skip navigation

More signal. Less noise.

Daily briefing.

Today's big story is the data breach Anthem, Inc., the second largest health insurance carrier in the United States, disclosed last night. Nearly 80M individuals' records were compromised, and industry observers are saying the incident has the potential to be the largest insurance breach in history.

The attack is thought to have begun on December 8, 2014, with Anthem discovering and reporting "suspicious activity" on January 28, 2015. Anthem's CEO, Joseph R. Swedish, says there was "unauthorized access" to members' personal information including "names, birthdays, medical IDs/social security numbers, street addresses, email addresses and employment information, including income data." He adds, "Based on what we know now, there is no evidence that credit card or medical information, such as claims, test results or diagnostic codes were targeted or compromised."

Anthem has hired FireEye's Mandiant unit to investigate. The FBI is conducting a criminal investigation, and the Bureau praises how Anthem has handled the incident, calling it a model others might follow. (Wired pointedly asks whether the compromised data were encrypted, suggesting there might be a painful teaching example here as well.)

PawnStorm continues to attack iOS.

Sony says it expects to spend a total of $35M fixing its networks (about $15M of that will go to investigation and remediation).

The Anthem incident will reinforce the push, already underway, for the maturation of the cyber insurance market. It's also prompting renewed efforts in the US House to facilitate cyber threat information sharing.

Ross Ulbricht is found guilty in the Silk Road trial.

Notes.

Today's issue includes events affecting Australia, Canada, New Zealand, Thailand, United Kingdom, United States.

Cyber Attacks, Threats, and Vulnerabilities

From the Desk of Joseph R. Swedish President and CEO Anthem, Inc. (Anthem, Inc.) Anthem was the target of a very sophisticated external cyber attack. Based on what we know now, there is no evidence that credit card or medical information were targeted or compromised

Frequently Asked Questions: Learn more about the cyber attack against Anthem (Anthem, Inc.) Was my information accessed? Anthem is currently conducting an extensive IT Forensic Investigation to determine what members are impacted. We are working around the clock to determine how many people have been impacted and will notify all Anthem members who are impacted through a written communication

Health insurer Anthem hacked; data on millions of patients, employees exposed (Los Angeles Times) Health insurance giant Anthem Inc. said late Wednesday that hackers had breached its computer system and the personal information of tens of millions of customers and employees was possibly at risk

Health insurer Anthem hit by massive cybersecurity breach (Reuters) Health insurer Anthem Inc (ANTM.N), which has nearly 40 million U.S. customers, said late on Wednesday that hackers had breached one of its IT systems and stolen personal information relating to current and former consumers and employees

Massive breach at health care company Anthem Inc. (USA TODAY) As many as 80 million customers of the nation's second-largest health insurance company, Anthem Inc., have had their account information stolen, the company said in a statement

Breach of Health Insurer Exposes Sensitive Data of Millions of Patients (Wired) Apparently the data breaches of Target, Sony, Home Depot and a host of others weren't sufficient to convince Anthem to encrypt patient Social Security numbers

US health insurer Anthem suffers massive data breach (Help Net Security) Anthem, the second-largest health insurer in the United States, has suffered a data breach that may turn out to be the largest health care breach to date, as the compromised database holds records of some 80 million individuals

The Growing Problem of Medical Identity Theft (IBM Security Intelligence) Medical identity theft (MIT) has become a major fraud issue over the past several years. However, most consumers may not be aware of the threats it poses. Unlike traditional financial crimes such as credit card or check fraud, which rarely involves anything more than a loss of money, the consequences of MIT can involve physical harm or potential loss of life

Hackers Target iOS-Using Government Officials and Journalists in Pawn Storm Malware Attack (Intego) Last October, security researchers released detailed reports about how a criminal hacking gang, possibly backed by a foreign state, was targeting Western governments, military and the media in an operation called "Pawn Storm"

Banking Trojan Lurks Inside Innocent Fax Messages, Bitdefender Warns (Dark Reading) Threat uses server-side polymorphism technique to bypass antivirus software

CrowdStrike demonstrates how attackers wiped the data from the machines at Sony (CSO) While cyber attacks by nation-state adversaries have been taking place for years, in 2014 it became abundantly clear that every company — no matter the industry — is a potential target. The Sony breach was a wake-up call for all organizations: if you have valuable information, you are a target

