The US Defense Department writes warily of a growing sophistication in ISIS cyber operations, but such sophistication is more evident in the Caliphate's information operations than in hacking. Recent threats against US service members, for example, derive from unsophisticated (if diligent) doxxing as opposed to network compromise.
ISIS itself is being hit in cyberspace by a self-organized (or unorganized) array of vigilantes (yes, Anonymous among them). The terrorist aspirant state is suffering increased friction in social media.
Cyber vigilantes may also be at work on North Korean networks.
NanoCore, a remote-access Trojan, is found infesting networks from East Asia through North America and into the Middle East. It appears to be spearphishing the oil-and-gas sector, and since its source code has leaked into criminal fora, observers expect infections to spike.
Patched vulnerabilities continue to be exploited: witness Adobe Flex SDK bug CVE-2011-2461, patched back in 2011, but persisting in widely visited Websites.
Palo Alto warns of "Android Installer Hijacking" — a vulnerability affecting nearly half of Android devices.
The Premera breach autopsy continues (Washington state insurance regulators lead a multi-state investigation). Reports indicate Premera both lacked multi-factor authentication and — disturbingly — was in HIPAA compliance, moving observers to ask whether HIPAA standards are too low.
Windows Pro IT reminds its readers that hackers don't need a rational motive.
The Christian Science Monitor's Passcode reports on US regional competition to become the cyber version of Silicon Valley.
Coca Cola experiments with novel approaches to enterprise security — the Wall Street Journal has the story.
Today's issue includes events affecting Australia, Barbados, Canada, China, Egypt, Germany, Hong Kong, India, Iran, Iraq, Israel, Japan, Democratic Peoples Republic of Korea, Republic of Korea, Nigeria, Russia, Singapore, Syria, United Arab Emirates, United Kingdom, United States.
The CyberWire will be live-tweeting from the Women in Cybersecurity event, in Atlanta on Friday and Saturday, with a special edition on the conference coming Monday.
Did Vigilantes Knock North Korea Offline?(Daily Beast) U.S. cyberspies swear they didn't take down the Hermit Kingdom's Internet after the Sony hack. And those spies weren't the only ones rooting around Pyongyang's servers
Premera's IT Security Audit Report Revealed Lack of Multi-Factor Authentication(Duo Security) Back at the end of November 2014, the Office of Personnel Management (OPM) released an IT security audit report on the state of Premera's security profile, noting a gap in access controls. A few months later, Premera discovered a breach of their systems that may have compromised the medical and financial data of 11 million individuals
The average DDoS attack tripled in volume(Help Net Security) The average packet volume for DDoS attacks increased 340 percent to 4.36 million packets per second (Mpps), and the average bit volume swelled 245 percent to 12.1 Gbps in the final quarter of 2014, according to Black Lotus
100 Days of Malware(Push the Red Button) It's now been a little over 100 days since I started running malware samples in PANDA and making the executions publicly available. In that time, we've analyzed 10,794 pieces of malware, which generated
Foreign Policy in the Age of Cybersecurity Threats(IBM Security Intelligence) The Obama administration has been the first to face the foreign policy and national security challenges of what may be called the modern age of cyberthreats and cybersecurity
Cyber Armageddon is a Myth(Counterpunch) Over the past several years mainstream news outlets have conveyed a litany of cyber doomsday scenarios on behalf of ostensibly credible public officials. Breathless intimations of the End Times. The stuff of Hollywood screenplays. However a recent statement by the U.S. intelligence community pours a bucket of cold water over all of this. Yes, Virginia, It turns out that all the talk of cyber Armageddon was a load of bunkum. An elaborate propaganda campaign which only serves as a pretext to sacrifice our civil liberties and channel an ocean of cash to the defense industry
9 Threats on the 2017 Threat Horizon(Mobile Enterprise) Senior business managers, information security professionals and other key organizational stakeholders beware — by 2017 nine emergent threats will make cybersecurity challenges even more difficult
2% of UK Firms Insured Against Cyber Attacks(Newsweek) Just 2% of large UK firms have specialised insurance cover against cyber attacks, according to a report published today. This figure dropped close to zero for smaller companies and around half of the CEOs interviewed were unaware that cyber risks can be insured
