A few notes on surveillance open a slow news week.
Google alleges that France's Agence Nationale de la Sécurité des Systèmes d'Information (ANSSI) has created unauthorized digital certificates for some Google domains. ANSSI says it was a glitch—"human error, which was made during a process aimed at strengthening overall IT security."
Svierges Television reports that Swedish government surveillance of Russian targets (specifically in the energy industry) was significantly an industrial espionage campaign.
The New York Times reports that GCHQ and NSA have been monitoring the MMORGPs (massively multiplayer online role-playing games) Second Life and World of Warcraft. The headline makes the effort sound rather insane ("Elves and Trolls"), but MMORGPs could easily lend themselves to terrorist communication, hence their attractiveness as surveillance targets.
The SANS Institute reports a suspected active Bovnix botnet controller. The Royal Bank of Scotland group remains under sporadic attack—an attempt on NatWest disrupts Ulster Bank's online services. Trend Micro claims to have identified a cyber criminal gang responsible for recent exploits using Ice IX and Zbot. The gang's center is Nigeria, but has international reach.
Religious-themed apps have been seen leaking user data to third parties. Some of this is an "affinity scam"; treat such apps with appropriate circumspection.
Huawei ups its position in the South Korean market. In the US, Ixia completes acquisition of Net Optics, Inc.
The US Administration continues to mull changes to surveillance policy. That policy continues to drive trends toward IT protectionism and autarchy.
Anonymous PayPal DDoS hackers plead guilty.
Today's issue includes events affecting China, European Union, France, Republic of Korea, Nigeria, Russia, Sweden, United Kingdom, United States..
Sweden engaged in industrial espionage against Russia — report(Russia Today) Sweden's intelligence agency has not only spied on Russian leadership, sharing intelligence with the NSA, but also apparently engaged in industrial espionage against business targets such as Russia's energy companies, Sveriges Television reports
Spies' Dragnet Reaches a Playing Field of Elves and Trolls(New York Times) Not limiting their activities to the earthly realm, American and British spies have infiltrated the fantasy worlds of World of Warcraft and Second Life, conducting surveillance and scooping up data in the online games played by millions of people across the globe
Suspected Active Rovnix Botnet Controller(Internet Storm Center) We have received information about a suspected Rovnix botnet controller currently using at least 2 domains…pointing to the same IP address of 18.104.22.168 (AS 44050)
How Threats Disguise their Network Traffic(TrendLabs Security Intelligence Blog) Threats have evolved to try and circumvent advances in analysis and detection. Every improvement by security vendors is met with a response from cybercriminals. Stuxnet, for example, paved the way for the other threat families to use the LNK vulnerability. Using Conficker/DOWNAD popularized the use of a domain generation algorithm (DGA). This is now used by other malware families as well, including ZeroAccess and TDSS
A Virus Of Biblical Distortions(Dark Reading) In the summer of 2010, security researchers serendipitously discovered Stuxnet, a highly sophisticated cyberweapon deeply embedded within Iranian computers. The weapon's main function was to attack the gas centrifuges used by the Iranians for uranium enrichment, believed to be part of an effort to build nuclear weapons in defiance of a resolution by the United Nations Security Council
Airlines fight cyberattacks(Free Lance-Star) Worried that computer hackers attacking banks and media companies could easily shift targets, the airline industry is taking preemptive steps to ensure it doesn't become the next victim
Cybercrime ignorance is a serious risk(Help Net Security) Organizations who fail to recognize the threat posed by cyber crime are putting the livelihoods of stakeholders and customers at serious risk, and those organizations that regularly suffer breaches need to be publicly named and shamed with severe consequences for serial offenders, according to Simon Bain, founder of Simplexo
HP, VMware, Google cashing in on end of support for Windows XP(ComputerWorld) Microsoft, as we all know by now, formally announced that it will wash its hands off XP as soon the month of April is torn off the 2014 Calendar. Not only did this announcement lead Microsoft to commission a study, whose results threatened multi-crore losses for Indian banks but it also led them to use the popular micro-blogging site Twitter to warn users off XP with a #SwitchfromXP hashtag
Technologies, Techniques, and Standards
How can I keep API keys out of source control?(Ars Technica) If you want to use a free source control service, there are still a few options. I'm working on a website that will allow users to log in using OAuth credentials from the likes of Twitter, Google, etc. To do this, I have to register with these various providers and get a super-secret API key that I have to protect with pledges against various body parts. If my key gets ganked, the part gets yanked
BYOD Should Begin with Business Case(eSecurity Planet) Despite the risks of not making security policies central to enterprise BYOD and mobility programs, many organizations are ignoring this best practice