Hack to cost Sony $35 million in IT repairs (CSO) Sony has put an estimate to the damage caused by the massive cyberattack against Sony Pictures Entertainment last year — US$35 million

Ransomware isn't a serious threat says threat intelligence firm (CSO) Emails containing malicious links are spreading under the pretense that they offer access to updated versions of Google's Chrome browser. But instead of a new browser, victims are being directed to copies of a Ransomware variant known as Critroni (CTB-Locker)

Hacked Hotel Phones Fueled Bank Phishing Scams (KrebsOnSecurity) A recent phishing campaign targeting customers of several major U.S. banks was powered by text messages directing recipients to call hacked phone lines at Holiday Inn locations in the south. Such attacks are not new, but this one is a timely reminder that phishers increasingly are using lures blasted out via SMS as more banks turn to text messaging to communicate with customers about account activity

How vulnerable is satellite broadband? (SC Magazine) Cyber communications are vulnerable to both cyber-attack and kinetic attacks on physical infrastructure, with satellites potentially at risk says new report

Security Patches, Mitigations, and Software Updates

Adobe Begins Patching Third Flash Player Zero Day (Threatpost) Adobe announced today that it will begin distributing a patch for the third and most recent zero-day vulnerability in Flash Player

Cyber Trends

Insurance, Finance Step Up Cybercrime Fight (InsuranceNewsNet) The insurance and financial industries are stepping up the fight against cybercrime by urging more intelligence sharing and warning companies of the growing risks

Shifting Paradigms: The Case for Cyber Counter-Intelligence (Dark Reading) Cyber Counter-Intelligence and traditional information security share many aspects. But CCI picks up where infosec ends — with an emphasis on governance, automation, timeliness, and reporting

Endpoint Security Has Grown More Difficult and Tedious (Network World) Enterprise organizations say that endpoint security is dependent upon too many vendors, products, and software agents

The real challenge of the Internet of Things (Help Net Security) More than 40 percent of organizations expect the Internet of Things (IoT) to transform their business or offer significant new revenue or cost-savings opportunities in the short term (over the next three years), rising to 60 percent in the long term (more than five years), according to Gartner, Inc. However, those surveyed said that many of their organizations have not established clear business or technical leadership for their IoT efforts

Marketplace

Cyber insurance becomes the new cost of doing business (FierceCIO) It's no secret that nearly all organizations have grown fearful of a data breach. And in many cases the greatest fears are those known to the company — business partners, external customers and internal employees

Army turns to commercial partners to keep ISR edge (C4ISR & Networks) Facing both shrinking research and development budgets and a need to adopt faster and more flexible ISR network technologies, such as software-defined networks (SDNs), the Army is now looking to its commercial partners for assistance in developing innovative solutions

Holland & Hart Represents Accuvant in FishNet Security Merger (PRWeb) Holland & Hart LLP represented long-standing client Accuvant in the successful closing of its merger with FishNet Security, which was announced Feb. 2

Elastica Honored as a 2015 Coolest Cloud Computing Vendor by CRN (MarketWired) Channel focused sales model providing partners with effective cloud application security solutions earns company recognition as a top 20 cloud security vendor

RSA Executive Chairman Art Coviello To Retire (CNN money) The Security Division of EMC (NYSE:EMC), today announced Art Coviello's decision to retire from his post as Executive Chairman of RSA and Executive Vice President of EMC for health reasons effective February 28, 2015. Through a transition period, Mr. Coviello will serve as strategic advisor to RSA President Amit Yoran, who will remain in his current role while also assuming Mr. Coviello's responsibilities

Products, Services, and Solutions

VMware NSX: A Cloud Pitch To Sell SDN (InformationWeek) Software defined networking is key to VMware's data center ambitions, so it's selling NSX-as-a-service through the vCloud Air public cloud

Wombat Security Technologies Offering New Customization Options for Security Awareness and Training Solutions (Marketwired) Wombat's unique customization features make it easier for companies to combat increasing cyber threats

ESET Announces New Encryption Capabilities for Channel Partners with DESlock+ for iOS (PRNewswire) Technology Alliance partner launches advanced encryption for iOS users

