skip navigation

More signal. Less noise.

Daily briefing.

We hear much about the importance of information sharing, and two stories today illustrate the challenges that surround it. First, ICS-CERT releases more information on the recent attack on a US public utility's industrial control systems. The affected systems were apparently exposed to the Internet with inadequate firewalling. Utilities have so far enjoyed the sort of immunity vintage equipment can confer upon an operation—much of its plant dates to pre-Internet days—but immunity-through-obsolescence (questionably desirable anyway) is temporary.

Second, eBay confirms that it has suffered a data breach (and some journalists question the effectiveness of the company's disclosure of the breach to its customers). The compromised database held customers' names, encrypted passwords, email addresses, physical addresses, phone numbers, and dates of birth.

Anonymous may have been involved in another happy fizzle: reports suggest the hacktivist collective tried and failed to conduct a denial-of-service attack against the .mil domain.

The Sino-American cyber espionage squabble continues to Chinese outrage as US prosecutors hang tough. Observers find it significant that the indictment is directed against specific natural persons, not a unit of the PLA—what former FBI Director Mueller calls "the warm bodies behind the keyboards." The tu quoque issue China raises, however, appears to have legs, as journalists revisit alleged US spying on Brazil's Petrobras.

In industry news, Cisco is buying ThreatGRID to complement last year's acquisition of Sourcefire.

US surveillance reforms advance through Congress to tepid industry reviews.

Weev, for some reason, thinks he deserves compensation for time in prison.

Notes.

Today's issue includes events affecting Australia, Brazil, Canada, China, Nigeria, South Africa, United Kingdom, United States..

Dateline Georgetown University Cybersecurity Law Institute

Georgetown Cybersecurity Law Institute Course Materials (Georgetown University Law Center) Some sessions from this program will be available via live webcast

Compliance teams focus on third-party relationships (FierceCFO) Almost half of compliance executives say they're boosting oversight of third parties

Internet AccessIble Control Systems at Risk (ICS-CERT Monitor) Is your control system accessible directly from the Internet? Do you use remote access features to log into your control system network? Are you unsure of the security measures that protect your remote access services? If your answer was yes to any or all these questions, you are at increased risk of cyber attacks including scanning, probes, brute force attempts and unauthorized access to your control environment

Yikes, ICS-CERT reminds public utilities about dangers of remote access without firewall (NetworkWorld) Yikes! ICS-CERT is still reminding public utilities and other industrial control and critical infrastructure system operators about the dangers of having no firewall and allowing remote access for Internet-facing devices

U.S. utility's control system was hacked, says Homeland Security (Reuters via the Baltimore Sun) A sophisticated hacking group recently attacked a U.S. public utility and compromised its control system network, but there was no evidence that the utility's operations were affected, according to the Department of Homeland Security

The electric industry still doesn't understand what sophisticated attackers are after (Control) Stuxnet and Aurora utilized design features of the system or controllers to attack physical systems. Stuxnet and Aurora are not traditional network vulnerabilities and cannot be found or mitigated by using traditional IT security techniques

Experts Say U.S. Industry Complacent About Cyber Risks (Claims Journal) After warning for years that the U.S. electric grid and other critical infrastructure are dangerously vulnerable to hacking, security experts fear it may take a major destructive attack to jolt CEOs out of their complacency

Most compliance officers play little role in cyber security (Help Net Security) Seventy-five percent of compliance officers are not involved in managing cyber security risk according to a report from Kroll and Compliance Week

Raytheon's Mike Crouse: All Org Stakeholders Have Role to Play in Data Protection (Executive Biz) All components of an organization have a role to play in helping prevent security breaches by employees whether by accident or with intent, according to Mike Crouse, director of insider threat strategies at Raytheon

Target Earnings Show Pain of Data Breach Is Far From Over (Bloomberg BusinessWeek) The only winners in the ongoing Target crisis are future business school students, who will be studying it for years. And perhaps the would-be chief executive officer, who will find a lot of room for improvement

Three Steps to Data Security (CFO) Legal bills, compliance fines, fees for forensic investigators — data breaches are expensive. Here's how your company can avoid being a victim

Cyber Attacks, Threats, and Vulnerabilities

How much damage has Chinese hacking done to the US government? (Federal News Radio) A government report indicates more than 40 Pentagon weapons programs and nearly 30 other defense technologies have been compromised by cyber intrusions from China

