The Syrian civil war again spills over into cyberspace as both sides undertake information operations to shape international opinion.
The Iranian-inspired Izz ad-Din al-Qassam Cyber Fighters explain that their new denial-of-service campaign against US banks ("phase three of Operation Ababil") remains motivated by the same insult to Islam the Cyber Fighters say started the whole thing last year.
Don't act based on an email claiming to be from the Microsoft Digital Crimes Unit. It's probably a malware vector.
Denial-of-service attacks in the Czech Republic expand from media sites to the financial sector. Authorities are baffled, since no one has claimed responsibility. Telefonica Czech Republic reports discovering Russian IP addresses in the attacks, but the Czech government correctly says this means little: other nation's addresses have also turned up, and botnets can be run from anywhere.
Oil and gas companies, including BP, continue to undergo cyber attacks. The Electric Power Research Institute warns utilities that attacks against the power grid will increase. Smart meters are also at risk.
Symbian malware drops and Android malware rises as cyber criminals respond to their market.
Pwn-to-Own is underway in Vancouver, and white hats have already taken down Internet Explorer, Chrome, Firefox, and Java. Controversial bughunters VUPEN announce discovery of a Windows exploit, and if you bet on form, expect it to appear in the wild soon.
Microsoft previews next week's Patch Tuesday.
Observers note that European cyber security regulations represent an industry opportunity, but also note that such initiatives can amount to stealth protectionism.
Today's issue includes events affecting Austria, Belgium, China, Czech Republic, European Union, Finland, France, Iran, Russia, Syria, Thailand, Ukraine, United Kingdom, United States..
Cyber Attacks, Threats, and Vulnerabilities
An Interview with Syrian Electronic Army hacktivists(E Hacking News) Today, E Hacking News interviewed the famous Syrian hacktivists "Syrian Electronic Army". The Syrian Electronic Army recently hacked Twitter accounts of Fracne24, Qatar Foundation and AFP. Please introduce yourself to EHN readersi'm a Syrian hacker called "The Pro", The leader of special operations department in the Syrian Electronic Army
Hackers Expose U.S. Chemical Weapon False Flag to Frame Syria(Cyberwarzone) Hacked emails from a British mercenary company were posted online, leading to claims Washington was backing a dirty war against Syria in which a chemical attack on Syria could be blamed on the Syrian regime, thereby strengthening the case for immediate intervention on the part of the United States military. British mercenary company, Britam Defence, has since admitted it was hacked but claimed the hacker, who posted his online name as "JAsIrX," had maliciously and cleverly used hacked material to generate forgeries to destroy the company's reputation and make it look like it was involved in shocking behavior
Muslim hackers target US banks in third round of cyberattacks(Global Post) Muslim hackers in the Izz ad-Din al-Qassam Cyber Fighters launched the third phase of their Operation Ababil campaign against US-based banks on Wednesday, making further demands that the YouTube video Innocence of Muslims be removed from the web. Known to many as the Muslim world's Anonymous, Izz ad-Din issued an ultimatum on Tuesday that their distributed denial of service (DDoS) attacks against American banking institutions would continue unless insults against the Prophet Mohammed were removed from YouTube
Websites of Major Czech Banks, Stock Exchange Disrupted by DDOS Attacks(Softpedia) The websites of several major financial institutions from the Czech Republic were disrupted on Wednesday by a series of distributed denial-of-service (DDOS) attacks launched by unknown hackers. The site of the Prague Stock Exchange (BCPP) suffered a similar fate. The public websites of Raiffeisen Bank, Komern Banka, CSOB, and esk spoitelna were targeted, ceskenoviny
Czech Republic baffled by unprecedented cyber assault(Global Post) The Czech Republic has been hit by an unprecedented wave of cyber attacks this week, with investigators stumped over their origin amid concerns they could lead to worse mayhem. "We don't know anything about the motivation for now, because no one has claimed the attacks," Radek Holy, spokesman for the National Cyber Security Centre, told AFP following attacks on media, banks and telecommunications websites."The character of the attacks gives us absolutely no clues about the reasons" behind them, he added. On Monday hackers launched a DDoS (distributed denial of service) attack on leading Czech news websites, blocking their servers with hundreds of thousands of requests
CYBER ATTACKS On BP over 50,000 attempts a day(Cyberwarzone) BP CEO Bob Dudley in an interview with CNBC told we see off over 50,000 attack attempts a day like many big companies. Cyber security is an growing issue around the world, not only with companies but with governments. Its certainly not just china, we have evidence many different people trying to work through our perimeters in the company in terms of securing data I suppose, we're not sure what all the threats are
