We hear much about the importance of information sharing, and two stories today illustrate the challenges that surround it. First, ICS-CERT releases more information on the recent attack on a US public utility's industrial control systems. The affected systems were apparently exposed to the Internet with inadequate firewalling. Utilities have so far enjoyed the sort of immunity vintage equipment can confer upon an operation—much of its plant dates to pre-Internet days—but immunity-through-obsolescence (questionably desirable anyway) is temporary.
Second, eBay confirms that it has suffered a data breach (and some journalists question the effectiveness of the company's disclosure of the breach to its customers). The compromised database held customers' names, encrypted passwords, email addresses, physical addresses, phone numbers, and dates of birth.
Anonymous may have been involved in another happy fizzle: reports suggest the hacktivist collective tried and failed to conduct a denial-of-service attack against the .mil domain.
The Sino-American cyber espionage squabble continues to Chinese outrage as US prosecutors hang tough. Observers find it significant that the indictment is directed against specific natural persons, not a unit of the PLA—what former FBI Director Mueller calls "the warm bodies behind the keyboards." The tu quoque issue China raises, however, appears to have legs, as journalists revisit alleged US spying on Brazil's Petrobras.
In industry news, Cisco is buying ThreatGRID to complement last year's acquisition of Sourcefire.
US surveillance reforms advance through Congress to tepid industry reviews.
Weev, for some reason, thinks he deserves compensation for time in prison.
Today's issue includes events affecting Australia, Brazil, Canada, China, Nigeria, South Africa, United Kingdom, United States..
Dateline Georgetown University Cybersecurity Law Institute
Internet AccessIble Control Systems at Risk(ICS-CERT Monitor) Is your control system accessible directly from the Internet? Do you use remote access features to log into your control system network? Are you unsure of the security measures that protect your remote access services? If your answer was yes to any or all these questions, you are at increased risk of cyber attacks including scanning, probes, brute force attempts and unauthorized access to your control environment
U.S. utility's control system was hacked, says Homeland Security(Reuters via the Baltimore Sun) A sophisticated hacking group recently attacked a U.S. public utility and compromised its control system network, but there was no evidence that the utility's operations were affected, according to the Department of Homeland Security
Experts Say U.S. Industry Complacent About Cyber Risks(Claims Journal) After warning for years that the U.S. electric grid and other critical infrastructure are dangerously vulnerable to hacking, security experts fear it may take a major destructive attack to jolt CEOs out of their complacency
Target Earnings Show Pain of Data Breach Is Far From Over(Bloomberg BusinessWeek) The only winners in the ongoing Target crisis are future business school students, who will be studying it for years. And perhaps the would-be chief executive officer, who will find a lot of room for improvement
Three Steps to Data Security(CFO) Legal bills, compliance fines, fees for forensic investigators — data breaches are expensive. Here's how your company can avoid being a victim
Anonymous attempts attack on US .mil domain(SC Magazine via ITNews) Unknown hacktivists attempted to disrupt the operation of United States armed forces webservers yesterday by launching what is thought to be a denial of service attack against hosts in the .mil top-level domain
Security concerns restrain mobile banking(Financier Worldwide) Consumer fears surrounding security have dampened interest in the mobile technology services of financial institutions worldwide. These are the findings of Deloitte's new report, Mobile Financial Services: Raising the Bar on Customer Engagement, based on survey data from Andrews Research Associates
AVG expose SME internet of things fears(Microscope) SMEs are in the dark about the latest industry buzz phase the Internet of Things (IoT) and as a result are leaving themselves unsecured as more parts of their business connects to the web
Cyber criminals target "vulnerable" applications(Banking Technology) Security breaches at major institutions in financial services, healthcare and other industries are going undetected for months at a time and are often caused by basic errors of security, such as weak passwords, vulnerable applications and a lack of interest in security, according to a new report by cybercrime specialist company Trustwave
Cybercrime attack targets, victims, motivations and methods(Help Net Security) Trustwave experts gathered the data from 691 breach investigations (a 54 percent increase from 2012) across 24 countries in addition to proprietary threat intelligence gleaned from the company's five global security operations centers, telemetry from security technologies and ongoing threat research
China snubs Microsoft for ending XP security(SC Magazine) Microsoft has paid a high price for stopping security support on Windows XP - the Chinese government has decided not to buy Windows 8 for fear that product too will be left insecure
Are Cloud Providers Facing A Backlash Over Continued NSA Revelations?(CloudTweaks) Edward Snowden, the NSA, Heartbleed — it seems every technology story at the moment is in some way linked to these topics. Whether or not you believe that the NSA was directly involved in the Heartbleed security flaw, it is apparent that cloud customers around the world have been rattled by the disclosure of mass government surveillance and security leaks
