India's National Informatics Centre apparently suffers a data breach—government emails may have been compromised.
Iran's Gmail hacks are now attributed to the Iranian government (and observers note that the Islamic Republic's preoccupation with its elections may explain a lull in denial-of-service attacks on US banks). Hassan Rowhani's electoral victory over the weekend avoids a runoff; it remains to be seen how it will affect Iranian cyber operations.
The Guardian, keeping its promise of further PRISM news, reports that the UK and US monitored participants at 2009 international summits held in London. The Chinese press demands explanations of US hacking alleged by Edward Snowden. US companies face international blowback over their alleged cooperation with NSA surveillance programs even as reports surface that benefits of information-sharing may have been decidedly one-sided—finding much information they need remains classified, more companies are said to "slow-walk" data sharing with the Feds. Apart from damage to international sales by US firms, alleged NSA surveillance programs may, the Financial Times fears, fracture the Internet into state-controlled enclaves.
Increases in SSL traffic noticeably degrade firewall performance. New malware is found using the Windows Encrypting File System to hide itself from forensic analysis. Hard-coded password vulnerabilities are discovered in some 300 medical devices.
"Funding shortfalls" slow contractor security investigations in the US. Policy debate continues over the scope and oversight of US electronic surveillance programs. US Defense official Ashton Carter foresees evolution of a "cyber service."
Saudi Arabia tightens control over tools designed to evade Internet surveillance.
Today's issue includes events affecting China, India, Iran, Japan, New Zealand, Saudi Arabia, South Africa, United Kingdom, United States, and Zimbabwe..
Iranian Elections Bring Lull in Bank Attacks(Krebs on Security) For nearly nine months, hacker groups thought to be based in Iran have been launching large-scale cyberattacks designed to knock U.S. bank Websites offline. But those assaults have subsided over the past few weeks as Iranian hacker groups have begun turning their attention toward domestic targets, launching sophisticated phishing attacks against fellow citizens leading up to today's presidential election there
The Guardian: Britain, United States spied at summits(Washington Post) British and U.S. spy agencies monitored the e-mails and phone calls of foreign dignitaries at two international summits in London in 2009, the Guardian newspaper reported Monday, citing documents it received from former National Security Agency contractor Edward J. Snowden
Latest Snowden claim puts pressure on enterprise security(FierceCIO: TechWatch) In an exclusive interview with the South China Morning Post published earlier today, ex-NSA contractor and whistle-blower Edward Snowden alleged that the U.S. government has been breaking into computers in Hong Kong and China for years. More importantly, he says that targets included businesses and individuals, provoking charges of hypocrisy by Chinese state media
Ad exec: Online ad industry complicit in NSA PRISM datamining(ZDNet) A high-profile, 20-year digital advertising industry executive says digital ad strategies that collect user data in the name of serving targeted ads to consumers is responsible for public acceptance of surveillance and data-gathering programs — specifically NSA's PRISM
Google, Facebook and others have betrayed their global users(Times of India) By now you must have heard of PRISM, a secret surveillance programme run by the National Security Agency (NSA) in the US. The PRISM story was broken by the Guardian and the Washington Post after they received some classified material from Edward Snowden, a 29-year-old technical assistant who worked with the CIA and had access to NSA data
Businesses slow–walk classified data–sharing efforts with feds(CSO) Both government and business agree that sharing data is critical to fighting cyber threats to the nation's critical information and infrastructure resources. One hang-up the private sector has found when sharing data with the U.S. government is that the information most useful to companies is classified, which means they don't have access to it
National Security Agency: The net rips apart(Financial Times) The internet is at risk of transforming from an open platform to controlled national networks. Asked about his biggest worry for the future of the internet, Google chairman Eric Schmidt had a ready answer: that it might suffer a process of "Balkanisation", a fragmentation brought about by national governments seeking to exert greater influence