Prolexic Mitigates DDoS Attack Against U.S. Utility Company(Dark Reading) Attackers now targeting network infrastructures that cause collateral damage. Prolexic, the global leader in Distributed Denial of Service (DDoS) protection services, announced today that it mitigated an attack against a U.S. metropolitan utility company earlier this month. The utility, which provides services to an estimated 420,000 electric, 305,000 water, and 230,000 sewer customers, has engaged Prolexic to provide DDoS protection services
Pwn2Own: IE, Firefox, Chrome and Java go down(Help Net Security) The Pwn2Own competition is underway at the CanSecWest conference in Vancouver, and during the first day of competition Java, IE 10, Firefox and Chrome were successfully "pwned" by various competitors
How Facebook Prepared to Be Hacked(Threatpost) When Facebook announced last month that its corporate infrastructure had been compromised through a watering-hole attack against several of its employees, it was major news, both because of the attack itself and because the company had come out and owned up to it. The interesting thing, however, is that this was not the first major problem that the Facebook incident response team had handled. In fact it was the third one in less than a year
Abrupt drop in Symbian malware(Help Net Security) In what may be the only good news for Symbian, F-Secure's latest Mobile Threat Report shows a drop in malware targeting the declining platform to just four percent of all mobile threats detected
Twitter OAuth API Keys Leaked(Threatpost) The OAuth keys and secrets that official Twitter applications use to access users' Twitter accounts have been leaked in a post to Github this morning
Apple marketing chief jabs Android security on Twitter(CNet) Apple marketing chief Phil Schiller has been a semi-regular Twitter user since 2008, though mostly tweets about things like music, movies and sports. But that changed earlier today with a post linking to F-Secure Labs' latest quarterly Mobile Threat report, with a casual mention to "be safe out there." The 29-page report's (PDF) key finding is that malware on Google's Android is getting worse, in part because of the platform's brisk growth and a new variant of malware that spread using SMS."Android malware has been strengthening its position in the mobile threat scene," the report's executive summary said. "In the fourth quarter alone, 96 new families and variants of Android threats were discovered, which almost doubles the number recorded in the previous quarter
Copyright Troll Suffers Website Attacks(TorrentFreak) Prenda, the lawfirm-that-isnt (or is, theyre not quite sure), may be in for a massive battle for their freedom next week. But their legal careers arent the only things taking a battering this past week, its their website as well. Websites can be the bane of many, and theyve not always been the friend of copyright trolls
Yahoo Mail accounts still hijacked daily(Help Net Security) Email account hijacking has been a big problem for Yahoo Mail users since the beginning of the year, as a number of vulnerabilities have been discovered, shared online and exploited by cyber scammers
Time Warner Cable Hacked, Defaced by NullCrew(eSecurity Planet) It didn't help that the admin password was 'changeme.' NullCrew hackers recently added a defacement page to Time Warner Cable's support Web site. The defacement includes a picture of the "rustled my jimmies" gorilla, along with database information including an admin username and password
Anglo American Platinum Hacked(eSecurity Planet) As part of Operation Green Rights, Anonymous hackers recently published data stolen from South Africa's Anglo American Platinum Limited, which produces approximately 38 percent of the world's annual supply of platinum
Raspberry Pi Hit by Cyber Attack(eSecurity Planet) The organization said the attack came from a botnet that appeared to have 'about a million nodes.' The Web site of the Raspberry Pi Foundation, which promotes the teaching of computer science in schools, was recently taken down by a DDoS attack
Is Cloud PaaS Safe?(eSecurity Planet) Security researchers from Trustwave take aim at Platform-as-a-Service and find security controls to be lacking. The world of cloud based platform-as-a-service (PaaS) is about accelerating time to market for applications. With a PaaS, organizations can get up and running the cloud quickly, but one security researcher
Anonymous Hacks internal server of German studio Constantin Film(Cyberwarzone) Anonymous team called M3du5a hacked into Constantin's internal employee server and published documents and email addresses and business partners names. On AnonNewsDe Twitter account M3du5a post attack was in retaliation for the shut down of illegal filesharing portal drei. bz late last month by German copyright protection group GVU
Hollywood Targeted by Chinese Hackers(Hollywood Reporter) At least one Burbank studio has been hacked, experts say, and piracy is rampant in "a culture of copying." Have Chinese hackers invaded Hollywood's computers, as they have the systems of Facebook, Apple, The New York Times and more than 100 other major Western entities? While some studio sources say no, cybersecurity experts tell THR another story
Warning to Hollywood: Chinese Hackers Want Your Secrets (Guest Column)(Hollywood Reporter) Hollywood should be on notice: It's not just the Pentagon and CIA that are victims of hackers. They're targeting more and more private companies. A recent report from American cybersecurity firm Mandiant linked the Chinese government's People's Liberation Army to massive, sustained intrusions into corporate networks. The report, which traced many attacks to the PLA's Shanghai-based Unit 61398, was devoured in Washington and Silicon Valley. But Hollywood mostly has shrugged off Chinese cyberspying as someone else's problem