BitbyBit to deliver cyber risk management service with SecurityScorecard (Business-Cloud) BitbyBit have expanded their portfolio of services to the legal sector and will be demonstrating the SecurtyScorecard cyber-risk management service at LEGALTECH at the Hilton New York between 3rd and 5th February

Arbor Networks Partners with Zycko (Realwire) Leading network security provider expands EMEA Distribution Channels

eSentire Wins Hedge Find Managers Technology Awards (Morning Post Exchange) eSentire named best security solution and most innovative technology solution at HFM US Technology 2015 Awards

Promisec Launches Critical Upgrade to Endpoint Manager Product to Protect Against Advanced Cyber Threats (PRNewswire) PEM 4.10 addresses use cases from compliance thru cyber

iboss Network Security Raises the Bar for Advanced APT Defense (MarketWired) FireSphere delivers network traffic anomaly monitoring and detection to pinpoint unusual network behavior and prevent data exfiltration

Microsoft Outlines Security Protections Using Azure Active Directory (Redmond Magazine) Microsoft officials talked today about how the company's Azure Active Directory (AD) service is using machine learning to thwart cyberattacks

Rook Security Reaches New Heights in 2014 As Company Heats Up Managed Security and Advisory Services Landscape (BusinessWire) Proprietary solution integration and business-led approach protects Rook Security's clients against persistent cyberthreats

Core Security Partners With Singular Security (Marketwired) Core Security's vulnerability management solutions will help Singular Security customers "cut through the noise" and focus on true threats

Deloitte launches online Australian cyber intelligence centre (Computerworld) Centre will help Deloitte's clients deal with cyber security attacks 24/7

SolarWinds Continues to Simplify SIEM for Resource-Constrained IT Organizations (Marketwired via CNN Money) SolarWinds helps budget-conscious organizations address core security challenges with enhancements to SolarWinds Log & Event Manager for faster SIEM deployment, simplified correlation rules setup, and quick detection of advanced persistent threats and insider abuse

MobileIron's content security service provides security for data stored in employee's personal cloud (FierceMobileIT) Employees who use their personal devices at work often put their work documents in a personal cloud storage service. While this makes it easier to store and access the documents from their mobile devices, it opens up their firm to possible loss of sensitive corporate documents

MStar to Use Cryptography Research DPA Countermeasures to Ward Off Attacks in Set-Top Box Solutions (BusinessWire) Added security technologies protect tamper-resistant chips in digital home market

New Good for Samsung KNOX can squash Android security bugs before they infect the network (FierceMobileIT) With the influx of consumer-grade smartphones into the enterprise, IT departments are concerned that some operating systems are less secure than others. In particular, the Android OS, which operates most of the smartphones in the world, is the focus of malware developers and cybercriminals

Technologies, Techniques, and Standards

From Castles to Beer: A different approach to cyber security (Federal Times) In the 11th century, England witnessed an extensive castle building program by William the Conqueror who built some of the first castles made from stone. By the 13th century, the design of castles evolved to a "defense in depth" approach that included constructing a series of concentric walls around the castles. The concentric walls were designed to slow the invading forces and enable the early detection of the invaders

Who are the role models in cyberspace? (Help Net Security) Those of us of who are of a certain age learned how to live our life by playing with our toys — our cars, dolls and, of course, Star Wars action figures

Taxes in the cyber age: How to protect your identity this tax season (Consumer Electronic Net) New survey from Experian's ProtectMyID reveals risks consumers take when filing their taxes and how they can guard against tax-related identity theft

ThreatMetrix Cites Cybersecurity Strategies to Avoid Getting Stung by Cupid's Arrow Leading up to Valentine's Day (Virtual Strategy Magazine) ThreatMetrix®, the fastest-growing provider of context-based security and advanced fraud prevention solutions, today announced several strategies for consumers to stay protected against online dating fraud and e-commerce risks leading up to Valentine's Day

Research and Development

Security Innovation Challenges the Crypto Community to Defeat NTRU (PRWeb) Security Innovation is pleased to launch the "NTRU Challenge" this week. Offering more than $90K in cash prizes, Security Innovation affirms its commitment to securing their cryptosytem

