China suffered a widespread, albeit brief, Internet outage Tuesday. DNS poisoning is suspected, and the Chinese government has been leaning toward the conclusion that the event was indeed a cyber attack. There are some indications that hacktivists sympathetic to the officially out-of-favor Falun Gong movement were involved.
Cyber-rioting continues in the Caucasus, most recently in the form of Azerbaijani attacks on Armenian government Websites.
CrowdStrike reports that the Russian government has adopted its Chinese counterpart's cyber espionage "play book"—economic gain, says CrowdStrike, is the leading Russian goal in cyber operations.
The Miami New Times alleges that a Florida networking company with possible ties to Iran's government may have been responsible for cyber attacks against Syrian rebels hitherto attributed to the Syrian Electronic Army.
Reports on the Target breach are slowing down, as security companies have second thoughts about speculation and disclosure.
Electronic messaging—texts and emails—are used to intimidate Ukrainian dissidents and threaten German Olympians.
The US Department of Homeland Security warns some 100 contractors that a breach in its web portal resulted in unauthorized access to potentially sensitive documents.
Potential cyber terrorism, particularly threats to critical infrastructure, worries European Union policy makers.
VMWare has acquired mobile security company AirWatch for nearly $1.5B. IBM will sell its x86 server business to Lenovo for $2.3B. BoozAllen is competing for US government insider threat business.
The World Economic Forum in Davos begins a two-year study of the "post-Snowden Internet."
Convicted hacker Mitchell Frost offers insight into hacktivist mind and motivation.
Today's issue includes events affecting Armenia, Azerbaijan, China, European Union, Germany, Iran, Israel, Russia, Slovenia, Syria, Ukraine, United Kingdom, United States, Vatican..
Cyber Attacks, Threats, and Vulnerabilities
China Suffers Internet Outage After 'DNS Hack'(TechWeekEurope) China suffered a significant Internet outage on Tuesday, raising fresh questions over the robustness of the so-called "Great Firewall of China". According to the official Xinhua news service, Internet users in China were unable to access websites ending with .com, and many were rerouted to an American anti-censorship website. The outage could have been exploited by hackers, or could have been the result of a hacking attack of the country's domain name system (DNS), according to media reports
Chinese experts demand more DNS protection(Xinhua) Internet experts in China called for intensified efforts to safeguard the country's domain name system (DNS) after it malfunctioned on Tuesday, leaving users unable to access many websites
Several Armenian Government Ministries Websites Hacked by Anti-Armenia Team(HackRead) Azerbaijan Hackers from Anti-Armenia Team have hacked and defaced several Armenian government ministries websites. The sites were hacked two days ago where hackers left their deface page along with an anti-Armenian video message on all hacked websites. The links of all hacked websites is available here. The total number of targeted websites is 64, which includes high profile
Miami Company Launches Cyber Attack on Syrian Rebels(Miami New Times) A cross rebel-held Syria last September, an innocuous-seeming image of a man kissing a woman flashed across computer screens. It prompted curiosity and clicks. But as rebels soon learned, the image was actually a virus, and they'd just infected their computers. For months, as Syria descended deeper into chaos and President Barack Obama threatened war, no one knew who had created the virus, or why
As Target breach unfolds, information vanishes from Web(ComputerWorld) Did security companies publish too much, too soon on the Target breach? At least three security companies have scrubbed information related to Target from the Web, highlighting the ongoing sensitivity around one of the largest-ever data breaches
Ominous Text Message Sent To Government Protestors In Ukraine(TechCrunch) Someone is broadcasting creepy messages to defuse violent protests against the Ukrainian government. "Dear subscriber, you are registered as a participant in a mass disturbance," is a text being sent to protesters, reportedly near the Parliament building. Protesters are, in part, angry over anti-demonstration laws passed by the heavy-handed president, Viktor Yanukovych
Olympic team receives Sochi email threats(The Local (German edition)) Germany's Olympic Committee confirmed on Thursday it had received e-mails warning it of a terrorist attack at Sochi's Winter Games. It came as Germany unveiled its team for the Olympics
Vital infrastructure a cyber-terrorism timebomb EU warns(SlashGear) Vital control systems used by energy, water, and transportation are ill-prepared to cope with online terrorism and hacking threats, the EU's cyber security agency has warned, blaming patchy and inconsistent testing for what could be a potential infrastructure disaster. Industrial Control Systems (ICS) are "often outdated" ENISA points out, while their expected lifespan of 20 years or more fails to incorporate the sort of security features essential to withstand cyber-terrorism attacks