Security Patches, Mitigations, and Software Updates
Microsoft to Ship 7 Bulletins in March Patch Tuesday Release(Threatpost) Software giant Microsoft plans to ship seven bulletins in the March 2013 edition of Patch Tuesday. Four of the bulletins are receiving high-severity, critical ratings. Three of the four critically rated bulletins that affect Microsoft Windows, Internet Explorer, Silverlight, Office, and Server Software could lead to remote code execution while the final critically rated bulletin could allow for privilege elevations
China, Russia clamp down on internet, says US(Sydney Morning Herald) China and Russia are buying increasingly powerful surveillance technologies to intercept communications and try to take control of the internet, a senior US official has said. Alec Ross, the US secretary of state's senior adviser for innovation, said on Thursday that new players such as Thailand and Ukraine would determine the future shape of the internet by deciding whether to open up globally or operate more closed national "intranets". His comments further demonstrate the lack of agreement over how the internet will be regulated after an attempt to establish a global governance policy collapsed last year
Cypherpunk rising: WikiLeaks, encryption, and the coming surveillance dystopia(The Verge) In 1989, when the internet was predominantly ASCII-based and HyperCard had yet to give birth (or at least act as a midwife) to the world wide web, R.U. Sirius launched Mondo 2000. Id say it was arguably the representative underground magazine of its pre-web day, William Gibson said in a recent interview. Posterity, looking at this, should also consider Mondo 2000 as a focus of something that was happening
More Info on Recent ICS-CERT Advisories(Chemical Facility Security News) ICS-CERT has been busy this week. They updated an alert on Tuesday and issued two advisories yesterday. In two of those three actions there were some interesting questions raised about some of the information provided, or not provided in their documents. Since then some additional information has been made available
EPRI to AMI vendors: Attacks are coming(Intelligent Utility) Advanced metering infrastructure (AMI) brings a lot of positives: more accurate information, real-time data, two-way communication, a smarter connection. Unfortunately, it also brings a large potential negative: Every new AMI end point is a possible attack point that utilities now have to defend. Thinking about this issue, the Electric Power Research Institute (EPRI) recently released a report, Intrusion Detection System for Advanced Metering Infrastructure, put together with the help of the University of Illinois at Urbana-Champaign and supported by data and research from UCAIug SG Security Working Group and reviewed by several utilities
The SCADA security challenge(Help Net Security) One of the less well-known aspects of information technology – but arguably one of the most critical to modern businesses – is the SCADA platform
Cybersecurity offers commercial opportunity, but also stokes trade tensions(EurActiv) The European Commission wants new cybersecurity rules to spur industrial growth by turning Europe into a showcase for lucrative security products, but the use of cybersecurity as a proxy for protectionism is also stymieing trade. The European Commission last month launched its over-arching Cybersecurity Strategy, including measures to ensure harmonised network and information security across the EU. Whilst consultations were under way on this last June the EU executive simultaneously launched an action plan for the security industry
GSA sets March 25 deadline for FedRAMP 3PAO applications(FierceGovernmentIT) The General Services Administration will beginning March 25 no longer accept new or re-submitted applications for organizations applying to become Third Party Assessment Organizations, a key component of the Federal Risk and Authorization Management Program
Bill Lochten Joins Software AG Govt Solutions As National VP(GovConWire) Bill Lochten, former managing director of Information Builders' federal systems group, has joined a Software AG subsidiary as national vice president. In his new role at Software AG Government Solutions, he will oversee the enterprise software company's sales to its U.S. federal government clients and business partners
Might a big Splunk deal validate big data?(FierceBigData) A lot has been made about the potential for a bubble in all the investment dollars flowing into big data. Most of the investment appears to be rather sensible and not overly aggressive. But ever since reports began surfacing earlier this year about IBM (NYSE: IBM) preparing a takeover bid for data analysis firm Splunk, and other companies such as Oracle (NASDAQ: ORCL) preparing to make similar offers, the question begins to get very real. Can a company with approximately $200 million in revenue really be worth $4 billion? Is that the kind of valuation that causes groans
Products, Services, and Solutions
Bank of China HK secures transaction with new tools(Computer World) Bank of China Hong Kong has deployed VASCO and i-Sprint security tools to secure online transactions and banking services, said the project's system integrator Automated Systems on Thursday. According to Automated, the solutions deployed by BOCHK include i-Sprint's Strong Authentication (2FA) and VASCO's DIGIPASS 270 and VACMAN core authentication engine to verify a customer's online identity and secure online transaction with data signing capabilities