Facts About the National Security Agency's Data Collection Program(Data Informed) Since media reports revealed that National Security Agency is collecting millions of Americans' telephone records as well as data from the servers of major technology firms, there have been discussions in the public square about the relationship between the government's efforts to protect national security and citizens' expectations about the privacy of their personal data
CBS News confirms Sharyl Attkisson's computer hacked(CBS News) CBS News announced Friday that correspondent Sharyl Attkisson's computer was hacked by "an unauthorized, external, unknown party on multiple occasions," confirming Attkisson's previous revelation of the hacking
Asia-wide targeted campaign drops backdoor, RAT(Help Net Security) A new and widespread phishing campaign has been discovered targeting businesses and government institutions across Asia, Trend Micro reports. Telecoms, oil and gas companies, media companies
New malware uses Windows EFS to stymie security researchers(FierceCIO: TechWatch) Researchers from security vendor Symantec have discovered a new malware that makes use of the Encrypting File System feature in Windows in order to stymie forensic analysis. As its name suggests, EFS offers transparent file system level encryption to help businesses guard against data leakage to users without the correct system password
Lucile Packard suffers second data breach in six months(FierceHealthIT) Lucile Packard Children's Hospital, a 311-bed facility in Palo Alto, Calif., has suffered its third data breach in four years--and its second in six months--this one potentially effecting 12,900 patients
ICS-CERT Alert : Medical Devices Hard-Coded Passwords(Cyberwarzone) Researchers Billy Rios and Terry McCorkle of Cylance have reported a hard-coded password vulnerability affecting roughly 300 medical devices across approximately 40 vendors. According to their report, the vulnerability could be exploited to potentially change critical settings and/or modify device firmware
OpRisk Europe: Cyber attack a growing threat, panel agrees(Risk.net) Op risk head warns algo trading could be "another Libor situation". Cyber attack will be a leading concern for the financial industry over the year ahead, a panel at the OpRisk Europe conference in London yesterday told delegates. Related articles
Large orgs in denial about own security breaches?(Help Net Security) Over two thirds (66%) of large organizations said they either had not experienced a security incident in the last 12-18 months or were unsure if they had, a recent Lancope survey has revealed
UK messed up on cloud perceptions(TechEYE) The world+dog thinks that the Cloud is not secure, but this is not borne out by those who actually use it. A UK study of SMEs by comScore has revealed that more than half of non-Cloud users cited concerns about security by as a barrier to adoption
Cyber-policy woes: one-fifth of workers don't alert IT to BYOD use(Infosecurity Magazine) Despite increased focus on the security holes that bring-your-own-device (BYOD) strategies and the consumerization of IT present within the enterprise, research from AppSense has revealed that the threat to corporate IT security hasn't really abated at all – especially with consumers circumventing IT altogether in some cases when it comes to mobile working
Top Secret Defense Contractors No Longer Being Reinvestigated(Government Executive) "Funding shortfalls" are forcing the Defense Department to suspend most periodic reinvestigations of contractors cleared for top-secret status in some national security jobs starting Friday through the remainder of fiscal 2013, according to a recent announcement
Sweden effectively bans government use of Google(Infosecurity Magazine) An announcement from the Swedish Information Commissioner enjoins Salem Municipality 'to either remedy the shortcomings of the agreement [to use Google's cloud services] or to stop using the cloud service'
Cybersecurity stings expert it has rewarded(Boston Globe) When the United Arab Emirates wanted to create its own version of the National Security Agency, it turned to Booz Allen Hamilton to replicate the world's largest and most powerful spy agency in the sands of Abu Dhabi. It was a natural choice: The chief architect of Booz Allen's cyberstrategy is J. Michael McConnell, who once led the NSA and pushed the United States into a new era of big data espionage. It was McConnell who won the blessing of the US intelligence agencies to bolster the Persian Gulf sheikdom, which helps track the Iranians
Booz Allen Hamilton: Corporate Intelligence(DC Bureau) While the government investigates why a 29-year-old worker at Booz Allen Hamilton had access to the extremely sensitive information that he leaked to The Washington Post and Britain's The Guardian newspapers, other questions need answers