Anonymous attempts attack on US .mil domain (SC Magazine via ITNews) Unknown hacktivists attempted to disrupt the operation of United States armed forces webservers yesterday by launching what is thought to be a denial of service attack against hosts in the .mil top-level domain

eBay password database hacked, users asked to change passwords (Ars Technica) "Encrypted passwords and non-financial data" stolen by cyberattackers

eBay Password Hack Proves the Danger of the Human Factor (Graham Cluley) You can't fail to have missed the news today that eBay has suffered a serious security breach, meaning that personal information about users has fallen into the hands of hacker

AVG on Heartbleed: It's dangerous to go alone. Take this (an AVG tool) (The Register) Thousands of websites still spilling their crypto blood on carpets everywhere

Some industrial systems still vulnerable to Heartbleed (Help Net Security) The danger from Heartbleed has passed for most Internet users, but operators of Industrial Control Systems (ICS) are not that lucky

Vupen Discloses Details of Patched Firefox Pwn2own Zero-Day (Threatpost) Contestants at this year's Pwn2Own contest made no bones about it: they were going after browsers and as it turned out, Firefox had the biggest target on its back

eBay becomes the latest online giant to own up to a password breach (Naked Security) Do you buy and sell stuff online?

Cyber Trends

Smart or stupid: will our cities of the future be easier to hack? (Guardian) As more and more machines are entrusted with managing city infrastructure systems, the prospect of disruption — and worse — through cyber terrorism appears ever more real

Security concerns restrain mobile banking (Financier Worldwide) Consumer fears surrounding security have dampened interest in the mobile technology services of financial institutions worldwide. These are the findings of Deloitte's new report, Mobile Financial Services: Raising the Bar on Customer Engagement, based on survey data from Andrews Research Associates

When it comes to banking cyber crime, size sometimes matters (Albany Business Review) When it comes to cyber crime the size of the financial institution doesn't matter to attackers

Security's future belongs to open source (ZDNet) It's really not a debate question, it's just the way it is. The world runs on Linux and open-source software

The Cyber Marine and Information Assurance (American News Report) The term "cyber security" has become part of our lexicon

AVG expose SME internet of things fears (Microscope) SMEs are in the dark about the latest industry buzz phase the Internet of Things (IoT) and as a result are leaving themselves unsecured as more parts of their business connects to the web

Company and employee disconnect on BYOD security policies (Help Net Security) Many employees do not take adequate steps to protect company information, a weakness that could result in critical security breakdowns, according to Webroot

Cyber criminals target "vulnerable" applications (Banking Technology) Security breaches at major institutions in financial services, healthcare and other industries are going undetected for months at a time and are often caused by basic errors of security, such as weak passwords, vulnerable applications and a lack of interest in security, according to a new report by cybercrime specialist company Trustwave

Cybercrime attack targets, victims, motivations and methods (Help Net Security) Trustwave experts gathered the data from 691 breach investigations (a 54 percent increase from 2012) across 24 countries in addition to proprietary threat intelligence gleaned from the company's five global security operations centers, telemetry from security technologies and ongoing threat research

Marketplace

China snubs Microsoft for ending XP security (SC Magazine) Microsoft has paid a high price for stopping security support on Windows XP - the Chinese government has decided not to buy Windows 8 for fear that product too will be left insecure

Are Cloud Providers Facing A Backlash Over Continued NSA Revelations? (CloudTweaks) Edward Snowden, the NSA, Heartbleed — it seems every technology story at the moment is in some way linked to these topics. Whether or not you believe that the NSA was directly involved in the Heartbleed security flaw, it is apparent that cloud customers around the world have been rattled by the disclosure of mass government surveillance and security leaks

Cisco to acquire malware prevention company (NetworkWorld) ThreatGRID will enhance products obtained from last year's Sourcefire acquisition

Blue Coat, KITRI Collaborate To Boost Internet Security in Korea (Business Korea) Blue Coat Korea and the Korea Information Technology Research Institute (KITRI) announced that they are going to work together on security research on May 20

DigiCert Selected as a Red Herring Top 100 North America Winner (MarketWatch) Annual list honors North America's fast-growing, successful private technology companies

Malcovery Security Selected as a 2014 Red Herring Top 100 North America Winner (IT Business Net) Malcovery Security announced today it has been selected as a 2014 Red Herring Top 100 North America winner, a prestigious list honoring the years most promising private technology ventures from North America. Red Herring annually recognizes leading private companies from the Americas, celebrating these startups innovations and technologies across their respective industries

Judd joins LastLine as he calls time on distie venture (CRN) Heatherside to be dissolved as Paul Judd accepts role at one of its former vendor partners