Deutsche Telekom Worldmap shows live cyber attacks(Sicherheitstacho) This Portal shows statistics of the early warning system of Deutsche Telekom. The corresponding sensors are operated from Deutsche Telekom and Partners. Overview of current cyber attacksAttacks on the different sensors (Honeypots) will be displayed in realtime on the world map
Using Intelligence Against Companies That Benefit From Cyberspionage(Dark Reading) 'Naming and shaming' the ultimate beneficiaries of stolen trade secrets can work. Identifying the human or actor behind a targeted attack -- a.k.a. attribution -- has been hotly debated over its relevance. But knowing and confirming your attacker could be a key element of ultimately making cyberespionage more costly for nation-states like China, some security experts say
Stop Building Identity Houses On Sand(Dark Reading) Jericho Forum puts forward its vision of a new identity paradigm at the RSA Conference. Basically the receiving system that doesn't see this card says this has got a higher grade of intelligence behind it and a higher grade of authentication." In his talk Simmonds talked about the Global Identity Foundation, a non-profit bootstrap effort that he says his group hopes will spur industry players into building a stronger foundation for identity around a core identifier backed by some sort of cryptography and biometrics foundation that can be federated across multiple identity personas online
United Kingdoms ICO Publishes BYOD Guide(Softpedia) A study performed by YouGov for the UK Information Commissioners Office (ICO) shows that while 47% of adults use their personal mobile devices for work activities, less than 30% of them are provided with guidance on how to utilize them without putting sensitive information at risk. As such, the ICO has published a new guide which details the risks organizations must consider if the decide to allow their employees to use their personal devices for work-related tasks. The rise of smartphones and tablet devices means that many of the common daily tasks we would have previously carried out on the office computer can now be worked on remotely
How to Protect Your Small Business Against a Cyber Attack(CNBC) The Seattle hacker drove a black Mercedes. He owned a Rolex. He liked to frequent a downtown wine bar. While it's easy to think of cyber criminals as faceless, digital pickpockets in far-flung countries, the reality is that they are among us. In one notorious case, a bandit and his gang of cyber crooks compromised at least 53 Seattle-area small and medium-size businesses between 2008 and 2010, stealing enough data to cause $3 million in damages to the companies, their employees and their customers
How to blunt spear phishing attacks(Network World) According to Allen Paller, director of research at the SANS Institute, 95% of all attacks on enterprise networks are the result of successful spear phishing. In other words, somebody received an email and either clicked on a link or opened a file that they weren't supposed to. For example, Chinese hackers successfully broke into computers at The New York Times through spear phishing. So, what are the steps that IT execs can take to protect enterprise networks from spear phishing
Design and Innovation
Cloud Shield, Twine's Gateway To The Full-Blown Internet Of Things(FastCoDesign) If you're not afraid of hacking together a bit of code and plugging tiny wires into a credit-card-sized circuit board, you probably already know what an Arduino is. If not, here's the short version: An Arduino is a little electronic brain you can program to do interesting interactive stuff, like dim the lights in your living room when you turn on your TV. It lets you turn dumb objects (or environments) into smart ones
The Wrong Way to Discuss New Technologies(Slate) As illustrated by anti-noise campaigns from the early 20th century. There are many awful ways to respond to technological change, but succumbing to technological defeatism is certainly one of the worst. Technological defeatism—a belief that, since a given technology is here to stay, there's nothing we can do about it other than get on with it and simply adjust our norms—is a persistent feature of social thought about technology. We'll come to pay for it very dearly
High School Students Compete in National Cyber Defense Competition(AFA) CyberPatriot V will culminate next week with the National Finals Competition on March 14-16 at the Gaylord National Resort and Convention Center in National Harbor, MD. After three impressive preliminary rounds for which over 1,200 teams registered, just 28 teams remain, and will compete for top honors in the All Service and Open Division categories. Secretary of the Air Force Michael B. Donley will be the Keynote Speaker at the National Finals Competition Awards Banquet on Saturday evening. Awards will be presented by Maj. Gen. Suzanne M. Vautrinot, Commander, 24th Air Force, and Kathy Warden, Corporate Vice President and President, Northrop Grumman Information Systems
