This morning's leading news is the US Justice Department's announcement that it's indicting five members of Unit 61398 (in the 3rd Department of China's People's Liberation Army) on charges of industrial cyber espionage. The indictment alleges theft of trade secrets and other proprietary information from US companies. You may recognize three of the defendants by their handles: Wang Dong (UglyGorrilla), Gu Chunhui (KandyGoo) and Sun Kailiang (Jack Sun).
While it seems unlikely any of those indicted will actually stand trial in Pennsylvania, the charges are a shot across China's bow in an increasingly tense confrontation over cyberspace activities. Coincidentally or not, China recently announced its intention to tighten Internet security in the face of threats from "overseas hostile forces."
Russian cyber operations return to the news as Belgium's foreign ministry continues to untangle itself from what is widely if unofficially regarded as a Russian campaign to support its creeping engulfment of Ukraine. Some observers see the attacks as the opening moves of a campaign against NATO.
In two unrelated campaigns, cyber rioting of unclear motivation and murky ultimate provenance afflicts Turkish and Azeri government sites.
Ransomware continues its rise in popularity among cyber criminals. Sophos offers some pointers on prevention and recovery. Microsoft reports that social engineering more often lies at the root of data breaches than do software bugs.
Plans for retailers' cyber information sharing take shape. Observers wonder whether crowd sourcing will become the future of attack attribution.
The FBI is said to be visiting BlackShades RAT buyers.
Today's issue includes events affecting Argentina, Australia, Azerbaijan, Belgium, Brazil, Bulgaria, China, European Union, France, Germany, India, Italy, Japan, Lithuania, NATO, New Zealand, Qatar, Russia, Switzerland, Turkey, Ukraine, United Kingdom, United States..
later this week the CyberWire will offer special coverage of Georgetown University's Cybersecurity Law Institute.
Cyber Attacks, Threats, and Vulnerabilities
Is Putin taking on NATO in cyberspace?(iPolitics) It shouldn't be easy to shut down a European ministry for days, depriving bureaucrats of access to e-mail and the web. Someone, however, has managed to do just that to Belgium's foreign ministry — which had to quarantine its entire computer system last Saturday and only managed to restore the work of the passport and visa processing systems on Thursday
Russian Cybersnake May Be Putin's Secret Weapon(Bloomberg View) It shouldn't be easy to shut down a European ministry for days, depriving bureaucrats of access to e-mail and the web. Someone, however, has managed to do just that to Belgium's foreign ministry, which had to quarantine its entire computer system last Saturday and only managed to restore the work of the passport and visa processing systems on Thursday. Similar attacks seem to be taking place elsewhere in Europe, as Belgian Foreign Minister Didier Reynders told the Belga news agency after meeting with a senior French diplomat that "everyone (on the European level) notes at this moment a very powerful pickup in hacking activity probably coming from the east and in any case having to do with Ukraine"
Hackers are World Cup Fans(HackSurfer) On May 12, 2014, an AnonGhost member and developer of the new AnonGhost DDoS tool, nicknamed Ali KM, created an event page on Facebook announcing a cyber-campaign against FIFA websites. #OpFIFA will take place between June 10 and 12, 2014
Ransomware: Kovter infections on the rise(CSO) Researchers at Damballa have seen the number of Kovter infections double over the last month, as criminals increasingly turn to extortion as a means of generating income
Record month for Linux Trojans(Help Net Security) If you think that you are protected from malware if you use Linux, think again, warn researchers from AV manufacturer Dr. Web, who identified and examined a record-high number of Trojans for Linux this month — and the month isn't over yet
Application delivery networks are increasingly at risk(Help Net Security) Data centers and modern application delivery networks are increasingly at risk, according to cPacket Networks. At the same time, the tools currently available do not allow the operational teams to detect imminent issues and correct them before they disrupt critical business activities
Bulletin (SB14-139) Vulnerability Summary for the Week of May 12, 2014(US-CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information
Targeted Attack Trends: A Look At 2H 2013(TrendLads Security Intelligence Blog) Targeted attacks are known to use zero-day exploits. However, old vulnerabilities are still frequently exploited. In fact, based on cases analyzed in the second half of 2013, the most exploited vulnerability in this time frame was CVE-2012-0158, a Microsoft Office vulnerability that was patched in April 2012. This shows how important applying the latest patches and security updates are in mitigating the risks posed by these threats
Six Observations on the 2014 Verizon Data Breach Investigations Report — Part 1 of 2(News Center — Verizon Enterprise Solutions) At Intel Security, we believe the Innovation Economy relies on security for organizations and individuals to innovate and execute through technology. For example, the entrepreneur in his garage can't bring new disruptive ideas to life without the ability to securely develop and protect his intellectual property. The bio tech researcher can't bring her innovative new wonder drug to market if her organization can't protect trade secrets and data processes necessary for business execution
Why you are not spending enough on security(FierceCIO: TechWatch) Journalist Glenn Greenwald early this week wrote in The Guardian about an interdiction program in which networking equipment being shipped overseas was intercepted and planted with malware equipped with phone-home surveillance capabilities
'East Asia'-sponsored cyber-spying posing serious threat to India: Report(Times of India) Cyber-espionage cases have seen over three-fold increase last year as various state-sponsored and criminal groups are working with highly sophisticated and complex tools to undermine data security, with regions like "east Asia" being the epicenter of such attacks. A report released by telecom major Verizon said that the implications of this on India could be huge as it brace itself for cyber attacks from its immediate neighbours