Science and tech chiefs: Stop erosion of U.S. tech superiority (Navy Times) Science and technology chiefs for each service and the Defense Advanced Research Projects Agency urged a united effort with military, academia and industry to develop a "new technology offset" that will reverse the loss of technological superiority and overcome the resulting erosion of operational capabilities

Codebreaking Materials Devised by Turing Discovered (I Programmer) During restoration work at Bletchley Park, papers which had been stuffed between the roof rafters to act as insulation were discovered and found to include unique surviving examples of Banbury Sheets

Legislation, Policy, and Regulation

Big Brother is watching Thailand (CSO) I first read George Orwell's book, 1984 many years ago. I remember thinking that was such a horrible idea and it couldn't possibly come to pass. But, the more I read the news in the last year alone I see a shift taking place

US to unveil National Security Strategy tomorrow (Business Standard) Counter-terrorism experts are hoping the document will outline a robust, multi-pronged approach to fighting the Islamic State

The Vast Majority of the Government Lacks Clear Cybersecurity Plans (Brookings) The public and private sectors use information technology (IT) every day to monitor, manage, and simplify their daily operations. The omnipresence of these technologies has introduced new vulnerabilities

An Elite That Has Lost the Impulse to Police Itself (Atlantic) The DEA secretly instituted a mass surveillance program and almost no one objected, even after it was revealed

Western Spy Agencies Secretly Rely on Hackers for Intel and Expertise (Intercept) The U.S., U.K. and Canadian governments characterize hackers as a criminal menace, warn of the threats they allegedly pose to critical infrastructure, and aggressively prosecute them, but they are also secretly exploiting their information and expertise, according to top secret documents

Defense nominee: US 'not where it should be' on cybersecurity (The Hill) The Defense Department's network security "is not where it should be," said Ashton Carter, the nominee for Defense secretary, during his Wednesday nomination hearing

SecDef Nominee: Cyber threats require holistic defense strategy (Federal Times) As cyberspace becomes an ever more integrated part of daily life, cybersecurity has become a central part of the national defense. Acknowledging this, Defense Secretary nominee Ash Carter was asked several pointed questions about cyber threats and creating a framework for appropriate responses to attacks

Full budget details on cyber, cloud, networks (C4ISR & Networks) The Defense Department's ongoing move to enterprise-wide IT services got a boost in the form of President Barack Obama's proposed 2016 defense budget, with the Pentagon's leading enterprise IT effort receiving more than a six-fold increase in spending

The Pentagon Wants To Expand Its Cyber Forces (Defense One) A $27 million proposal in the FY 2016 budget would fill the ranks of a burgeoning Cyber Command

Army makes first selections for cyber branch officer corps (Augusta Chronicle) The Army has selected the first officers it will train specifically to defend cyberspace

Security-Cleared Population Drops by 10% (Federation of American Scientists) The number of people who hold security clearances for access to classified information has been reduced by ten percent, the White House said in budget request documents released this week

Litigation, Investigation, and Law Enforcement

Canary Watch now legally tracks secret NSA and FBI national security data requests (Techspot) Most major internet services and social networks claim to be as transparent as possible regarding user privacy, but there are times when legal issues prevent them from doing so. Data requests from the likes of the NSA and FBI in many cases come along with stipulations that stop sites from disclosing details about what and when information is given to the government. But now a new site known as Canary Watch claims to have figured some of that out

Silk Road Creator Found Guilty of Cybercrimes (Wall Street Journal) Ross Ulbricht convicted in case over Internet warketplace that sold illegal goods

The utterly crazy story of the death threat hacker (involves a cat) (We Live Security) Brace yourself, as this is one of the weirdest and most bizarre computer virus-related stories that I have ever heard

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Symantec Government Symposium: Secure Government: Manage, Mitigate, Mobilize (Washington, DC, USA, April 15, 2015) The annual Symantec Government Symposium is a one-day event attracting 1,500 government IT security and management professionals. The event is designed to facilitate peer-to-peer dialogue on the challenges...

Apple Security Talks & Craft Beer (Laurel, Maryland, USA, May 8, 2015) The world's first security summit held at a production brewery. Join some of the world's best Apple security researchers as they talk about iOS, OS X, Apple hardware and other Apple-related security topics...

