A ceasefire in Ukraine and continued ISIS trumpeting of atrocities brings "hybrid warfare" to the forefront of analysts' minds. Hybrid warfare prominently employs non-state fighters and hakctivists, and what its kinetic and non-kinetic features share is deniability. Analysts expect to see a lot more of it.
The Chinese hack that turned Forbes' "Thought of the Day" into a watering hole seems to have been both technically clever and crafted with clear targets in mind.
Spoof PayPal phishing sites are taken down — many of them were very well crafted, another sign that the crooks have upped their design game.
Ransomware — in this case Simplocker — continues to appear in enhanced, increasingly dangerous forms. There are fresh expectations that we'll soon see a major outbreak among mobile devices.
More dodgy apps are found in Google Play.
The Anthem hack draws attention to the attack surface employees inevitably present. Some companies respond with social engineering drills.
NIST has released its draft guidance for industrial control system security.
The cryptocurrency community takes a stab a developing its own sector standards.
Assured Information Security demonstrates a cryptographic approach to making software (inter alia malware) tougher to reverse engineer.
In the US, the White House proceeds with plans for the CTIIC, intended to connect private sector cyber threat intelligence with the classified world's. Industry reaction is broadly skeptical: Didn't the NCCIC have that mission? Who's going to bear the cost of all that threat reporting? What about privacy? So the Administration still has some explaining to do.
A note to our readers: the CyberWire staff will take a break on Presidents' Day, this coming Monday. We'll resume regular publication on Tuesday, February 17.
Today's issue includes events affecting China, Iraq, Malaysia, Netherlands, Russia, Syria, Ukraine, United Kingdom, United States.
Cyber Attacks, Threats, and Vulnerabilities
Newsweek Twitter hack is a sign of the times(IDG via CSO) The Twitter accounts of two more companies — Newsweek and the International Business Times — were compromised on Tuesday, showing Twitter's attractiveness to hackers despite its cybersecurity features
Report Warns Russia's 'Hybrid Warfare' In Ukraine Could Inspire Others(Radio Free Europe | Radio Liberty) In a new report, a top defense think tank warns that Russia's destabilizing actions in Ukraine, including "sophisticated combinations of conventional and unconventional means of warfare," could inspire NATO's potential state and non-state adversaries elsewhere in the world
Host Hit in Cyber Attack Rips Government Inaction(Netherlands Times) Despite heavy complaints from within the Dutch government about Tuesday's cyber attack which took out several government websites, the managing director of the host hardest hit in the incident blames years of government inaction for the outage. The attack was clearly directed at the government, and any other websites that went down as a result were "collateral damage," said hosting firm Prolocation's managing director Raymond Dijkxhoorn
Chinese hackers attack blue-chip groups including banks(FT/OTCEER via STARR FM) Chinese hackers hijacked the Forbes website and used it to target thousands of computers linked to blue-chip companies, including US defence contractors and banks, in one of the most brazen cyber espionage campaigns apparently launched by Beijing-linked groups so far
The New Windows 10 Release is Attracting the Attention of Criminals — and Not Why You Might Expect(Cyveillance) Among many interesting tidbits in Microsoft's recent Windows 10 announcement was that it would include two Internet browsers: the classic Internet Explorer, and a new one called Spartan. Although it's not that big of news per se, criminals are taking advantage of the media attention that has accompanied the Spartan announcement — not to exploit potential security flaws, although we're sure that will come soon — but to register domain names associated with it
Experts warn 2015 could be 'Year of the Healthcare Hack'(Reuters) Security experts are warning healthcare and insurance companies that 2015 will be the "Year of the Healthcare Hack," as cybercriminals are increasingly attracted to troves of personal information held by U.S. insurers and hospitals that command high prices on the underground market
Gh0st RAT: Complete Malware Analysis — Part 1(Infosec Institute) In this article series, we will learn about one of the most predominant malware, named Gh0st RAT, whose source code is dated back to 2001 but it is still relevant today. In this article series, we will learn what exactly is Gh0st RAT, all its variants, how it works, its characteristics, etc.
