skip navigation

More signal. Less noise.

Daily briefing.

More details concerning the US indictment of Chinese military personnel on charges of industrial cyber espionage emerge. The enterprises targeted (for the most part big ones) proved surprisingly vulnerable to social engineering: the principal route into their systems was phishing. The PLA hackers were also allegedly hired and tasked by Chinese government-owned companies, who thereby contracted out their own industrial espionage.

The Chinese government continues to express outrage, both in public denials of espionage and (paradoxically) tu quoque attacks on American policy: "you're hypocrites; you do it too."

The (very unequal) Russo-Ukrainian conflict gives rise to an interesting if implausible information operations campaign. Russia publishes stories (supported by photos) of US "mercenaries" conducting anti-Russian operations inside Ukraine. The US denies any such involvement, pointing out that the photos appear to be of police and National Guard working during Hurricane Katrina.

A warning has appeared in eBay sites advising users to change their passwords. It's still unclear, however, what to make of this, and how serious any breach might be (if there's actually been a breach at all).

The US Department of Homeland Security announces that an unnamed American public utility's control network has been hacked, but without disruption to its operations.

In industry news, Proofpoint buys automated incident response provider NetCitadel. Congratulations to Lunarline, Tenable, and Duo Security, all of whom receive awards.

The US Congress advances surveillance reform legislation, but privacy advocates remain dissatisfied. Congress also considers legislation designed to help the Department of Homeland Security hire cyber talent.

Notes.

Today's issue includes events affecting Bahrain, Belgium, China, France, Iran, Kuwait, Oman, Qatar, Russia, Saudi Arabia, Ukraine, United Arab Emirates, United Kingdom, United States..

Cyber Attacks, Threats, and Vulnerabilities

Chinese Hackers Show Humans Are Weakest Security Link (Bloomberg View) Some of the biggest companies in the U.S. remain vulnerable to one of the oldest hacking tricks in the book, according to yesterday's indictment of five Chinese military officials accused of stealing trade secrets

Chinese state-owned enterprises 'hired' military hacking unit (PCWorld) A U.S. criminal indictment against Chinese Army personnel over alleged hacking describes how stolen intellectual property was funneled to Chinese companies, an unresolved question for analysts

A Peek at the Chinese Army Unit Accused of Hacking U.S. Companies (Wall Street Journal) The People's Liberation Army hackers at the center of U.S. allegations of government-led Chinese cyber-theft work in a cluster of buildings that are easy to ignore among Shanghai's skyscrapers

White House accuses Russia of anti-U.S. propaganda war in Ukraine (Los Angeles Times) The Obama administration's dispute with the Kremlin over the unrest in Ukraine has turned to a new controversy: whether heavily armed men in a grainy image are trigger-happy American mercenaries in Ukraine or a police SWAT team in New Orleans after Hurricane Katrina

American Public Utility Hacked, Dept. of Homeland Security Says (Reuters via Newsweek) A sophisticated hacking group recently attacked a U.S. public utility and compromised its control system network, but there was no evidence that the utility's operations were affected, according to the Department of Homeland Security

Should you change your eBay password? (Graham Cluley) It's all very curious. A post has appeared on PayPal's community site and press website claiming that eBay is going to ask all eBay users to change their passwords

Fascinating MiniDuke backdoor hits again (Help Net Security) MiniDuke — the extremely small and highly customized Asembler-based backdoor used in the past to target mostly government entities and institutions around the world — has been spotted again, this time by ESET researchers

Pat Pilcher: Are Windows XP security threats overhyped? (New Zealand Herald) With Windows XP support now at an end, debate is raging about what this means for home and business users once XP vulnerabilities start being exploited. Curious to get an experts view, I caught up with Alastair MacGibbon

Stalking-as-a-service: Creepy Facebook urges users to pester friends about their SEX LIVES (The Register) What the Zuck? Facebook users are now encouraged to ask fellow Facebookers to reveal details about their relationships if they haven't already dished the dirt on their love lives

is.gd goes down, takes a billion shortened URLs with it (Netcraft) The popular is.gd URL shortening service has been offline for more than two days, taking with it more than a billion shortened URLs. Shortly before the site disappeared on Sunday, the homepage reported that its links have been accessed nearly 50 billion times

Facebook rape joke posted by 'hackers', Hooters insists (Naked Security) "We were hacked!" said Hooters, the emporium of beer, buxom babes and unlimited $10.99 chicken, after somebody posted a rape joke onto its Facebook page on Saturday