Fully automated, API-supporting service, undermines Facebook and Google's 'SMS/Mobile number activation' account registration process(Webroot Threat Blog) Operating in a world dominated by millions of malware-infected hosts acting as proxies for the facilitation of fraudulent and malicious activity, the Web's most popular properties are constantly looking for ways to add additional layers of authentication to the account registration process of prospective users, in an attempt to undermine automatic account registration tactics. With CAPTCHA under automatic fire from newly emerging CAPTCHA solving/breaking services, re-positioning the concept from what was once the primary automatic account registration prevention mechanism, to just being a part of the 'authentication mix' these days, in recent years, a new (layered) authentication concept got the attention
Security Patches, Mitigations, and Software Updates
Security Incident Response Teams Getting Short End of Budget Stick(SecurityWeek) Responding to a security threat is just as important as detecting it — if not more so. Yet Computer Security Incident Response Teams are often given short thrift in security budgets — a lack of attention a new study argues may be traceable to poor communication between security teams and executives
Leaders have no real understanding of cyber attack implications(The HR Director) The results of a Ponemon Institute report entitled, "Cyber Security Incident Response: Are we as prepared as we think?" Findings show that while security threats are imminent, CEOs and other members of the management team are in the dark about potential cyber-attacks against their companies
Cloud Computing: A Powerful Tool For Cyber Attacks?(Silicon India) As cyber warfare against enterprises grows more brutal by the year, cloud computing technology is also at risk for cyber attacks such as malware and phishing, which have increased the demand for technologies to combat these threats
Most SMB employees in fear of identity theft in the workplace(Help Net Security) The smaller business workplace has transformed into a mobile-enabled, agile, and satisfying environment, but one where the workforce is acutely aware and worried about the threat to their personal online information, an independent study funded by GFI Software has revealed
Everyone Has A Secret(TrendLabs Security Intelligence Blog) People are seldom an entirely open book. It's common sense and rational to keep some stuff like financial and medical records away from prying eyes. For others, it can be something trivial and silly (say, an embarrassing taste in music) to the more serious (like a traumatic event in one's past)
2014's Hacking Pain is Cyber Security's Gain(Forbes) First it was Target TGT -0.37% that got hacked over the Christmas holiday and that has the company bracing for a fierce backlash after it disclosed that over 70 million credit cards and other customer data was "compromised." That's a pretty sour way to close out the year, particularly if you are Gregg Steinhafel the Chairman and CEO of Target, but to think Target was the only company to get hacked in 2013 would be naive. Some of the bigger hacks in during 2013 including LivingSocial, Washington state Administrative Office of the Courts, Evernote, Drupal.org, and one of the internal websites of the Federal Reserve
Booz Allen, Snowden's old firm, looking to help US government with 'insider threats'(Christian Science Monitor) Are defense and intelligence contractors the best choice to manage a threat they've contributed to? Edward Snowden told a writer for The New Yorker in an "interview conducted by encrypted means" that he had no assistance from Russia, any other country, or any other person or entity when he stole (by his count) over a million secret documents from his former employer, the National Security Agency (NSA)
DB Networks Honored for Security Product Excellence(CIO Today) DB Networks, an innovator of behavioral analysis in database security, today announced that Info Security Products Guide, the industry's leading information security research and advisory guide, has named DB Networks' IDS-6300 as a finalist for the 10th Annual 2014 Global Excellence Awards in four products and services excellence categories, as well as for the Tomorrow's Technology Today Award
Harmless hackers to solve biggest cyber problems to date(Voice of Russia) Hackers, who are not from the dark side, are coming out from their hiding spots to try and solve the toughest cyber challenges for a contest. On January 28, some of the best hackers in Israel will be identified in a competition, as they try to win a trip to the US to see exactly how Symantec tackles its cyber defense issues
NIST opens third round of NSTIC pilots(FierceGovIT) The National Institute of Standards and Technology sees testing as critical to the formation of an identity ecosystem, as called for in the National Strategy for Trusted Identities in Cyberspace. On Jan. 16, NIST formally announced a federal funding opportunity for a third round of NSTIC pilots
Snapchat Makes You "Find The Ghosts" To Keep Hackers From Stealing Your Phone Number [Update: But It Fails](TechCrunch) Snapchat now verifies new users aren't robots by making them choose its ghost mascot within images. It's an attempt to keep out hackers who could steal phone numbers by exploiting a leaked database of details on 4.6 million accounts. a 16-year-old hacker proved he could do just that by finding the number of Snapchat CTO Bobby Murphy, but now he says Snapchat has patched the holes he harnessed. [Update: But the "Snap-tcha" solution doesn't seem very secure as another hacker built a workaround in under an hour