Cybersecurity Firms Are Ready To Fight For Government Contracts(Benzinga) Cyber attacks have become one of the largest threats to U.S. security, as more of the nation's infrastructure has become dependent on the Internet. High profile hacking attacks against major companies and government agencies have been on the rise this year, leading the Pentagon to look for ways to prevent major security breaches moving forward
ProtectWise Launches Its Network Security Product In A Deadly Hail Of Buzzwords(Forbes) Startup ProtectWise is launching out of stealth today and at the same time announcing over $17 million in venture funding from Crosslink Capital, Trinity Ventures. Paladin Capital Group and Arsenal Venture Partners. The company was founded by Scott Chasin, who previously started companies subsequently acquired by Symantec and McAfee. On top of this Chasin was McAfee's CTO from 2009-2012
Why You Should Be Losing Sleep over the Security Skills Shortage(Trustwave) We've written a few times in this space about the seemingly ineradicable security skills shortage that exists in organizations worldwide. Bad news: The picture doesn't appear to be getting any rosier.The latest ominous headline comes from Burning Glass, a labor market analytics firm, which has documented a 74 percent spike in cybersecurity job postings from 2007 to 2013, double the rate of all IT jobs
Columbus Business Solutions offers Cyber Security for Schools(Barbados Advocate) Schools are under attack both from internal and external vices. Whether it is device misuse, students and teachers surfing dangerous sites or downloading unknown files or hackers, the threats to education facilities are real. This is why it's even more important for schools — whether private or public and from primary to tertiary — to have adequate security to protect their network, staff and students
Technologies, Techniques, and Standards
Premera breach: Are HIPAA standards too low?(Help Net Security) Here's an interesting twist regarding the Premera data breach revealed last week: the company has been deemed compliant with the Health Insurance Portability and Accountability Act (HIPAA) in late November 2014
See Your Company Through the Eyes of a Hacker(Harvard Business Review) JP Morgan Chase. Target. Sony. Each has been part of the growing number of cyber-attacks against private companies around the world in recent years. In the latter two cases, CEOs were forced to resign in the wake of the breach. Attacks are growing more sophisticated and more damaging, targeting what companies value the most: their customer data, their intellectual property, and their reputations
Implementing an effective risk management framework(Help Net Security) In today's marketplace, almost every employee is now a content contributor. Although beneficial to the collective of information available, this influx brings about new risk. Legal systems worldwide are clamping down and demanding greater compliance — particularly on IT systems — making it essential for organizations to implement compliance and risk management protocols. So how do we balance the benefit of the free flow of information with the risk of inappropriate access and/or disclosure? What are the consequences of not doing so?
Why aren't you vulnerability scanning more often?(CSO) I've always been curious about companies that scan their enterprises for vulnerabilities once per quarter or even once per year. Why is this the case exactly? I've worked in these environments and I've heard all manner of excuses as to why this was an issue. "We can't have any outages because it is a critical roll out for $project and we can't have any downtime." That one was always one of my favorites
Four advantages of an identity behavior-based approach to cybersecurity(Help Net Security) With an ever-increasing number of data breaches, more money is being poured into IT security budgets. According to Gartner, the average global security budget increased 8 percent from 2013 to 2014 and will grow another 8 percent in 2015. Additionally, data loss prevention (DLP) system investments will increase by almost 19 percent
How to Install Bro Network Security Monitor on Ubuntu(Known) The Bro Network Security Monitor is an open source network monitoring framework. In a nutshell, Bro monitors packet flows over a network and creates high-level "flow" events from them and stores the events as single tab-separated lines in a log file
Just how safe is encryption anyway?(Technology Spectator) When checking your email over a secure connection, or making a purchase from an online retailer, have you ever wondered how your private information or credit card data is kept secure?