Malware Issues and Cyber Attacks Fuel Job Growth for Security Experts(Business Administration Information) Malware issues cost businesses in the United States an average of $8.9 million annually, according to a paper published by the Ponemon Institute. Viruses, malware and denial-of-service attacks disrupt business activity and result in costly problems for companies nationwide
FireEye: Eyeing up NZ potential(Techday NZ) FireEye has recruited two well-known industry faces as the company pushes its offerings to target increasing cyber threats. New ANZ regional director
Products, Services, and Solutions
Secure automated archiving from Imation(Help Net Security) Imation launched its next generation object store, the Nexsan Assureon secure automated archive solution. It brings secure automated archiving to mid-sized organizations and enterprises to optimize
In-house control and encrypted voice calls(Help Net Security) Cellcrypt announced Cellcrypt Private Switch, a private network that allows an organization's administrators complete privacy over user identity and calling activity. This enterprise server software
Automated analysis of essential security controls(Help Net Security) EiQ Networks announced ThreatVue, an out-of-the-box security monitoring solution that automates the implementation, analysis and remediation guidance of essential security controls as recommended by
Dell SecureWorks launches cybersecurity Incident Response Center(Infosecurity Magazine) Looking to help companies prepare for and combat the aftermath of a cybersecurity incident or data breach, Dell SecureWorks has launched an Incident Response Resource Center to bring together research materials, white papers, videos and webcasts, and tools from its Emergency Incident Response and Digital Forensic services, into a common online portal
Multifactor authentication comes to Windows Azure(FierceCIO: TechWatch) Microsoft earlier this week announced a new multifactor authentication for employees, partners and customers of its Windows Azure Active Directory managed apps. Called Active Authentication, it works by requiring users to authenticate with the Active Authentication app on their mobile devices, via an automated phone call or a system generated text message
When it Comes to APTs, Don't Confuse Tactics With Strategy(SecurityWeek) Modern cyberattacks and APTs (advanced persistent threats) have quickly become a top priority for both security practitioners and C-level executives, and for good reason. Attackers, whether motivated by national interests, cyberespionage, cybercrime (or organized crime), have all turned to patient, long-term attacks as the default method for compromising an organization and stealing sensitive information. Unfortunately in many circles, the concept of controlling APTs has become synonymous with detecting new or otherwise unknown malware. This is a potentially harmful oversimplification that focuses our security on an attack technique, while potentially ignoring the more resilient attack strategy
Why nobody uses NSA-proof encryption(Washington Post) Computer programmers believe they know how to build cryptographic systems that are impossible for anyone, even the U.S. government, to crack. So why can the NSA read your e-mail? Last week, leaks revealed that the Web sites most people use every day
Thumb Drive Security: Snowden 1, NSA 0(InformationWeek) Thumb drives helped NSA whistle-blower Edward Snowden transport top-secret data from the agency. If the NSA can't keep a lid on thumb drives, can you? Pity the poor USB thumb drive. The humble storage device is again under fire after reports surfaced that National Security Agency (NSA) whistle-blower Edward Snowden, 29, used a removable USB storage device to exfiltrate top-secret information from the agency, reported the Los Angeles Times
Researcher To Open-Source Tools For Finding Odd Authentication Behavior(Dark Reading) Rather than watching for communications between infected systems and command-and-control servers, companies can detect stealthy malware when it attempts to spread. A number of security firms detect malware by monitoring outbound connections and looking for traffic going to known bad areas of the Internet. Other intrusion detection systems look for code designed to exploit known vulnerabilities
MOOCs: Interesting Legal Territory Ahead(InformationWeek) Massive open online courses have the potential to change higher education, but people and schools implementing MOOCs face some emerging legal questions
Legislation, Policy, and Regulation
The Absent Commander In Chief (Wall Street Journal) If Mr. Obama wants to maintain public support for the U.S. antiterror architecture he inherited and has robustly used, he is going to have to publicly defend it in the context of American interests and values. Without such a defense, the political vacuum will be filled by speculation and demagoguery as it has been for nearly two weeks