Learning from the breaches that happen to others(Internet Storm Center) Initially when major breaches or incidents announced via the media, everyone and their pet dog has a theory about how it happened. As an Incident handler, I love a good explanation of what really happened when systems get breached, rather that the wide ranging, speculative theories. Most of us completely understand that during a breach information has to be limited to a need to know basis while the incident is being worked on and have to run their course before the investigators can even think about publically publishing their findings. That means the armchair security experts can pontificate endlessly of what they think happened. When an official report does get published of the breach, I tend to feel big chunks are missing, with some excellent notable exceptions. When discovering a public, well written, comprehensive report, that dives in to the nitty-gritty of an attack it cries out to be shared and should be cherished, voraciously dissected, pillaged for any tactical or strategic indicators and then carved up for lessons learned whenever they surface
Learning from the breaches that happen to others Part 2(Internet Storm Center) My last Diary piece was on the analysis of multiple similar breaches with a great deal of technical details from an external team brought in to handle the incidents, but it didn't touch on the human elements that are intertwined with each and every breach
Design and Innovation
EC Creates Corporates+Universities Group And A Thinktank To Help EU Startups(TechCrunch) We've already covered the set of initiatives the European Commission plans to roll out in order to address the pressing need to support tech startups in Europe. Today in Davos, at the World Economic Form, Vice President Neelie Kroes has announced the launch of two initiatives inspired by that work
Independent review board says NSA phone data program is illegal and should end(The Washington Post) The National Security Agency's long-running program to collect billions of Americans' phone records is illegal and should end. In a strongly worded report to be issued Thursday, the Privacy and Civil Liberties Oversight Board (PCLOB) said that the statute upon which the program was based, Section 215 of the USA Patriot Act, "does not provide an adequate basis to support this program"
Our View: Obama's limits on surveillance not strong enough(Modesto Bee) The limits on the massive surveillance of Americans that President Barack Obama announced Friday are significant and necessary. His plan, however, should be only the start to striking the right balance between national security and civil liberties
Fox News Poll: Most voters glad they know Snowden secrets(Fox News) A sizable majority of voters are glad they now know the federal government's collecting phone and email records of everyday Americans — a secret until National Security Agency leaker Edward Snowden gave classified agency documents to the media
Cybersecurity could be the next bipartisan breakthrough(The Hill) The most optimistic Congressional observers (a rare breed in Washington) have dared express the view that the recently enacted two-year budget agreement may encourage representatives and senators of both political parties to come together to tackle other important issues
Time for an International Convention on Government Access to Data(Huffington Post) Last week, President Obama spoke about the role of the National Security Agency and announced some important changes to the surveillance practices of the U.S. government. We appreciate the steps the President announced, which represent positive progress on key issues including privacy protections for non-U.S. citizens. There is more work to do to define some of the details and additional steps that are needed, so we'll continue to work with both the administration and Congress to advocate for reforms consistent with the principles our industry outlined in December
Pope says internet is a 'gift from God'(The Local (Italian edition)) Pope Francis described the internet on Thursday as "a gift from God" and called on Catholics to "boldly become citizens of the digital world"
Litigation, Investigation, and Law Enforcement
Privacy Conundrum: When protecting customer privacy makes your company liable(FierceBigData) Alan Mulally, CEO of Ford Motor Co., appears to be begging regulators to protect consumer privacy by law. Yet he countered the statements made by his own executive vice president of global marketing, Jim Farley, who said at CES: "We know everyone who breaks the law; we know when you're doing it. We have GPS in your car, so we know what you're doing," he said, according to an article in Business Insider. "By the way, we don't supply that data to anyone." Mulally said Farley has it wrong in that Ford does not track drivers and does not share data without expressed consumer consent. So, why then is he supporting legal privacy protections? Officially the reason is civic concern. But unofficially, it may be a matter of company liability