Malcovery Security Selected as a 2014 Red Herring Top 100 North America Winner(IT Business Net) Malcovery Security announced today it has been selected as a 2014 Red Herring Top 100 North America winner, a prestigious list honoring the years most promising private technology ventures from North America. Red Herring annually recognizes leading private companies from the Americas, celebrating these startups innovations and technologies across their respective industries
Chinese government shuns Windows 8 - security, economy or politics?(Naked Security) China is banning the use of Windows 8 in government departments, with an announcement from the country's Central Government Procurement Center nicely timed to add to the sizzling diplomatic row between China and the US, the "mincing rascal" which has had the temerity to accuse Chinese military officers of involvement in industrial espionage
Cyber Squared Inc. Announces Launch of ThreatConnect European Community(Broadway World) Cyber Squared Inc. announced today that ThreatConnect, the leading threat intelligence platform, has launched a European Community of Interest. The private industry community will bridge together public organizations and private corporations across Europe to share threat intelligence data and collaborate within a secure environment
China and US up the ante in spy spat(FierceBigData) The U.S. has seriously engaged in ending foreign cyber-espionage. China doesn't like that change in focus and appears to be engaged in tit-for-tat product banning and indictment tactics. Here is the score in that battle
Fine Line Seen in U.S. Spying on Companies(New York Times) The National Security Agency has never said what it was seeking when it invaded the computers of Petrobras, Brazil's huge national oil company, but angry Brazilians have guesses: the company's troves of data on Brazil's offshore oil reserves, or perhaps its plans for allocating licenses for exploration to foreign companies
Facebook, Google Balk at Loophole in Bill to Rein in NSA(Bloomberg) A group of technology companies, including Facebook Inc. (FB), Google Inc. (GOOG) and Apple Inc. (AAPL), said the bill U.S. lawmakers plan to vote on today to limit National Security Agency spying doesn't go far enough
Honey, I Shrunk the NSA(Wall Street Journal) The House reforms will hurt national security, though much less than Snowden wants
A Plurality Of Americans Say Cyber Attack From China Is Act Of War(People's Pundit Daily) In the first-ever move of its kind, the U.S. indicted five Chinese military hackers Monday and charged them with stealing intellectual property rights and other trade secrets. According to a new poll, a plurality of Americans say a cyber attack on the United States by another country is an act of war, though slightly fewer American voters says so now than in the past
Rosenzweig: Crackdown on China spies overdue(Boston Herald) The Justice Department announced Monday that it had indicted five members of the Chinese People's Liberation Army on charges of cybertheft. According to the indictment, the five hackers systematically stole business secrets from American corporations — household names like Westinghouse, Alcoa, and U.S. Steel
Blackshades: The script kiddies lament(CSO) News broke this week that a massive global raid had taken place over two days which comprised of 359 coordinated searches in 16 countries and there were apparently 80+ arrests as a result. Why? Well apparently all of the aforementioned targets had a copy of the Blackshades remote access trojan or RAT
Behind Blackshades: a closer look at the latest FBI cyber crime arrests(WeLiveSecurity) The FBI made big headlines yesterday with its announcement of a high profile malware takedown related to a RAT called Blackshades (of which more in a moment). Hopefully this move, involving 97 arrests in 16 countries, will discourage the use of spyware by criminals. RAT stands for remote access tool and Blackshades is not unlike the DarkComet RAT that I wrote about in 2012
Cyber fraud: 10 arrested in SA(ioL Scitech) Sixteen people from several US states and other countries have been arrested on charges that they took part in a fraud scheme that used stolen information to get money and goods and then ship them to South Africa and Nigeria, according to documents unsealed in federal court on Tuesday
SA, US agencies crack financial fraud scam(South Africa Info) South African and United States law enforcement agents arrested 11 people in Pretoria on Tuesday on charges related to an international financial fraud scam involving cyber crime and fraudulent mass marketing schemes
AT&T hacker wants US govt to pay for the time he spent in prison(Help Net Security) In an open letter addressed to members of the New Jersey District Court, FBI, and DOJ, Andrew "weev" Auernheimer is seeking monetary restitution for the time he was confined to the jurisdiction of the New Jersey District Court and he spent in federal prison after being convicted for publishing a list of emails and AT&T authentication IDs of early iPad adopters
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
CEIC 2014(Las Vegas, Nevada, USA, May 19 - 22, 2014) It's no exaggeration to say that CEIC is the biggest digital-investigations conference of its kind and the only one to offer hands-on lab sessions and training for practical skills development. From sessions...
Mobile Network Security in Europe(London, England, UK, May 21, 2014) Following on from two successful events in the United States, this first Light Reading conference on Mobile Network Security in Europe will again focus on the key role of the network in safeguarding the...
Positive Hack Days(, January 1, 1970) Positive Hack Days is the international venue for the unification of progressive forces of the IT industry. It is about innovators interested in information security problems; it is fresh blood and bright...