Want better passwords? Follow the lead of 1Password and make it easier for people(CSO) As the spate of password breaches continues, the challenge is how quickly news of each new attack fades into the background as noise. It makes it even harder to connect with people and convince them to take action. Shift to providing value to others by guiding them on when and how to act -- by sharing information and tools from experts who already invested the time to make it understandable and actionable
A Fistful of Bitcoins: Characterizing Payments Among Men with No Names(CSEWeb UC San Diego) Bitcoin is a purely online virtual currency, unbacked by either physical commodities or sovereign obligation; instead, it relies on a combination of cryptographic protection and a peer-to-peer protocol for witnessing settlements. Consequently, Bitcoin has the unintuitive property that while the ownership of money is implicitly anonymous, its flow is globally visible
Legislation, Policy, and Regulation
Building walls in the cloud(Global Post) When former NSA Edward Snowden leaked secrets of the US agency's massive surveillance operations this summer, he prompted a global review of just how secure electronic data is
Tech Companies Outline More NSA Reform Demands(TechCrunch) Before Congress's holiday recess, Silicon Valley's major tech companies have renewed calls for surveillance reform. Executives from Google, Apple, Yahoo, Microsoft, Linkedin, Twitter, and (TechCrunch parent company) Aol have put their weight behind the Reform Government Surveillance coalition, publishing an open collective letter to Congress and
Morale hits new low at NSA after Snowden leaks(Voice of Russia) Morale at the US spying service, the National Security Agency (NSA) has hit a new low as staff believe they have not received the full support of President Obama. Although he defended the agency following the leaks of whistleblower Edward Snowden - now in Moscow - he has failed to make a visit to the NSA HQ
Intel Contractors Give Millions to Lawmakers Overseeing Government Surveillance(Kitsap Sun) In response to documents leaked by former National Security Agency contractor, Edward J. Snowden, the congressional committees in charge of overseeing the government's intelligence operations have come to the defense of the surveillance and data collection programs, and the agencies that administer them. The House Permanent Select Committee on Intelligence and the Senate Select Committee on Intelligence have rejected attempts to reform the programs while advancing legislation to bolster their legal status and providing a funding boost to the National Security Agency
NSA Defends Global Cellphone Tracking Legality(AP via Hispanic Business) The National Security Agency on Friday said its tracking of cellphones overseas is legally authorized under a sweeping U.S. presidential order. The distinction means the extraordinary surveillance program is not overseen by a secretive U.S. intelligence court but is regulated by some U.S. lawmakers, Obama administration insiders and inspectors general
Rand Paul: I'll Take Privacy Fight to Supreme Court(NewsMax) Sen. Rand Paul, R-Ky., says it is time the country re-examines the Constitution's Fourth Amendment in light of recent revelations that the National Security Agency is mining data from millions of cellphones worldwide
The spying game: Companies monitor activists because they can(Grist) Back in the '40s, my grandmother lost her scholarship to college after the school found out she had attended a meeting run by a communist organization. Whoever made the call that my grandmother was a communist rabblerouser no longer deserving educational subsidy was clearly acting on bad intel. It would be hard to think of a more terrible communist than my grandmother: She loved playing the stock market
How business can shed light on the 'dark net'(CNBC) Law enforcement agencies around the world have been calling on the tech industry to help eradicate the so-called "dark net" – the hidden, unregulated online marketplace for counterfeit goods, drugs, hitmen and child abuse
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
World Congress on Internet Security(London, England, UK, December 9 - 12, 2013) The WorldCIS-2013 is an international forum dedicated to the advancement of the theory and practical implementation of security on the Internet and Computer Networks. The inability to properly secure the...
ACSAC 2013(New Orleans, Louisiana, USA, December 9 - 13, 2013) The Annual Computer Security Applications Conference (ACSAC) is an internationally recognized forum where practitioners, researchers, and developers in information and system security meet to learn and...
Cylance Talk: Risk Does Not Equal Threat(Arlington, Virginia, USA, December 10, 2013) Attacks, malware and careless users may trigger alarm bells, but that does not mean your business is in danger. Compliance and risk management requirements, while necessary, result in additional work,...
2013 ASE International Conference on Cyber Security(Orlando, Florida, USA, December 10 - 15, 2013) The annual ASE Cyber Security Conference is a leading international forum for cyber security researchers, practitioners, developers, and users to explore cutting-edge ideas and results, and to exchange...
Cyber Defense Initiative 2013(Washington, DC, USA, December 12 - 19, 2013) NetWars Tournament runs over an intense two- to three-day period, at a conference or hosted onsite. Many enterprises, government agencies, and military bases are using NetWars OnSites to help identify...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.