Verizon Says It Received More Than 1,000 National Security Letters In 2013(The Wall Street Journal) Verizon Communications Inc. said it received more than 1,000 requests for information about its subscribers on national security grounds last year, in the company's first report on official requests to turn over customer data. The U.S. telecom giant said it received between 1,000 and 1,999 so-called National Security Letters, which are requests for customer records that don't require approval from a judge or grand jury as long as the information is relevant to national security. Recipients of individual National Security
Judge Enforces Spy Orders Despite Ruling Them Unconstitutional(Wired) A federal judge in California who ruled last year that the government's use of National Security Letters is unconstitutional has defied her own ruling by enforcing three NSLs in the wake of that judgment, according to newly unsealed documents
U.S. Accuses Security Background Check Firm of Fraud(Wall Street Journal) The Justice Department on Wednesday accused the government's largest private security background check contractor of defrauding the country of millions of dollars by methodically filing more than 660,000 flawed background investigations—40% of the cases it sent to the government over a four-year period
Why I did it: Former hacker Mitchell Frost explains his motivation(ComputerWorld) In 2006, Mitchell Frost, then a 19-year-old college student at the University of Akron, used the school's computer network to control the botnets he had created. Authorities say between August 2006 and March 2007, Frost launched a series of denial of service (DDOS) attacks against several conservative web sites, including Billoreilly.com, Anncoulter.com and Rudy Giuliani's campaign site, Joinrudy2008.com. He is accused of taking down the O'Reilly site five times, as well as disrupting the University of Akron's network during a DDOS attack Frost allegedly launched on a gaming server hosted by the university
Shipyard worker denounces anonymous claim of spying(Honolulu Star-Advertiser) A senior Pearl Harbor shipyard manager says he was falsely accused of espionage, taken off the job in March and has not been paid since July — even though an investigation cleared him of the "foreign influence" allegations
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Cybertech — Cyber Security Conference and Exhibition(Tel Aviv, Israel, January 27 - 29, 2014) Cybertech Israel, the first event of its kind, will present world-leading companies in the field of cyber defense alongside young companies that offer unique solutions to advance the discipline of cyber...
U.S. Census Data Protection & Privacy Day(Suitland, Maryland, USA, January 28, 2014) The Census Bureau's Privacy Compliance Branch of the Policy Coordination Office is hosting a Data Protection and Privacy Day on January 28. This event is intended to provide a forum for Census employees...
2014 Cybersecurity Innovation Forum(Baltimore, Maryland, USA, January 28 - 30, 2014) The 2014 Cybersecurity Innovation Forum (CIF) is a three-day event, sponsored by the National Cybersecurity Center of Excellence (NCCoE) with DHS, NIST, and NSA as primary participating organizations.
Cyber Training Forum at NGA(Springfield, Virginia, USA, February 4, 2014) The 2014 Cyber Security Training Forum (CSTF) will take place at the NGA East Campus in Springfield, VA. This event is designed to provide education and training to the NGA Workforce, the Intelligence...
U.S. Department of Commerce Technology Expo(, January 1, 1970) Department of Commerce is interested in hearing from you! The OCIO Office is specifically looking for speakers on Vulnerability Management and Implementation of Continuous Monitoring. Please contact...
Cyber Security 2014(, January 1, 1970) The threats and the opportunities conference brings together over 150 business leaders, senior decision makers, business development managers and IT professionals from across the whole defence and security...
Security Analyst Summit 2014(Punta Cana, Dominican Republic, February 9 - 13, 2014) The Kaspersky Security Analyst Summit (SAS) is an annual event connecting anti-malware researchers and developers, global law enforcement agencies and CERTs and members of the security research community.
FBI HQ Cloud Computing Vendor Day(, January 1, 1970) As part of its FAR mandated market research efforts and in order to keep FBI employees informed of new products, technologies and services available in the industry, ITED has been tasked with organizing...
RSA Conference USA(San Francisco, California, USA, February 24 - 28, 2014) Hundreds of game-changing interactions will give you an unparalleled diversity of industry insight and information based on best practices, real implementation stories, and detailed case studies. Each...
Nellis AFB Technology & Cyber Security Expo(, January 1, 1970) For over 12 years, the Armed Forces Communications & Electronics Association (AFCEA) - Las Vegas Chapter and FBC have been co-hosting the Annual Information Technology Expo at Nellis AFB. As was the case...
Trustworthy Technology Conference(, January 1, 1970) Join us for the first Trustworthy Technology Conference, to be held on 27 February 2014 at the AMC Metreon Theatre in San Francisco, California. We welcome all security researchers, practitioners and citizens...
Creech AFB Technology & Cyber Security Expo(, January 1, 1970) The Armed Forces Communications & Electronics Association (AFCEA) - Las Vegas Chapter, with support from the 432d Wing, will host a Cyber Security Awareness Day & Technology Expo at Creech AFB. This is...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.