As Cyber Threats Soar, So Do CISO Salaries(Wall Street Journal) The search for chief information security officers has become a seller's market as companies rush to hire security experts in the wake of several high-profile cyberattacks. High demand, coupled with a shortage of talent, is leading to compensation that is "zooming up on an almost daily basis," said Peter Metzger, vice chairman at executive recruiter CTPartners
FireEye: A Next-Generation Cyber Security Play(Seeking Alpha) Businesses and governments will further need cyber security companies like FireEye. FireEye's excellent revenue in previous years and expansive R&D team will continue to excel. FireEye's acquisition of competitor Mandiant further establishes the company as the leader in the industry
How Secure is Your Android? Mobile Antivirus Apps Tested(PC Magazine) Most of us will never see our Android antivirus apps spit out a warning because most of us will never encounter malware on our phones. So how can you tell if your Android antivirus is actually protecting your phone against the malware that sometimes sneaks onto Google Play or is installed by an overbearing spouse?
Introducing the CryptoCurrency Security Standard (CCSS)(CryptoConsortium) The C4 mission statement is to develop and maintain standards that will benefit the cryptocurrency ecosystem. We accomplish this mission with the collaboration of the brightest minds in our space and have met success with each of our prior projects. Today, after months of working with extremely knowledgeable partners on this critical project, BitGo and C4 are proud to jointly announce the release of the draft CryptoCurrency Security Standard (CCSS) for public discussion
The Why and How of DNS Data Analysis(CircleID) A network traffic analyzer can tell you what's happening in your network, while a Domain Name System (DNS) analyzer can provide context on the "why" and "how"
From Big Data to smart data for security analytics(Global Big Data Conference) Have you heard the grand promise that Big Data analytics will reveal magical insights and enable organizations to transmute lead into gold? There seems a lack of depth to the idea and no concise plan in the roadmap. Big Data security analytics has the potential to be either a very effective solution or just another buzzword thrown around at conferences
Design and Innovation
A Crypto Trick That Makes Software Nearly Impossible to Reverse-Engineer(Wired) Software reverse engineering, the art of pulling programs apart to figure out how they work, is what makes it possible for sophisticated hackers to scour code for exploitable bugs. It's also what allows those same hackers' dangerous malware to be deconstructed and neutered. Now a new encryption trick could make both those tasks much, much harder
Facebook is telling Native Americans their names are fake(Naked Security) In October, Facebook apologised to the drag queens, drag kings, and others in the LGBT (lesbian/gay/bisexual/transgender) community, some of which it had recently locked out of their accounts because their names weren't "real"
DARPA Hones Skills of Future Cyber Officers(DoD News) After months of work with world-class experts and online challenges, 60 cadets and midshipmen from the three service academies and the Coast Guard Academy recently faced off in contests of full-spectrum offensive and defensive cyber skills
Media Freedom In 'Drastic Decline' Worldwide(Radio Free Europe | Radio Liberty) Watchdog Reporters Without Borders (RSF) said in its annual evaluation released February 12 that media freedom suffered a "drastic decline" worldwide last year in part because of extremist groups such as Islamic State and Boko Haram
Western companies slam China's Internet firewall(Washington Post) China's growing restrictions on the Internet are harming the operations of Western businesses, stifling research and development operations and discouraging executives from moving here
White House Will Unveil Cyber Executive Actions At A Summit This Week(National Law Journal) On Friday, February 13, the White House will hold its Summit on Cybersecurity and Consumer Protection at Stanford University. President Obama will be speaking at the Summit and plans to issue a new Executive Order focusing on ways to increase cybersecurity information sharing between the private sector and the U.S. Department of Homeland Security
Three of Tech's Top CEOs to Skip Obama Cybersecurity Summit(Bloomberg) The top executives of Google Inc., Yahoo! Inc. and Facebook Inc. won't attend President Barack Obama's cybersecurity summit on Friday, at a time when relations between the White House and Silicon Valley have frayed over privacy issues