Want 'perfect' security? Then threat data must be shared(ComputerWorld) Here's a surprise for you: We actually have a fairly good understanding of who is attacking us on the Internet and why. Various entities know not only which groups are doing the attacking, but also the names of the people in those groups. They know where they live, who their family members are, where they went to school, and when they go on vacation
Tech companies and privacy practices: Who has your back?(Help Net Security) The Electronic Frontier Foundation (EFF) has published its fourth annual "Who Has Your Back" report that aims to show which major technology companies are good at protecting your data from government requests
Airbus Looks To Overseas, Cyber To Grow Business(Defense News) The free-spending days of the mid-2000s are all but over for the defense industry. And with few new start programs coming from the Pentagon in favor of more cautious — and less expensive — modernization initiatives, defense executives have become more selective in how they plan to grow their business
TCS Helps Launch Cyber Training Courses(ExecutiveBiz) TeleCommunication Systems has partnered with the International Council of Electronic Commerce Consultants to introduce its cyber training courses to help meet the demand for cybersecurity training services
National Security Agency row sparks rush for encrypted email(Economic Times) A new push to encrypt email, keeping messages free from government snooping, is gaining momentum. One new email service promising "end-to-end" encryption launched on Friday, and others are being developed while major services such as Google Gmail and Yahoo Mail have stepped up security measures
Experts to Assess NIST Cryptography Program(BankInfoSecurity) A group of noted cryptographers, academics and business leaders will provide an independent assessment of the way the National Institute of Standards and Technology develops cryptographic standards and guidelines
Android "police warning" ransomware — how to avoid it, and what to do if you get caught(Naked Security) Ransomware has become a hot topic in recent years. One sort, such as the Reveton family, leaves your data intact but locks you out of your computer, and demands a fee to let you back in. The other main sort of ransomware, such as CryptoLocker, leaves your computer running fine but scrambles your data and demands a fee for the decryption key to get it back
Cyberwarfare: Protecting 'soft underbelly' of USA(CNBC) A small-scale city in New Jersey has suffered from repeated electrical grid failures, train derailments, and water purification problems. However, the problems aren't keeping visitors away. In fact, they're the reason the micro-city exists in the first place
New algorithm shakes up cryptography(Phys.org) Researchers at the Laboratoire Lorrain de Recherches en Informatique et ses Applications (CNRS/Université de Lorraine/Inria) and the Laboratoire d'Informatique de Paris 6 (CNRS/UPMC) have solved one aspect of the discrete logarithm problem. This is considered to be one of the 'holy grails' of algorithmic number theory, on which the security of many cryptographic systems used today is based. They have devised a new algorithm that calls into question the security of one variant of this problem, which has been closely studied since 1976
China says Internet security necessary to counter 'hostile forces'(Reuters via the Chicago Tribune) A Chinese official in charge of regulating the Internet has said Beijing must strengthen Internet security because "overseas hostile forces" are using the Internet to "attack, slander and spread rumors", state media said on Sunday
Obama's NSA spying reforms fail to satisfy cyber experts(Reuters) Obama administration actions to change some of the National Security Agency's surveillance practices after the leaks of classified documents by contractor Edward Snowden are falling short of what many private cyber experts want
Post-Snowden, the NSA's future rests on Admiral Rogers' shoulders(Reuters via the Chicago Tribune) As U.S. National Security Agency Director Mike Rogers seeks to repair the damage to the agency caused by leaks about its electronic spying programs, the abuses of government revealed in the wake of the Watergate scandal are very much on his mind
Cisco boss calls on Obama to rein in surveillance(Financial Times) Cisco's chief executive has written to President Barack Obama warning of a collapse of trust in US technology after evidence emerged showing the National Security Agency breaking into his company's equipment
The NSA, Cisco, And The Issue Of Interdiction(TechCrunch) It's been a hectic week of NSA news in light of Glenn Greenwald's recently published book, which furthered the revelation that the NSA intercepts (interdicts) hardware from US companies. The agency then reportedly compromises the equipment before it is delivered to overseas customers
Feinstein blasts critics of NSA phone program(The Hill) Senate Intelligence Chairwoman Dianne Feinstein (D-Calif.) on Sunday defended a National Security Agency (NSA) program that collects data about Americans' phone calls, saying it is not a surveillance program
"We're at greater risk": Q. & A. with General Keith Alexander(The New Yorker) Since Edward Snowden's revelations about government surveillence, we know more about how the National Security Agency has been interpreting Section 215 of the Patriot Act and Section 702 of the Foreign Intelligence Surveillance Act. We've learned some new words —"bulk metadata," "selector," "reasonable articulable suspicion," "emphatic-access restriction"—but we don't really know how much of this works in practice
The NSA can 'collect-it-all,' but what will it do with our data next?(Daily Beast via WOAI) In the summer of 2008, Gen. Keith Alexander, the recently resigned director of the National Security Agency, posed an audacious question to intelligence analysts at the Menwith Hill eavesdropping station in North Yorkshire, in the United Kingdom: "Why can't we collect all the signals all the time?"