Chinese government shuns Windows 8 - security, economy or politics? (Naked Security) China is banning the use of Windows 8 in government departments, with an announcement from the country's Central Government Procurement Center nicely timed to add to the sizzling diplomatic row between China and the US, the "mincing rascal" which has had the temerity to accuse Chinese military officers of involvement in industrial espionage

Products, Services, and Solutions

Watchful Software Releases Rightswatch for Individuals Bringing Enterprise-Class Information Protection to the Mass Market (Ticker Report) Watchful Software, a leading provider of data-centric information security solutions, announced today it has released RightsWATCH for Individuals, an entry version of its award winning data-centric information security solution. RightsWATCH for Individuals requires no server-side installation or management, and allows anyone to have sensitive information classified, marked, and even protected with access control rights immediately upon download and installation

Cyber Squared Inc. Announces Launch of ThreatConnect European Community (Broadway World) Cyber Squared Inc. announced today that ThreatConnect, the leading threat intelligence platform, has launched a European Community of Interest. The private industry community will bridge together public organizations and private corporations across Europe to share threat intelligence data and collaborate within a secure environment

IBM adds Java lockdown to Trusteer Apex (ZDNet) IBM said the feature is unique to Trusteer, its endpoint protection software that guards against advanced malware attacks

Cloud Front Group and Hexis Cyber Solutions Announce a Strategic Partnership to Bring Active Defense to Cyber Solutions (Digital Journal) The Cloud Front Group today announced a strategic partnership with KEYW Holding Corporation and its subsidiary Hexis Cyber Solutions, Inc. (Hexis) to bring the next-generation threat investigation and removal solution, the HawkEye G, to Cloud Front Group's portfolio of emerging technologies to aid the federal government community

Facebook introduces Bullying Prevention Centre for UK, Europe (Naked Security) Facebook safety "Report" is a word that kids just don't like

Technologies, Techniques, and Standards

How to protect your company from an eBay-like breach (CSO) Experts recommend a number of defensive tactics ranging from employee education to monitoring of credential use on the network

Why companies should seek help in malware detection (CSO) Companies have shortened the amount of time between malware infection and discovery, but too few organizations detect the breach on their own, a security report found

Academia

Code-writing clicks as kids get creative (Seattle Times) Beginner-friendly computer programming languages are making it easier for children and teens who are eager to try coding

Legislation, Policy, and Regulation

China and US up the ante in spy spat (FierceBigData) The U.S. has seriously engaged in ending foreign cyber-espionage. China doesn't like that change in focus and appears to be engaged in tit-for-tat product banning and indictment tactics. Here is the score in that battle

Chinese Newspaper Calls U.S. 'Mincing Rascal' for Hacker Claim (Bloomberg) U.S. allegations of hacking by Chinese military officers are "ridiculous," and victims of U.S. computer attacks should sue Washington, the state-run Global Times newspaper said in an editorial today

Fine Line Seen in U.S. Spying on Companies (New York Times) The National Security Agency has never said what it was seeking when it invaded the computers of Petrobras, Brazil's huge national oil company, but angry Brazilians have guesses: the company's troves of data on Brazil's offshore oil reserves, or perhaps its plans for allocating licenses for exploration to foreign companies

Obama backs new surveillance legislation, but tech companies reject (PCWorld) A tech industry group that has Facebook and Google as participants has rejected the latest draft of a U.S. legislation that aims to put curbs on surveillance by the National Security Agency

Facebook, Google Balk at Loophole in Bill to Rein in NSA (Bloomberg) A group of technology companies, including Facebook Inc. (FB), Google Inc. (GOOG) and Apple Inc. (AAPL), said the bill U.S. lawmakers plan to vote on today to limit National Security Agency spying doesn't go far enough

Honey, I Shrunk the NSA (Wall Street Journal) The House reforms will hurt national security, though much less than Snowden wants

National security journalists say it's only getting harder to report on intelligence agencies (Columbia Journalism Review) Anti-Leaks directives formalize post-Snowden secrecy

A Plurality Of Americans Say Cyber Attack From China Is Act Of War (People's Pundit Daily) In the first-ever move of its kind, the U.S. indicted five Chinese military hackers Monday and charged them with stealing intellectual property rights and other trade secrets. According to a new poll, a plurality of Americans say a cyber attack on the United States by another country is an act of war, though slightly fewer American voters says so now than in the past

Litigation, Investigation, and Law Enforcement

Q&A: China cyber espionage charges provide 'missing part of the puzzle,' says former DOJ litigator (FierceGovernmentIT) The Justice Department for the first time has charged employees of a foreign government with economic espionage. It brought charges May 19 against several individuals in China's People's Liberation Army for stealing trade secrets from American companies