Cyber Trends

Privacy advocates warn of 'nightmare' scenario as tech giants consider fitness tracking (Washington Post) Fitness tracking apps and devices have gone from an early adopter novelty to a staple of many users' exercise routines during the past few years — helping users set goals and measure progress over time. Some employers even offer incentives, including insurance discounts, when workers sign up

Insider Threat survey reveals increased awareness but little action (Wall Street Journal) Despite heightened awareness of insider threats, most organizations continue to grapple with how to mitigate risks to their networks and sensitive information. According to a new report issued today by Raytheon Company (NYSE: RTN), people with access to privileged data — such as health care records, sensitive company information, intellectual property or personal records — frequently put their organization's sensitive information at risk

Half of security pros fail to secure data (Help Net Security) Research conducted at Infosecurity Europe 2014 has revealed that 50% of security professionals do not secure data on portable storage devices such as USBs and external hard drives

TECHNOLOGY: Luck not enough to avoid cyber security catastrophe (BusinessDayLive) It is March 2014 and London is under attack. The financial sector is suffering catastrophic computer failures. ATMs have stopped working. The stock exchange has put initial public offerings on hold because its computer systems are malfunctioning

The Most Important Points Missing From the Conversation About Cyberwar (Slate) Take that, Chinese hackers. This week, the Department of Justice announced the first-ever criminal charges against a foreign government for economic cyber-espionage. But the announcement speaks to a much thornier issue—one that may require a wholesale rethink of our legal framework for conflicts: Does an economic cyberattack constitute an act of aggression? Are we at the beginning of a cyber cold war?

Africa: Algeria Leads in Local, Web Threats in Africa — Kaspersky (allAfrica) Data from Kaspersky Security Network report on global IT threats, which include statistics for Africa in the first quarter of 2014, shows that Algeria was ahead in local and web threats, well ahead of Egypt and other African countries

Cyber attack costs the Gulf Arab countries $1b per year (Gulf Today) A new world war where faceless enemies are out to destroy using the internet and social media is gaining momentum. More than 18 cyber attacks take place per second globally and are costing the United States a whopping $250 billion (Dhs991 billion) a year alone

Marketplace

Government Hiring Practices Hamper Cybersecurity Efforts (InformationWeek) Federal agencies find it difficult to hire unconventional but well-qualified talent to battle cyberattacks, experts say

4 IT Security Stories to Watch: Microsoft, SAP, Alert Logic on Azure (MSPMentor) Microsoft (MSFT) and SAP (ADR) have expanded their global partnership and will create solutions designed to improve cloud and data interoperability. Alert Logic and Trend Micro (TYO) could be IT security companies to watch this week as well

Proofpoint Acquires Security Pioneer NetCitadel (TopTechNews) Proofpoint, Inc., a leading security-as-a-service provider, today announced that it has acquired Silicon Valley-based NetCitadel, a pioneer in the field of automated security incident response, for approximately $24.0 million in cash

Israel makes headway in cyber security (Financial Times) In a quiet corner of an Israeli farming village, Tanya sits at her computer and chats online with some of the most skilled hackers in cyber space. Some are just having fun; others are planning heists of credit card details or denial-of-service attacks that would cripple targeted websites

Veterans and the cybersecurity gap (FCW) An increasing number of training programs are betting on the common thread of situational awareness to link combat veterans with a wide range of cybersecurity careers

Lunarline Inc. Named One of Virginia's Fastest-Growing Businesses (MarketWatch) Lunarline Inc., a Service Disabled Veteran Owned Small Business and one of the nation's leading cyber security companies, was recently recognized as Virginia's 27th fastest-growing business during the 19th Annual Fantastic 50 Awards

Tenable Network Security Selected as a Red Herring Top 100 North America Winner (MarketWatch) Tenable Network Security®, Inc. the leader in real-time vulnerability, threat and compliance management, announced today it has been selected as a winner of Red Herring's Top 100 North America award, a prestigious list honoring the year's most promising private technology ventures from the North American business region

Duo Security's CEO Dug Song Named Innovator of the Year by Lawrence Tech & WWJ Newsradio (Broadway World) Last week, Lawrence Technological University awarded Duo Security CEO and co-founder Dug Song with the title of Innovator of the Year. Announced at a reception on May 15, Song was chosen from nearly 50 nominees for his numerous significant contributions to the information security industry