Georgetown Law: Cybersecurity Law Institute(, January 1, 1970) A day does not go by where cybersecurity is not in the news. In fact, according to a recent national survey conducted by FTI Consulting, cybersecurity is the number one issue on the minds of general counsels...
NSA Mobile Technology Forum (MTF) 2014(, January 1, 1970) The Mobile Technologies Forum is an annual event that attracts SIGINT, Information Assurance, HUMINT, Federal Law Enforcement, Counterintelligence and Government personnel from the United States, Australia,...
CyberMontgomery Forum: Center of Gravity(Rockville, Maryland, USA, May 22, 2014) Cybersecurity will be a major growth engine in the region for many years to come. With solid federal government, industry and academic assets already in place in the region, there is still a need to bring...
Cyber Risk Summit(Washington, DC, USA, May 22, 2014) This one-day leadership conference will provide a discussion forum for business executives, insurance companies and policymakers on more effective private and public responses to cyber risk management.
The Device Developers' Conference: Cambridge(Cambridge, England, UK, May 22, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...
Fort Meade Technology Expo(, January 1, 1970) The Ft. Meade Technology Expo is a one-day event held at the Officers' Club (Club Meade) on base. Industry vendors will have the unique opportunity to showcase their products and services to personnel...
3 Day Startup(San Antonio, Texas, USA, May 23 - 25, 2014) The nation faces tremendous challenges to our online security. Turn innovative ideas into startups that protect our information and our livelihood. 3 Day Startup is an entrepreneurship program designed...
CANSEC(, January 1, 1970) CANSEC is Canada's foremost defence tradeshow. A two-day event, CANSEC will feature 120,000 square feet of indoor exhibits by Canada's leading edge defence companies, as well as an outdoor static display.
Area41(, January 1, 1970) Area41 is an international security technology and research conference offering both trainings/workshops and traditional presentation tracks.
The Device Developers' Conference: Manchester(Manchester, England, UK, June 3, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...
NSA SIGINT Development Conference 2014(, January 1, 1970) This classified conference will focus on the preeminent intelligence issues facing those who are tasked with SIGINT as part of their mission. Over 1500 participants from the US intelligence community and...
The Device Developers' Conference: Scotland(Uphall, Scotland, UK, June 5, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...
The 2014 Cyber Security Summit (DC Metro)(Tysons Corner, Virginia, USA, June 5, 2014) The Cyber Security Summit, an exclusive conference series sponsored by The Wall Street Journal, has announced their inaugural DC Metro event. The event will connect C-Level & Senior Executives responsible...
MIT Technology Review Digital Summit(, January 1, 1970) The MIT Technology Review Digital Summit examines tomorrow's digital technologies and explains their global impact on both business and society. You'll get insider access to the innovative people and companies...
Cyber 5.0 Conference(Laurel, Maryland, USA, June 10, 2014) The mission of the Cyber Conference is to provide a forum for small and mid-sized businesses in Howard County and the region to access industry and government leaders with current information on cybersecurity...
Global Summit on Computer and Information Technology(, January 1, 1970) The summit is hosting multiple conferences in different areas of Computer & Information Technology. CIT is a major platform for researchers and industry practitioners from different fields of computer...
NRC Cyber Security Seminar/ISSO Security Workshop(Bethesda, Maryland, USA, June 16, 2014) NRC will be hosting its second NRC Semi-Annual All-Hands ISSO Workshop. This workshop will consist of computer security policy, standards, cybersecurity, guidance, FISMA compliance, and training updates.
2014 Spring National SBIR Conference(Washington, DC, USA, June 16 - 18, 2013) SBIR/STTR programs are the nation's largest source of early stage / high risk R&D funding for small business. At this conference you'll learn how to participate and compete for funding in these two programs...
MeriTalk's Cyber Security Brainstorm(Washington, DC, USA, June 18, 2014) This second annual event will take place on Wednesday, June 18 2014 at the Newseum in Washington D.C. The event will bring together Federal cyber security experts to share best practices, collaborate on...
Suits and Spooks New York(, January 1, 1970) Not another hacker conference. Suits and Spooks is a unique gathering of experts, executives, operators, and policymakers who discuss hard challenges in a private setting over two days. Suits and Spooks...
SANSFIRE(Baltimore, Maryland, USA, June 21 - 30, 2014) For more than 10 years, the Internet Storm Center has been providing free analysis and warning to our community. SANSFIRE 2014 is not just another training event. It is our annual "ISC Powered" event.
26th Annual FIRST Conference(Boston, Massachusetts, USA, June 22 - 27, 2014) The Forum of Incident Response and Security Teams (FIRST) is a global non-profit organization dedicated to bringing together computer security incident response teams (CSIRTs) and includes response teams...
Gartner Security & Risk Management Summit 2014(National Harbor, Maryland, US, June 23 - 26, 2014) The Gartner Security & Risk Management Summit is the only time when the entire Gartner analyst and security and risk management community come together in one location to bring the latest research, insights...
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.