Too Much Secrecy Threatens Security(Chicago Tribune) But recent reports reveal that warrantless surveillance not only resumed but grew like a bodybuilder on steroids during the Bush and Obama administrations in two programs
More Dots, Less Terrorism(Wall Street Journal) Collecting data points doesn't kill anyone, but failing to collect and connect them already has
Living With The Surveillance State(New York Times) The N.S.A. data-mining is part of something much larger. On many fronts, we are adjusting to life in a surveillance state, relinquishing bits of privacy in exchange for the promise of other rewards. We have a vague feeling of uneasiness about these transactions, but it rarely translates into serious thinking about where we set the limits
US Begins To Define Military Cyber Ops(Defense News) Perhaps lost in all the coverage involving the leaking of classified documents by former Booz Allen Hamilton employee Edward Snowden this month was one development that outlines an exceedingly complex undertaking of the Obama administration: trying to define and guide military operations in cyberspace
Obama's Chief Of Staff Defends NSA Surveillance(Washington Post) White House Chief of Staff Denis McDonough defended the administration's sweeping surveillance efforts Sunday, saying President Obama does not think the tactics have violated the privacy of any American, and he signaled that the president will be elaborating on the issue soon
Officials: NSA Doesn't Collect Cellphone-Location Records(Wall Street Journal) The National Security Agency sweeps up data on millions of cellphones and Internet communications under secret court orders. But as it mounts a rigorous defense of its surveillance, the agency has disclosed new details that portray its efforts as tightly controlled and limited in scope, while successful in thwarting potential plots
Glasnost on the Potomac under Obama? Not quite(AP via the Boston Globe) t's as if the United States has two governments, one open and one very much not. President Barack Obama leads both, trying not to butt heads with himself. Since becoming president, Obama has churned out an impressive stream of directives flowing from his promise to deliver ''the most transparent administration in history''
US security — too big not to fail(Boston Globe) THE VIEW through a prism can distort shapes and fragment color — perhaps heightening the beholder's interest, but offering anything but an authentic glimpse of reality. The National Security Agency's ironic choice of "PRISM" as the code name for a massive data-collection program, recently exposed in documents leaked by federal contractor Edward Snowden, only begins to suggest the problems with this clandestine intrusion into the lives of citizens
National Security Agency doing its job(South China Morning Post) Your editorial ("US surveillance policy shows it cannot be trusted", June 12) manages to confuse the aggressive and often overreaching promotion of democracy and human rights by US governments with a perfectly legitimate programme of self-defence
The US security state laid bare(South China Morning Post) Philip Cunningham says the exposure of the dark undercurrents of the American security state has fuelled outrage at its double standards, but will it force a needed change of course? Sales of George Orwell's works are said to be enjoying a small boom ever since the National Security Agency spy story broke, suggesting that, in confusing times, people still find solace in aphorisms and essays, fiction and fantasy, seeking to get a better grip on the uncharted and unclear dangers of the present
NSA chief seeks cyber shield for cooperating firms(Press TV) General Keith Alexander, chief of both the National Security Agency and the U.S. Cyber Command, has asked Congress to grant legal immunity to companies that assist the federal agencies in cyber warfare. The NSA director has petitioned Congress to
The Costs and Benefits of the NSA(Weekly Standard) The data-collection debate we need to have is not about civil liberties. Should Americans fear the possible abuse of the intercept power of the National Security Agency at Fort Meade, Maryland? Absolutely. In the midst of the unfolding scandal at the IRS, we understand that bureaucracies are callous creatures, capable of manipulation. In addition to deliberate misuse, closed intelligence agencies can make mistakes in surveilling legitimate targets, causing mountains of trouble. Consider Muslim names. Because of their commonness and the lack of standardized transliteration, they can befuddle scholars, let alone intelligence analysts, who seldom have fluency in Islamic languages. Although one is hard pressed to think of a case since 9/11 in which mistaken identity, or a willful or unintentional leak of intercept intelligence, immiserated an American citizen, these things can happen. NSA civilian employees, soldiers, FBI agents, CIA case officers, prosecutors, and our elected officials are not always angels