Catbird Names Holland Barry as Vice President of Technology (Digital Journal) Catbird, the leader in security policy automation and enforcement for private clouds, today announced Holland Barry as Vice President of Technology, promoting him from within the organization where he served as Solution Architect Director rather than filling the position externally

Former Microsoft, Geomagic execs join GlobalSign (Boston Business Journal) Web software security firm GlobalSign, which has its North American headquarters in Boston, said it has expanded its management team

Products, Services, and Solutions

SafeNet enhances access security to Microsoft cloud applications and services (Telecompaper) Cloud-based authentication solution easily integrates with Microsoft AD FS for uniform oversight of multi-factor authentication to all applications

Bitdefender Enhances Privacy, Security with App Lock for Android (MarketWatch) New Bitdefender Mobile Security & Antivirus adds a deeper layer of Android protection

AlgoSec Enables Security Zoning Policy Enforcement in Data Centers and Networks (MarketWatch) Latest release of the AlgoSec Suite raises the bar for automating security change implementation, provisioning 400 firewall rules in less than 10 minutes at a Fortune 50 customer environment

MobilityShield Offers Secure Reverse Proxy Alternative for Microsoft TMG to Publish Lync and SharePoint (IT Business Net) MobilityShield's Bastion reverse proxy solution enables organizations to safely publish SharePoint and Lync from mobile devices and protects against Active Directory credentials theft

Symantec tailors sharper small business security suite (IT World) Norton Small Business works on Windows, OS X and Android with limited features for iOS

Bromium and LogRhythm Team Up to Deliver Industry-Leading Security Intelligence (Bobs Guide) Integrated approach delivers in-depth security intelligence to defeat and analyze threats in real-time

Trend Micro Helps Facebook Users Fight Cyber Threats with 'HouseCall' (MarketWatch) Social media giant integrates threat defense technology to combat malicious activities while maintaining user privacy

SC Magazine Rates NIKSUN Alpine as Top Pick and Lab Approved (Broadway World) NIKSUN Inc., the world leader in real time and forensics-based cybersecurity and network monitoring solutions, is pleased to announce that NIKSUN's latest NetDetector/NetVCR Alpine has been awarded 5-stars by SC Magazine's Forensics Product Review, calling the Alpine offering "an analyst's dream" because of its intelligent ability to monitor traffic while also identifying anomalous traffic

Anonymous Search Engine DuckDuckGo Adds Images, Recipes, Places (NBC News) DuckDuckGo, the best anonymous alternative to the likes of Google and Bing, has just taken the wraps off some serious improvements. The search engine now matches your query to images, places, recipes and lots more

Technologies, Techniques, and Standards

Cyber Solutions Handbook: Making Sense of Standards and Frameworks (Booz Allen Hamilton) The strength of an organization's cybersecurity program is now a market differentiator, and cybersecurity is a key business enabler. Today, chief information security officers (CISO) and their equivalents are facing increased responsibility amid a series of quickly evolving

Cybersecurity's Maginot Line: A Real-world Assessment of the Defense-in-Depth Model (FireEye) This first-of-its-kind study examines data from more than 1,600 FireEye network and email appliances in real-world settings. The FireEye devices were part of more than 1,200 "proof-of-value" trials in actual deployments, where they sat behind other defensive layers but were not set to block malicious activity. That unique vantage point revealed a deeply flawed defense-in-depth model

How to use the Metasploit Framework to test for new vulnerabilities (TechTarget) Shortly following the confirmation of a new exploit, I often see that it is quickly added to the Metasploit Framework. What does that mean? Is it a sign that an exploit is particularly dangerous or just very common?

Design and Innovation

Bell Labs offers $100,000 prize for game-changing information technology (NetworkWorld) Bell is looking for innovative web applications, cloud services, cryptography, network mathematics, security to software-defined networks, wireless systems and coding theory

Research and Development

Researchers Crack Impregnable Encryption Algorithm in Two Hours (Laboratory Equipment) A protocol based on "discrete logarithms," deemed as one of the candidates for the Internet's future security systems, was decrypted by EPFL researchers. Allegedly tamper-proof, it could only stand up to the school machines' decryption attempts for two hours

UK and Israel join together for cyber security research (CSO) £1.2 million off joint funding for cyber research made available

Academia

Schools adding computer coding to curriculum (Boston Herald) Students as young as kindergartners are learning computer programming as Massachusetts schools join a growing national movement to prepare students for 21st-century jobs