Cyberthreat center coming(Washington Times) The White House national security adviser for counterterrorism announced this week that the Obama administration is setting up a cyberintelligence center aimed at providing better information and coordinated responses after cyberattacks that she said are growing more diverse and dangerous
Feds to private businesses: Cough up your cyber intelligence(Network World) Corporations will be asked to contribute cyber intelligence to a new federal agency tasked with analyzing threat data culled from as many public and private sources as possible in order to more quickly spot attacks and attribute them to the guilty parties
Announcement of New Government Cybersecurity Agency Met With Skepticism(Slate) On Tuesday, the Obama administration announced that it is creating a new cybersecurity agency to coordinate between existing offices and groups that deal with cyber threats. The decision is motivated by recent high-profile incidents, like the Sony hack and a White House network that was reportedly infiltrated by Russian intelligence
Unconventional Security Conventions(Tripwire: the State of Security) In the face of the current wave of cyber threats, the U.S. government announced this week in Washington DC that as part of the Homeland Security initiative the current administration is creating a new agency called the Cyber Threat Intelligence Integration Centre (CTIIP) to monitor cybersecurity threats by acquiring, pooling and analysing any captured information — AKA 'intelligence'
NGA banks on the power of transparency(FCW) There is a data explosion happening in government. According to National Geospatial-Intelligence Agency Director Robert Cardillo, geospatial data — and in turn, his agency — are on the cusp of it
Government wonders: What's in your old emails?(McClatchy) If you've been remiss in cleaning out your email in-box, here's some incentive: The federal government can read any emails that are more than six months old without a warrant
Malaysian Police Use Twitter in Crackdown on Dissent(New York Times) The Malaysian authorities have detained a cartoonist and ordered an investigation into two prominent politicians in an intensifying crackdown on dissent after the country's highest court upheld a five-year prison sentence for the leader of the opposition, Anwar Ibrahim
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
2015 North Dakota Cyber Security Conference(Fargo, North Dakota, USA, March 17, 2015) The North Dakota Cyber Security Conference brings together community members from academia, government and industry to share strategies, best practices and innovative solutions to address today's challenges...
AFCEA West 2015(San Diego, California, USA, February 10 - 12, 2015) Showcasing emerging systems, platforms, technologies and networks that will impact all areas of current and future Sea Service operations.
DEFCON | OWASP International Information Security Meet(Lucknow, India, February 22, 2015) Defcon | OWASP Lucknow International Information Security Meet is a combined meet of Defcon and OWASP Lucknow. Defcon Lucknow is a DEF CON registered convention for promoting, demonstrating & spreading...
10th Annual ICS Security Summit(Orlando, Florida, USA, February 22 - March 2, 2015) Attendees come to the Summit to learn and discuss the newest and most challenging cyber security risks to control systems and the most effective defenses. The Summit is designed so you leave with new tools...
Cybersecurity for a New America: Big Ideas and New Voices(Washington, DC, USA, February 23, 2015) In addition to featuring keynote remarks by Admiral Mike Rogers, Director of the National Security Agency, this event will convene experts and practitioners from the public and private sector, military,...
Workforce Development Forum — CyberWorks Information Session(Baltimore, Maryland, USA, February 24, 2015) Are you a technology company that would like to actively participate in growing the right candidates for your open IT and cybersecurity positions? Are you a job seeker interested in pursuing a career in...
Cybersecurity: You Don't Know What You Don't Know(Birmingham, Alabama, USA, February 24 - 25, 2015) What: Connected World Conference in partnership with University of Alabama at Birmingham's Center for Information Assurance and Joint Forensics Research (The Center) have teamed up to bring professionals...
The Future of Cybersecurity Innovation(Washington, DC, USA, February 26, 2015) The US intelligence community has ranked cyberattacks as the No. 1 threat to national security — more than terrorist groups or weapons of mass destruction. But the military's cyberwarriors fight...
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.