Corporations hacked by Chinese didn't tell investors about data theft (Pittsburgh Business Times) United States Steel Corp., Alcoa Inc. and Allegheny Technologies Inc., identified Monday as victims of Chinese military cyber hackers, didn't report the data theft to investors

Rosenzweig: Crackdown on China spies overdue (Boston Herald) The Justice Department announced Monday that it had indicted five members of the Chinese People's Liberation Army on charges of cybertheft. According to the indictment, the five hackers systematically stole business secrets from American corporations — household names like Westinghouse, Alcoa, and U.S. Steel

Germany May Ask U.S. Tech Chiefs to Testify on NSA Activities (Wall Street Journal) Heads of Facebook, Twitter, Apple and Google on witness shortlist

Snowden's First Move Against the NSA Was a Party in Hawaii (Wired) It was December 11, 2012, and in a small art space behind a furniture store in Honolulu, NSA contractor Edward Snowden was working to subvert the machinery of global surveillance

Blackshades: The script kiddies lament (CSO) News broke this week that a massive global raid had taken place over two days which comprised of 359 coordinated searches in 16 countries and there were apparently 80+ arrests as a result. Why? Well apparently all of the aforementioned targets had a copy of the Blackshades remote access trojan or RAT

Behind Blackshades: a closer look at the latest FBI cyber crime arrests (WeLiveSecurity) The FBI made big headlines yesterday with its announcement of a high profile malware takedown related to a RAT called Blackshades (of which more in a moment). Hopefully this move, involving 97 arrests in 16 countries, will discourage the use of spyware by criminals. RAT stands for remote access tool and Blackshades is not unlike the DarkComet RAT that I wrote about in 2012

Cyber fraud: 10 arrested in SA (ioL Scitech) Sixteen people from several US states and other countries have been arrested on charges that they took part in a fraud scheme that used stolen information to get money and goods and then ship them to South Africa and Nigeria, according to documents unsealed in federal court on Tuesday

SA, US agencies crack financial fraud scam (South Africa Info) South African and United States law enforcement agents arrested 11 people in Pretoria on Tuesday on charges related to an international financial fraud scam involving cyber crime and fraudulent mass marketing schemes

AT&T hacker wants US govt to pay for the time he spent in prison (Help Net Security) In an open letter addressed to members of the New Jersey District Court, FBI, and DOJ, Andrew "weev" Auernheimer is seeking monetary restitution for the time he was confined to the jurisdiction of the New Jersey District Court and he spent in federal prison after being convicted for publishing a list of emails and AT&T authentication IDs of early iPad adopters

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

CEIC 2014 (Las Vegas, Nevada, USA, May 19 - 22, 2014) It's no exaggeration to say that CEIC is the biggest digital-investigations conference of its kind and the only one to offer hands-on lab sessions and training for practical skills development. From sessions...

Mobile Network Security in Europe (London, England, UK, May 21, 2014) Following on from two successful events in the United States, this first Light Reading conference on Mobile Network Security in Europe will again focus on the key role of the network in safeguarding the...

Positive Hack Days (, January 1, 1970) Positive Hack Days is the international venue for the unification of progressive forces of the IT industry. It is about innovators interested in information security problems; it is fresh blood and bright...

Georgetown Law: Cybersecurity Law Institute (, January 1, 1970) A day does not go by where cybersecurity is not in the news. In fact, according to a recent national survey conducted by FTI Consulting, cybersecurity is the number one issue on the minds of general counsels...

NSA Mobile Technology Forum (MTF) 2014 (, January 1, 1970) The Mobile Technologies Forum is an annual event that attracts SIGINT, Information Assurance, HUMINT, Federal Law Enforcement, Counterintelligence and Government personnel from the United States, Australia,...

CyberMontgomery Forum: Center of Gravity (Rockville, Maryland, USA, May 22, 2014) Cybersecurity will be a major growth engine in the region for many years to come. With solid federal government, industry and academic assets already in place in the region, there is still a need to bring...

Cyber Risk Summit (Washington, DC, USA, May 22, 2014) This one-day leadership conference will provide a discussion forum for business executives, insurance companies and policymakers on more effective private and public responses to cyber risk management.

The Device Developers' Conference: Cambridge (Cambridge, England, UK, May 22, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...

Fort Meade Technology Expo (, January 1, 1970) The Ft. Meade Technology Expo is a one-day event held at the Officers' Club (Club Meade) on base. Industry vendors will have the unique opportunity to showcase their products and services to personnel...