Legislation, Policy, and Regulation

China vents outrage over U.S. cyberspying indictment (Washington Post) Outraged by U.S. cyberspying charges against members of a secretive Chinese military unit, China summoned the U.S. ambassador in Beijing for a dressing down, state media said Tuesday, and the Defense Ministry blasted the U.S. accusations as hypocritical

Michael Chertoff: China's Strategic Campaign To Steal Western Commercial Secrets (TIME) The indictment lays down an important marker that strategic intellectual property theft will be treated as a serious breach

Bill would give DHS special hiring authority for cyber professionals (Federal Times) The Department of Homeland Security would be given authority to pay cybersecurity professionals more and to hire them faster under legislation introduced May 20 by Sen. Tom Carper, D-Del

OVERNIGHT TECH: Lawmakers: Revised NSA bill best 'we're going to get' (The Hill) THE LEDE: Lawmakers on both sides of the surveillance debate say that privacy advocates' exodus from a key bill to rein in the country's intelligence agencies is not likely to halt momentum for the legislation

NSA spying: Rep. Justin Amash renews effort to gut controversial surveillance tactics (mlive) U.S. Rep. Justin Amash's latest bid to undermine the government's domestic spying programs became apparent this week after warning to amend the annual defense authorization bill

FBI mulls making marijuana users into crack computer security squad (Naked Security) Job satisfaction, according to some, is the key to a successful career. And what could be more satisfying than smoking pot in the toilets at FBI headquarters?

Op-Ed: In (and out) of the wilderness of secrets (Ottawa Citizen) The slow drip of revelations from former National Security Agency contractor Edward Snowden continues. Most of these revelations, of course, concern U.S. spy operations. They have already forced a fundamental rethinking of the legitimacy, lawfulness and purpose of the U.S.'s enormous capacity to conduct global surveillance

Litigation, Investigation, and Law Enforcement

Colombia's Santos blasts election rival for "criminal campaign" (Fox News Latino) Colombian President Juan Manuel Santos on Monday denounced his main challenger in the May 25 election for running a "criminal campaign," as evidenced by a video showing candidate Oscar Ivan Zuluaga meeting with a man recently arrested for cyber-espionage targeting the government

Sailor Who Led Hacker Ring From Aircraft Carrier Pleads Guilty (ABC News) A former Navy sailor pleaded guilty today to charges related to leading a hacking ring while serving aboard an American aircraft carrier

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

CEIC 2014 (Las Vegas, Nevada, USA, May 19 - 22, 2014) It's no exaggeration to say that CEIC is the biggest digital-investigations conference of its kind and the only one to offer hands-on lab sessions and training for practical skills development. From sessions...

Mobile Network Security in Europe (London, England, UK, May 21, 2014) Following on from two successful events in the United States, this first Light Reading conference on Mobile Network Security in Europe will again focus on the key role of the network in safeguarding the...

Positive Hack Days (, January 1, 1970) Positive Hack Days is the international venue for the unification of progressive forces of the IT industry. It is about innovators interested in information security problems; it is fresh blood and bright...

Georgetown Law: Cybersecurity Law Institute (, January 1, 1970) A day does not go by where cybersecurity is not in the news. In fact, according to a recent national survey conducted by FTI Consulting, cybersecurity is the number one issue on the minds of general counsels...

NSA Mobile Technology Forum (MTF) 2014 (, January 1, 1970) The Mobile Technologies Forum is an annual event that attracts SIGINT, Information Assurance, HUMINT, Federal Law Enforcement, Counterintelligence and Government personnel from the United States, Australia,...

CyberMontgomery Forum: Center of Gravity (Rockville, Maryland, USA, May 22, 2014) Cybersecurity will be a major growth engine in the region for many years to come. With solid federal government, industry and academic assets already in place in the region, there is still a need to bring...

Cyber Risk Summit (Washington, DC, USA, May 22, 2014) This one-day leadership conference will provide a discussion forum for business executives, insurance companies and policymakers on more effective private and public responses to cyber risk management.

The Device Developers' Conference: Cambridge (Cambridge, England, UK, May 22, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...

Fort Meade Technology Expo (, January 1, 1970) The Ft. Meade Technology Expo is a one-day event held at the Officers' Club (Club Meade) on base. Industry vendors will have the unique opportunity to showcase their products and services to personnel...