Design and Innovation
Finalists announced for Innovation Sandbox at RSA Conference 2015(Help Net Security) RSA Conference announced the 10 finalists for its annual Innovation Sandbox Contest. The competition is dedicated to encouraging out-of-the-box ideas and the exploration of new technologies that have the potential to transform the information security industry
Coca-Cola Looks to Secure Edge for Age of Cloud, Mobility(Wall Street Journal) Coca-Cola Co.KO -0.13%, feeling the pressure to strengthen its digital security, is experimenting with a new approach that makes use of software virtualization, a concept that revolutionized computer servers during the last decade or so
Research and Development
Israel, US To Integrate Cyber Test Beds(Defense News) The Cyber Security Division of the US Department of Homeland Security (DHS) aims to expand collaboration with the Israel National Cyber Bureau (NCB), Israeli cyber companies and local start-up firms
Congress moving on long-sought legislation to thwart cyberattacks(Washington Post) The House Intelligence Committee introduced bipartisan legislation Tuesday to grant legal immunity to firms that pass cyberthreat data to the government, as lawmakers expressed cautious optimism that there is finally enough support to pass a bill that the president will sign
Cybersecurity Information Sharing: A Legal Morass, Says CRS(Federation of American Scientists) Several pending bills would promote increased sharing of cybersecurity-related information — such as threat intelligence and system vulnerabilities — in order to combat the perceived rise in the frequency and intensity of cyber attacks against private and government entities
First lawsuits filed to block net neutrality action(FierceCIO) It had been suggested that the recent net neutrality vote by the Federal Communications Commission would be tied up for years in the courts, and the telecommunications industry hasn't disappointed
Washington officials leading Premera cyberattack investigation(Spokesman-Review) Washington insurance officials will lead a multistate investigation into how computer hackers were able to breach the security of the state's largest health insurance company and whether Premera Blue Cross took the proper steps to notify some 11 million customers after it was discovered
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
CyberTech Israel 2015(Tel Aviv, Israel, March 24 - 25, 2015) In the face of these enemies and threats, individuals, organizations and states are required to produce innovative, unique solutions that would improve the resistance and resilience of the sensitive systems...
2nd Annual ISSA COS Cyber Focus Day(Colorado Springs, Colorado, USA, March 25, 2015) Join us for the Information Systems Security Association (ISSA) — Colorado Springs Chapter — Cyber Focus Day set to take on Wednesday, March 25, 2015 at the University of Colorado Colorado...
28th Annual FISSEA Expo(Gaithersburg, Maryland, USA, March 25, 2015) This year's theme is "Changes, Challenges, and Collaborations: Effective Cybersecurity Training." Through numerous high quality sessions, over 100 attendees will learn new ways to improve their IT security...
Global APT Defense Summit(Atlanta, Georgia, USA, March 25, 2015) This event will lay out a defense framework, which describes the appropriate phases, from establishing a resilient security baseline, through gathering threat intelligence, zero-day malware detection,...
CYBERWEST: the Southwest Cybersecurity Summit(Phoenix, Arizona, USA, March 25 - 26, 2015) The purpose of CYBERWEST is to bring together Government and businesses to: Exchange information and learn in areas of policy and strategy; technology and R&D; workforce training and education; and economic,...
Conference on Cyber Defence in Europe(Berlin, Germany, March 25 - 26, 2015) The conference aims to address these and other issues of cyber defense in a broad audience of policy-makers, senior officials and experts from EU institutions and Member States, representatives of industry...
CYBERWEST(Phoenix, Arizona, USA, March 25 - 26, 2015) The purpose of CYBERWEST is to bring together Government and businesses to: Exchange information and learn in areas of policy and strategy; technology and R&D; workforce training and education; and economic,...
Fraud Summit Dubai(Dubai, United Arab Emirates, March 26, 2015) ISMG's Fraud Summit is a one-day event focused exclusively on the top fraud trends impacting organizations and the mitigation strategies to overcome those challenges. Highlights of the Dubai event include...
Women in Cyber Security(Atlanta, Georgia, USA, March 27 - 28, 2015) Despite the growing demand and tremendous opportunities in the job market, cybersecurity remains an area where there is significant shortage of skilled professionals regionally, nationally and internationally.
Automotive Cyber Security Summit(Detroit, Michigan, USA, March 30 - April 1, 2015) The debut Automotive Cyber Security Summit will bring together CTOs, CSOs, Engineers and IT professionals from GM, KIA, Nissan, Bosch, Qualcomm and more for three days of case studies, workshops, panel...
Insider Threat Symposium & Expo(Laurel, Maryland, USA, March 31, 2015) The National Insider Threat Special Interest Group (NITSIG) announced that it will hold FREE 1 day Insider Threat Symposium & Expo (ITS&E) on March 31, 2015 in Laurel, Maryland. The symposium is exclusively...
Kansas City Secure World(Kansas City, Missouri, USA, April 1, 2015) Join your fellow security professional for affordable, high-quality cybersecurity training and education at a regional conference near you. Earn CPE credits while learning from nationally recognized industry...
Coast Guard Intelligence Industry Day(Chantilly, Virginia, USA, April 2, 2015) With a blended focus of defense, homeland security, law enforcement, criminal investigations, intelligence and cyber issues, Coast Guard Intelligence is aggressively looking to collaborate with partners...
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.