DoD could eventually move to a 'cyber service', says Carter(IHS Jane's) However, each of the DoD's military service branches have their own separate cyber capabilities and these are partially managed through US Cyber Command (CYBERCOM), a subordinate of US Strategic Command. Deputy Secretary of Defense Ashton
Japan aims to monitor Internet-based communications(Help Net Security) After having agreed on a draft of an official cybersecurity strategy earlier this month, Japan's National Information Security Center (NISC) is looking to establish a Cyber Security Center
IDF appoints legal adviser for cyber warfare(Haaretz) It can be assumed that like International Law Department, which gives legal advice to IDF decision makers, the cyber legal adviser will also have to determine the legality of the targets of cyber attack, what the acceptable limits of cyber warfare will
FDA calls for increased health IT cybersecurity efforts(FierceHealthIT) With hackers and cyberattacks increasing as threats to medical devices, the U.S. Food and Drug Administration this week published new guidance calling for developers and healthcare facilities to beef up security efforts while creating and using those devices
AdvaMed to FDA: 510(k) rules are fine as they are(FierceMedicalDevices) Congress is asking the FDA to tighten its policies for approving modifications of on-the-market devices, and now industry is pushing back, saying there's nothing wrong with the current process
Column: When lying is acceptable, public loses(Seattle Times) A member of Congress asks the director of national intelligence if the National Security Agency collects data on millions of Americans. "No, sir," James Clapper responds. Pressed, he adds a caveat: "Not wittingly." Then, NSA programs that do precisely that are disclosed
National Security leaker Snowden not welcome in U.K.(AP via Naples News) The British government has warned airlines around the world not to allow Edward Snowden, who leaked information on top-secret U.S. government surveillance programs, to fly to the United Kingdom
Eric Holder: Leaks 'damaged' security(Politico) Attorney General Eric Holder promised to hold accountable the individual who leaked information about the National Security Agency's surveillance program, saying the information is "extremely damaging" to U.S. national security
Investigate Booz Allen Hamilton, not Edward Snowden(The Guardian) Military contractor Booz Allen Hamilton of McLean, Virginia, has shot into the news recently over two of its former employees: Edward Snowden, the whistleblower who has just revealed the extent of US global spying on electronic data of ordinary
Web companies begin releasing surveillance information after U.S. deal(Reuters) Facebook and Microsoft have struck agreements with the U.S. government to release limited information about the number of surveillance requests they receive, a modest victory for the companies as they struggle with the fallout from disclosures about a secret government data-collection program. Facebook on Friday became the first to release aggregate numbers of requests, saying in a blog post that it received between 9,000 and 10,000 U.S. requests for user data in the second half of 2012, covering 18,000 to 19,000 of its users' accounts. Facebook has more than 1.1 billion users worldwide
PRISM helped stop terrorism in US and 20-plus countries, NSA document argues(Ars Technica) Declassified document claims phone metadata was searched under 300 times in 2012. US intelligence officials sent Congress a new declassified document on Saturday, which the Senate Intelligence Committee then made public. Outlets such as CNN and the Associated Press received this, and it revealed a number of interesting statistics related to the government's use of the NSA's controversial PRISM program. However, this document has not yet been published on the Senate Intelligence Committee's website (and does not seem to be easily obtained through basic Internet search)
Snowden's Leaks on China Could Affect Its Role in His Fate(New York Times) The decision by a former National Security Agency contractor to divulge classified data about the U.S. government's surveillance of computers in mainland China and Hong Kong has complicated his legal position, but may also make China's security apparatus more interested in helping him stay here, law and security experts said on Friday