3 Day Startup (San Antonio, Texas, USA, May 23 - 25, 2014) The nation faces tremendous challenges to our online security. Turn innovative ideas into startups that protect our information and our livelihood. 3 Day Startup is an entrepreneurship program designed...

CANSEC (, January 1, 1970) CANSEC is Canada's foremost defence tradeshow. A two-day event, CANSEC will feature 120,000 square feet of indoor exhibits by Canada's leading edge defence companies, as well as an outdoor static display.

Hack in The Box Security Conference (HITBSecConf) Amsterdam (, January 1, 1970) HITBSecConf Amsterdam is a gathering of network security professionals and enthusiasts who come from all corners of the globe to discuss the next generation of attacks and defense techniques. This is not...

Area41 (, January 1, 1970) Area41 is an international security technology and research conference offering both trainings/workshops and traditional presentation tracks.

The Device Developers' Conference: Manchester (Manchester, England, UK, June 3, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...

NSA SIGINT Development Conference 2014 (, January 1, 1970) This classified conference will focus on the preeminent intelligence issues facing those who are tasked with SIGINT as part of their mission. Over 1500 participants from the US intelligence community and...

The Device Developers' Conference: Scotland (Uphall, Scotland, UK, June 5, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...

The 2014 Cyber Security Summit (DC Metro) (Tysons Corner, Virginia, USA, June 5, 2014) The Cyber Security Summit, an exclusive conference series sponsored by The Wall Street Journal, has announced their inaugural DC Metro event. The event will connect C-Level & Senior Executives responsible...

MIT Technology Review Digital Summit (, January 1, 1970) The MIT Technology Review Digital Summit examines tomorrow's digital technologies and explains their global impact on both business and society. You'll get insider access to the innovative people and companies...

Cyber 5.0 Conference (Laurel, Maryland, USA, June 10, 2014) The mission of the Cyber Conference is to provide a forum for small and mid-sized businesses in Howard County and the region to access industry and government leaders with current information on cybersecurity...

Global Summit on Computer and Information Technology (, January 1, 1970) The summit is hosting multiple conferences in different areas of Computer & Information Technology. CIT is a major platform for researchers and industry practitioners from different fields of computer...

NRC Cyber Security Seminar/ISSO Security Workshop (Bethesda, Maryland, USA, June 16, 2014) NRC will be hosting its second NRC Semi-Annual All-Hands ISSO Workshop. This workshop will consist of computer security policy, standards, cybersecurity, guidance, FISMA compliance, and training updates.

2014 Spring National SBIR Conference (Washington, DC, USA, June 16 - 18, 2013) SBIR/STTR programs are the nation's largest source of early stage / high risk R&D funding for small business. At this conference you'll learn how to participate and compete for funding in these two programs...

18th Annual Colloquium for Information Systems Security Education (, January 1, 1970) The Colloquium recognizes that the protection of information and infrastructures that are used to create, store, process, and communicate information is vital to business continuity and security. The Colloquium's...

MeriTalk's Cyber Security Brainstorm (Washington, DC, USA, June 18, 2014) This second annual event will take place on Wednesday, June 18 2014 at the Newseum in Washington D.C. The event will bring together Federal cyber security experts to share best practices, collaborate on...

Suits and Spooks New York (, January 1, 1970) Not another hacker conference. Suits and Spooks is a unique gathering of experts, executives, operators, and policymakers who discuss hard challenges in a private setting over two days. Suits and Spooks...

SANSFIRE (Baltimore, Maryland, USA, June 21 - 30, 2014) For more than 10 years, the Internet Storm Center has been providing free analysis and warning to our community. SANSFIRE 2014 is not just another training event. It is our annual "ISC Powered" event.

26th Annual FIRST Conference (Boston, Massachusetts, USA, June 22 - 27, 2014) The Forum of Incident Response and Security Teams (FIRST) is a global non-profit organization dedicated to bringing together computer security incident response teams (CSIRTs) and includes response teams...

Gartner Security & Risk Management Summit 2014 (National Harbor, Maryland, US, June 23 - 26, 2014) The Gartner Security & Risk Management Summit is the only time when the entire Gartner analyst and security and risk management community come together in one location to bring the latest research, insights...

United Nations Interregional Crime and Justice Research Institute Cyber Threats Workshop (Turin, Italy, June 27 - 29, 2014) The United Nations Interregional Crime and Justice Research Institute (UNICRI) is organizing a series of workshops and short courses within the framework of the UNICRI Journalism and Public Information...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.