3 Day Startup (San Antonio, Texas, USA, May 23 - 25, 2014) The nation faces tremendous challenges to our online security. Turn innovative ideas into startups that protect our information and our livelihood. 3 Day Startup is an entrepreneurship program designed...

CANSEC (, January 1, 1970) CANSEC is Canada's foremost defence tradeshow. A two-day event, CANSEC will feature 120,000 square feet of indoor exhibits by Canada's leading edge defence companies, as well as an outdoor static display.

Hack in The Box Security Conference (HITBSecConf) Amsterdam (, January 1, 1970) HITBSecConf Amsterdam is a gathering of network security professionals and enthusiasts who come from all corners of the globe to discuss the next generation of attacks and defense techniques. This is not...

Area41 (, January 1, 1970) Area41 is an international security technology and research conference offering both trainings/workshops and traditional presentation tracks.

The Device Developers' Conference: Manchester (Manchester, England, UK, June 3, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...

NSA SIGINT Development Conference 2014 (, January 1, 1970) This classified conference will focus on the preeminent intelligence issues facing those who are tasked with SIGINT as part of their mission. Over 1500 participants from the US intelligence community and...

The Device Developers' Conference: Scotland (Uphall, Scotland, UK, June 5, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...

The 2014 Cyber Security Summit (DC Metro) (Tysons Corner, Virginia, USA, June 5, 2014) The Cyber Security Summit, an exclusive conference series sponsored by The Wall Street Journal, has announced their inaugural DC Metro event. The event will connect C-Level & Senior Executives responsible...

MIT Technology Review Digital Summit (, January 1, 1970) The MIT Technology Review Digital Summit examines tomorrow's digital technologies and explains their global impact on both business and society. You'll get insider access to the innovative people and companies...

Cyber 5.0 Conference (Laurel, Maryland, USA, June 10, 2014) The mission of the Cyber Conference is to provide a forum for small and mid-sized businesses in Howard County and the region to access industry and government leaders with current information on cybersecurity...

Global Summit on Computer and Information Technology (, January 1, 1970) The summit is hosting multiple conferences in different areas of Computer & Information Technology. CIT is a major platform for researchers and industry practitioners from different fields of computer...

NRC Cyber Security Seminar/ISSO Security Workshop (Bethesda, Maryland, USA, June 16, 2014) NRC will be hosting its second NRC Semi-Annual All-Hands ISSO Workshop. This workshop will consist of computer security policy, standards, cybersecurity, guidance, FISMA compliance, and training updates.

2014 Spring National SBIR Conference (Washington, DC, USA, June 16 - 18, 2013) SBIR/STTR programs are the nation's largest source of early stage / high risk R&D funding for small business. At this conference you'll learn how to participate and compete for funding in these two programs...

18th Annual Colloquium for Information Systems Security Education (, January 1, 1970) The Colloquium recognizes that the protection of information and infrastructures that are used to create, store, process, and communicate information is vital to business continuity and security. The Colloquium's...

MeriTalk's Cyber Security Brainstorm (Washington, DC, USA, June 18, 2014) This second annual event will take place on Wednesday, June 18 2014 at the Newseum in Washington D.C. The event will bring together Federal cyber security experts to share best practices, collaborate on...

Suits and Spooks New York (, January 1, 1970) Not another hacker conference. Suits and Spooks is a unique gathering of experts, executives, operators, and policymakers who discuss hard challenges in a private setting over two days. Suits and Spooks...

SANSFIRE (Baltimore, Maryland, USA, June 21 - 30, 2014) For more than 10 years, the Internet Storm Center has been providing free analysis and warning to our community. SANSFIRE 2014 is not just another training event. It is our annual "ISC Powered" event.

26th Annual FIRST Conference (Boston, Massachusetts, USA, June 22 - 27, 2014) The Forum of Incident Response and Security Teams (FIRST) is a global non-profit organization dedicated to bringing together computer security incident response teams (CSIRTs) and includes response teams...

Gartner Security & Risk Management Summit 2014 (National Harbor, Maryland, US, June 23 - 26, 2014) The Gartner Security & Risk Management Summit is the only time when the entire Gartner analyst and security and risk management community come together in one location to bring the latest research, insights...

United Nations Interregional Crime and Justice Research Institute Cyber Threats Workshop (Turin, Italy, June 27 - 29, 2014) The United Nations Interregional Crime and Justice Research Institute (UNICRI) is organizing a series of workshops and short courses within the framework of the UNICRI Journalism and Public Information...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.