The Oath Keepers on Edward Snowden(Reason Hit & Run) The Oath Keepers are a coalition of current and former military, police, and other public officials who have pledged not to obey unconstitutional commands. They're extremely controversial, with critics accusing them (inaccurately) of fomenting terrorism and (more accurately) of attracting people with an affinity for conspiracy theories and apocalyptic rhetoric. Since they were launched in the first year of the Obama administration, they are also sometimes accused of being unconcerned with the constitutional violations of the Bush years
Rand Paul Recruits for a Class Action Against NSA(Bloomberg BusinessWeek) It's been a week since the Guardian newspaper revealed, through documents leaked by a whistleblower, that the National Security Agency was sweeping up records of phone calls between U.S. citizens. Already, the lawyers are pouncing
Ukrainischer Hacker: Warum das FBI Darth Vader sprechen möchte(Spiegel Netzwelt) Ein weltweit gesuchter Hacker leitet in der Ukraine eine politische Partei. Im Darth-Vader-Kostüm sorgt er für Aufsehen und ruft zum Cyber-Krieg auf. Politiker schützen den Kriminellen vor Strafverfolgung - zum Ärger von FBI und Secret Service
Canadian government crossed the line in monitoring of activist(SC Magazine) The Canadian privacy commissioner has found that the government overstepped its bounds while monitoring activist Cindy Blackstock. The commissioner's report, released privately this month, found that the government began using social media to gather personal information about Blackstock in February 2010. Blackstock, the executive director of the First Nations Child and Family Caring Society of Canada, had lodged a human rights complaint against the government three years before. She alleged that inequitable government funding for First Nations child welfare services amounted to discrimination
US: No wide data breaches at firms in cyber-attack(NDTV) Federal prosecutors in New Jersey have provided new details on how an international cybercrime ring broken up this week accessed some customer accounts at more than a dozen leading financial institutions and payroll services. According to an amended
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
3rd Cybersecurity Framework for Critical Infrastructure Workshop(San Diego, California, USA, July 10 - 12, 2013) NIST is inviting cybersecurity experts, industry and academia from across the nation to attend one of its regional workshops at UC San Diego to identify, refine and guide the many interrelated considerations,...
25th Annual FIRST Conference(Bangkok, Thailand, June 16 - 21, 2013) The annual FIRST conference provides a setting for conference participants to attend a wide range of presentations delivered by leading experts in both the CSIRT field and from the global security community.
Hack in Paris(Paris, France, June 17 - 21, 2013) This five day event will examine forensics, malware analysis, and corporate hacking techniques, and what could be better, it is held at the Euro Disney conference center outside of Paris. It has attracted...
2013 ICAM Information Day and Expo(Washington, DC, USA, June 18, 2013) This day provides a forum for the Identity, Credential and Access Management (ICAM) community to get first-hand information on current identity management and related technologies.
Buzzword Forensics: Mobile is the Future…and the Future is Now(Laurel, Maryland, Sioux Falls, June 18, 2013) Digital forensics is evolving, as all forensic sciences must evolve. With the explosive growth of the Internet as context, the discipline of digital forensics has evolved significantly since the last millennium.
NASA National Capital Region Industry Days(Washington, DC, USA, June 25 - 27, 2013) This dedicated Information Technology Expo - sponsored by the Office of the Chief Information Officer - will serve as a focal point for NASA personnel to learn about the latest products and advances in...
AFCEA International Cyber Symposium 2013(Baltimore, Maryland, USA, June 25 - 27, 2013) Cyber threats and challenges grow every day. Successfully defending our networks requires a team approach. With this in mind, the Cyber symposium will engage the key players, including the U. S. Government,...
ShakaCon(Honolulu, Hawaii, USA, June 25 - 28, 2013) This is the fifth year this "laid back security conference in paradise" is being held. Some solid presentations and training on malware analysis and penetration testing. After all, what could be better...
American Technology Awards Technology and Government Dinner(Washington, DC, USA, June 30, 2013) TechAmerica Foundation hosts its Eleventh Annual Technology and Government Dinner at the Ronald Reagan Building in Washington DC. The dinner continues to serve as the premier Washington, DC technology...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.