States, pols in race for cyber jobs(Politico) For one of the state's biggest cybersecurity battles, Maryland officials last May drove 35 minutes past the home of the Pentagon's cyber army, beyond a corridor of tech giants that specialize in combating hackers and spies — and right to the host site of a horse race
Governor McAuliffe Names Members of Virginia Cyber Security Commission(Insurancenewsnet) Today, Governor McAuliffe announced the members of the Virginia Cyber Security Commission, a group established by executive order which will bring public and private sector experts together to make recommendations on how to make Virginia a leader in cyber security. The Commission will be co-chaired by Secretary of Technology Karen Jackson and Richard Clarke, Chairman and CEO of Good Harbor Security Risk Management
How FBI brought down cyber-underworld site Silk Road(Marshfield News Herald) Criminals who prowl the cyber-underworld's "darknet" thought law enforcement couldn't crack their anonymous trade in illegal drugs, guns and porn. But a series of arrests this month, including the bust of the black market site Silk Road, shows the G-men have infiltrated the Internet's back alley
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Security Start-up Speed Lunch NYC(New York, New York, USA, May 19, 2014) Our goal for this inaugural event is to connect the most promising security startups in the world with decision-makers at aerospace, asset-management, banking, communications, defense, energy, healthcare,...
CEIC 2014(Las Vegas, Nevada, USA, May 19 - 22, 2014) It's no exaggeration to say that CEIC is the biggest digital-investigations conference of its kind and the only one to offer hands-on lab sessions and training for practical skills development. From sessions...
The Device Developers' Conference: Bristol(Bristol, England, UK, May 20, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...
Mobile Network Security in Europe(London, England, UK, May 21, 2014) Following on from two successful events in the United States, this first Light Reading conference on Mobile Network Security in Europe will again focus on the key role of the network in safeguarding the...
CyberMontgomery(Rockville, Maryland, USA, May 22, 2014) Montgomery County, MD is home to over 18 federal agencies including NIST, FDA, NOAA, and the National Cybersecurity Center of Excellence (NCCoE). NCCoE is an exciting addition to Montgomery County's growing...
The Device Developers' Conference: Cambridge(Cambridge, England, UK, May 22, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...
CyberMontgomery Forum: Center of Gravity(Rockville, Maryland, USA, May 22, 2014) Cybersecurity will be a major growth engine in the region for many years to come. With solid federal government, industry and academic assets already in place in the region, there is still a need to bring...
Cyber Risk Summit(Washington, DC, USA, May 22, 2014) This one-day leadership conference will provide a discussion forum for business executives, insurance companies and policymakers on more effective private and public responses to cyber risk management.
3 Day Startup(San Antonio, Texas, USA, May 23 - 25, 2014) The nation faces tremendous challenges to our online security. Turn innovative ideas into startups that protect our information and our livelihood. 3 Day Startup is an entrepreneurship program designed...
How the SBIR/STTR Program Can Help Grow Your Business(Halethorp, Maryland, USA, May 27, 2014) The SBIR/STTR programs promote small business innovation and profitability while simultaneously meeting the government's research and development needs. Every year, small businesses receive millions of...
AFCEA DC Chapter 5th Annual Cybersecurity Symposium(Washington, DC, USA, May 28, 2014) 5th Annual Cybersecurity Symposium featuring Government Keynotes and "Latest and Greatest" Information on Cyber Trends, Initiatives, Threats & more. This event attracts upwards of 800 folks annually. Break-out...
Maryland Cybersecurity Roundtable(Hanover, Maryland, USA, May 29, 2014) U.S. Senator Barbara A. Mikulski and Governor Martin O'Malley will launch the Maryland Cybersecurity Roundtable on Thursday, May 29, at 1:30 p.m., at The Hotel at Arundel Preserve, Hanover, Md. They'll...
The Device Developers' Conference: Manchester(Manchester, England, UK, June 3, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...
Cyber Security Summit(Huntsville, Alabama, USA, June 4 - 5, 2014) The North Alabama Chapter of the Information Systems Security Association and Cyber Huntsville Corporation are hosting the 6th annual Cyber Security Summit June 4-5 in the South Hall of the Von Braun Center.
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.