Cybersecurity program trains students for future(Daily Trojan) An innovative cybersecurity program established in fall 2003 has grown exponentially. The Viterbi School of Engineering's master's degree program for computer science with a specialization in computer security, which was established to help combat the growing threat of cyber attacks, is one of the country's first programs focused on producing specialists in protecting and defending information and information systems
Legislation, Policy, and Regulation
Telecom seeks critical infrastructure status for IT vendors(CSO) The Obama administration excluded the information technology (IT) industry from its definition of the nation's critical infrastructure, giving them immunity from security-related requirements unless changed by Congress. While this is good for tech companies, the telecom industry is crying foul, saying IT businesses should share any regulatory burden. The tech industry's exclusion, the result of lobbying by the Software & Information Industry Association, was included in President Barack Obama's executive order, issued last month
SEC sets out new tech rules(Finextra) The Securities and Exchange Commission has approved new rules governing IT policies and procedures at 'key market participants', in an effort to better insulate the markets from vulnerabilities posed by systems technology issues. The SEC's proposal called Regulation SCI would replace the current voluntary compliance program with enforceable rules. It will apply to self-regulatory organisations, alternative trading systems, plan processors, and certain exempt clearing agencies
Will Jurisdictional Fight Slow Down CISPA's Momentum?(Techdirt) Thanks to a fair bit of propaganda making the rounds, it feels like CISPA -- the cybersecurity bill that seeks to obliterate privacy protections without explaining how that will increase our security -- is on a bit of a fast track towards approval. However a bit of a stumbling block may have popped up. Congressional Representatives Bennie Thompson and Yvette Clarke -- the ranking members on the Committee on Homeland Security and the Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies -- have suddenly realized that all of this is happening without their support
CIA Chief Confirmed After Debate Over Drones(Washington Post) The filibuster culminated in the Senate confirmation of John O. Brennan to be director of the CIA by a vote of 63 to 34. But it scrambled the usual partisan landscape in the Capitol, with some Republican lawmakers attacking Paul for criticizing the president, while liberals and Democrats praised him
STRATCOM boss talks cyber with Killer Apps(Foreign Policy) Remember, in this role he's not only in charge of the nation's nuclear forces, he's also the military's top cyber officer since U.S. Cyber Command falls under STRATCOM. It's worth pointing out that he's been dealing with cyber professionally for almost
Cyber Command Adapts to Understand Cyber Battlespace(Department of Defense) Since the Defense Department officially made cyberspace a new domain of warfare in 2011, experts in the public and private sectors have been working to make that inherently collaborative, adaptable environment a suitable
Cyber threat requires special bomber deterrent force, says DSB task force(FierceGovernmentIT) A Defense Science Board task force says the Defense Department should segregate a portion of its military force away to ensure it has the capability to complete missions in the event of a catastrophic cyber attack. A partially declassified task force report, dated January 2013, charges that current DoD cyber efforts are fragmented, and that in any case, a defense-only strategy against top-tier attacks created by states capable of introducing vulnerabilities through the supply chain, or of launching a combined cyber and kinetic attack, is fated for failure. As a result, any successful cyber strategy must include deterrence, the report says--including the threat of launching nuclear weapons
Litigation, Investigation, and Law Enforcement
Sentencing of World's Most Attractive Hacker Postponed to April 19(Softpedia) The sentencing of Russian national Kristina Svechinskaya, known as the worlds most attractive hacker, has been postponed for the second time this year. The sentencing was initially scheduled for January 11, but it was later moved to March 1, and now to April 19, RAPSI News reports. Although she has been named a hacker, Svechinskaya hasnt really got anything to do with hacking, except for the fact that she worked as a money mule for a criminal organization that used the ZeuS Trojan to steal money from the bank accounts of US citizens
International Network Of On-Line Fraudsters Dismantled(Europa) Finnish law enforcement authorities, working closely with the European Cybercrime Centre (EC3) at Europol, have dismantled an Asian criminal network responsible for illegal internet transactions and purchasing of airline tickets. As a result of this successful operation, two members of the criminal gang, traveling on false documents, were arrested at Helsinki airport. In addition, around 15 000 compromised credit card numbers were found on the criminals seized computers
Feds take (baby) steps to fight fraud with analytics(Computer World) Government agencies have begun, tentatively, to mine their vast stores of data for the public good. If anybody has big data, it's the federal government. Data about government grants. Records of payments to Medicare providers. Information about workers' compensation claims. Financial data on public companies. Demographic data from the U.S. Census
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.