7th International Conference on Cyber Conflict (Tallinn, Estonia, May 26 - 29, 2015) CyCon is the annual NATO Cooperative Cyber Defence Centre of Excellence conference where topics vary from technical to legal, strategy and policy. The pre-conference workshop day, 26 May, features a variety...

Upcoming Events

Cyber Threat Intelligence Summit (Washington, DC, USA, February 2 - 9, 2015) Join SANS for this innovative event as we focus on enabling organizations to build effective cyber threat intelligence analysis capabilities

ICSS 2015: International Cyber Security Strategy Congress (Leuven, Belgium, February 4 - 5, 2015) ICSS2015 will present the latest developments and thoughts in the field of cybercrime and cybersecurity and will be a unique gathering of cybercrime experts from all over the world. The objective of the...

Suits and Spooks (Washington, DC, USA, February 4 - 5, 2015) Suits and Spooks DC (Feb 4-5, 2015) is moving to the Ritz Carlton hotel in Pentagon City! We're expanding our attendee capacity to 200 and for the first time will be including space for exhibitors. We...

Nullcon 2015 (Goa, India, February 4 - 7, 2015) Nullcon discusses and showcase the future of information security, next-generation of offensive and defensive security technology as well as unknown threats

Salt Lake City Tech-Security Conference (Salt Lake City, Utah, USA, February 5, 2015) The Salt Lake City Tech-Security Conference features 25-30 vendor exhibits and several industry experts discussing current tech-security issues such as email security, VoIP, LAN security, wireless security,...

ICISSP 2015 (Angers, Loire Valley, France, February 9 - 11, 2015) The International Conference on Information Systems Security and Privacy aims at creating a meeting point of researchers and practitioners that address security and privacy challenges that concern information...

Tax benefit, Catalyst Fund and other financial Incentives for Small Businesses (Columbia, Maryland, USA, February 10, 2015) Rescheduled. Meet the experts! Tax incentives, credits and loans available for small businesses. Learn the details: How to apply for Cyber Tax Credits, Research Tax Credits, Security Clearance Tax Credits,...

2015 Cyber Risk Insights Conference — London (London, England, UK, February 10, 2015) The cyber threat landscape is undergoing rapid change. Lloyd's and the London market are at the forefront of developing insurance products to address the evolving exposures of organizations throughout...

AFCEA West 2015 (San Diego, California, USA, February 10 - 12, 2015) Showcasing emerging systems, platforms, technologies and networks that will impact all areas of current and future Sea Service operations.

Cybergamut Technical Tuesday: An Hour in the Life of a Cyber Analyst (Hanover, Maryland, USA, February 17, 2015) Workshop Description: This hands-on workshop will demonstrate how easy it is for a breach to occur by analyzing a virtualized web server environment. Participants will use open source tools such as port...

DEFCON | OWASP International Information Security Meet (Lucknow, India, February 22, 2015) Defcon | OWASP Lucknow International Information Security Meet is a combined meet of Defcon and OWASP Lucknow. Defcon Lucknow is a DEF CON registered convention for promoting, demonstrating & spreading...

10th Annual ICS Security Summit (Orlando, Florida, USA, February 22 - March 2, 2015) Attendees come to the Summit to learn and discuss the newest and most challenging cyber security risks to control systems and the most effective defenses. The Summit is designed so you leave with new tools...

Workforce Development Forum — CyberWorks Information Session (Baltimore, Maryland, USA, February 24, 2015) Are you a technology company that would like to actively participate in growing the right candidates for your open IT and cybersecurity positions? Are you a job seeker interested in pursuing a career in...

Cybersecurity: You Don't Know What You Don't Know (Birmingham, Alabama, USA, February 24 - 25, 2015) What: Connected World Conference in partnership with University of Alabama at Birmingham's Center for Information Assurance and Joint Forensics Research (The Center) have teamed up to bring professionals...

NEDForum: Cyber Network Exploitation and Defence: "Darknet & the Primordial Soup of Cyber Crime" (Edinburgh, Scotland, UK, February 27, 2015) Speakers will cover such topics as: "Fear and loathing on Darknet," (Greg Jones, Managing Consultant, Digital Assurance), "Securing the internet of everything" (Rik Ferguson, Global Vice President Security...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.