catch the computer infection. Sadly, many journalists as a whole haven’t gotten much more knowledgeable on the topic in the intervening decades.
Morris wasn’t trying to destroy the internet, but the worm’s widespread effects resulted in him being prosecuted under the then-new Computer Fraud and Abuse Act. He was sentenced to three years of probation and a roughly US$10,000 fine. In the late 1990s, though, he became a dot-com millionaire – and is now a professor at MIT.
The internet remains subject to much more frequent – and more crippling – DDoS attacks. With more than 20 billion devices of all types, from refrigerators and cars to fitness trackers, connected to the internet, and millions more being connected weekly, the number of security flaws and vulnerabilities is exploding.
In October 2016, a DDoS attack using thousands of hijacked webcams – often used for security or baby monitors – shut down access to a number of important internet services along the eastern U.S. seaboard. That event was the culmination of a series of increasingly damaging attacks using a botnet, or a network of compromised devices, which was controlled by software called Mirai. Today’s internet is much larger, but not much more secure, than the internet of 1988.
Some things have actually gotten worse. Figuring out who is behind particular attacks is not as easy as waiting for that person to get worried and send out apology notes and warnings, as Morris did in 1988. In some cases – the ones big enough to merit full investigations – it’s possible to identify the culprits. A trio of college students was ultimately found to have created Mirai to gain advantages when playing the “Minecraft” computer game.
Fighting DDoS attacks
But technological tools are not enough, and neither are laws and regulations about online activity – including the law under which Morris was charged. The dozens of state and federal cybercrime statutes on the books have not yet seemed to reduce the overall number or severity of attacks, in part because of the global nature of the problem.
There are some efforts underway in Congress to allow attack victims in some cases to engage in active defense measures – a notion that comes with a number of downsides, including the risk of escalation – and to require better security for internet-connected devices. But passage is far from assured.
There is cause for hope, though. In the wake of the Morris worm, Carnegie Mellon University established the world’s first Cyber Emergency Response Team, which has been replicated in the federal government and around the world. Some policymakers are talking about establishing a national cybersecurity safety board, to investigate digital weaknesses and issue recommendations, much as the National Transportation Safety Board does with airplane disasters.
More organizations are also taking preventative action, adopting best practices in cybersecurity as they build their systems, rather than waiting for a problem to happen and trying to clean up afterward. If more organizations considered cybersecurity as an important element of corporate social responsibility, they – and their staff, customers and business partners – would be safer.
In “3001: The Final Odyssey,” science fiction author Arthur C. Clarke envisioned a future where humanity sealed the worst of its weapons in a vault on the moon – which included room for the most malignant computer viruses ever created. Before the next iteration of the Morris worm or Mirai does untold damage to the modern information society, it is up to everyone – governments, companies and individuals alike – to set up rules and programs that support widespread cybersecurity, without waiting another 30 years.
Jon Richfield, logged in via Facebook: These things have been worrying me for years; I am old enough to remember the Morris worm, though I did not suffer its consequences personally.
But I do remember worrying how vulnerable our reliance on the Internet and how sloppily it is used, leave major nations in war. I desperately hope that the US and other major notionally free nations have some sort of fall-back scheme in case of such a disaster, because it seems inconceivable that any major opponent would be too ignorant or incompetent to prepare such options for a Pearl Harbour attack on a smugly vulnerable nation.
Hoping is not likely to be enough.
And look at what the Frump is doing about it; elaborately thinning out the ranks of US allies with economic bullying and pointless insult, to the extent that hangers-on are seeking economic independence from the US, and cooperation with erstwhile enemies. China and Russia for example even held joint military exercises, and they are pursuing lines of development of products that currently they get largely from the US. If anyone presses the wrong button, the US Internet is likely to become the first casualty in the armed forces and the country’s economic security.
What an opportunity for the coalmines though; no one would bother to waste any effort on them! We will be able to rely on coal-fueled jets, navy, and tanks again. But where will we get our buggy whips for our land transport?