Anonymous claims to have taken down 5500 ISIS-affiliated Twitter accounts. Opinions differ over how effective an Anonymous cyber offensive against the Caliphate will prove to be (many predict that rickrolling with a Guy Fawkes mask will be of small consequence). Some of the breathless denizens of Fleet Street look at attack maps and see Britain suffering in an ISIS-Anonymous cyber crossfire, but this appears much exaggerated.
Observers wonder why ISIS hasn't undertaken cyber terrorism, by which they mean cyber attacks with physical consequences. (ISIS sympathizers have certainly engaged in cyber-vandalism against soft targets like Jewish schools and small-market US media outlets, but that's a different matter.) In all probability ISIS lacks capability and is more interested in direct massacre than SCADA takedowns.
Some experts, speaking more-or-less on behalf of Western security services, think ISIS profited from Snowden's revelations, but how much terrorists actually use encrypted communications remains unclear. French authorities appear to have foreseen an attack based on their own surveillance capabilities, but were off in predicting dates and places — the familiar difficulty of extracting signal from noise. The encryption debate continues, with the tech industry (minus Blackberry but plus some US Representatives) largely pro-encryption and law enforcement (especially in the UK, and supported by the Manhattan DA) often anti.
Criminals resort to some familiar, albeit upgraded, malware: Blackhole is back, as are Destover and Dark Seoul.
Analysts think Microsoft has upped its security credibility.
Nations continue to grope toward cyber norms, but many think recent diplomacy has changed little.
Today's issue includes events affecting Belgium, Canada, China, France, Iraq, Republic of Korea, Mexico, Russia, Singapore, Switzerland, Syria, United Kingdom, United States.
Why Aren't Terrorists Committing More Cyberattacks?(Nextgov) The fear of terrorist organizations flexing their cyber muscles by launching a debilitating cyberattack is far greater than the actual reality of the situation, said Tricia Bacon, former counterterrorism official for the State Department at an event Tuesday
Child Porn and Malware in Facebook Scam(Check & Secure) As reported on by Cybercrime Coordination Unit Switzerland (CYCO), ever more pictures are emerging on Facebook with worrying scenes of child pornography depicted. These are the result of hacked Facebook accounts
Cybersecurity driving federal IT markets(C4ISR & Networks) Cybersecurity in its many forms — safeguarding IT networks and data, establishing governance and policies, negotiating acquisition — continues to act as a major force behind a huge slice of the U.S. economy, the federal government
Microsoft's Biggest Contribution to Security Is Free Windows Upgrades(Wall Street Journal) Microsoft Corp.MSFT +1.19% CEO Satya Nadella on Tuesday described his company's bold moves to protect Windows users from digital security threats. But the company has already made its most significant contribution to cyber security: free Windows 10 upgrades
Akamai (AKAM) Looks Broken, But It's Not — UBS(Street Insider) UBS analyst, Steve Milunovich, published a research note describing a conversation with Akamai Technologies (NASDAQ: AKAM) management that highlights growth headwinds near term but upside opportunity through new products and Over The Top programming longer term
Israeli cyber start-up SAFE-T files for Tel Aviv IPO(Reuters) Nov 17 Israeli cyber security start-up SAFE-T plans to become the first tech company to go public on the Tel Aviv Stock Exchange in 2015 after it issued a prospectus to raise 22 million shekels ($5.6 million)
Cyber security mission takes Darktrace to Mexico(Cambridge News) Darktrace is one of five British companies to participate in the cyber security trade mission to Mexico City, which starts today, organised by the UK Trade and Investment's Defence and Security Organisation and the Home Office
Hacking Drives Cybersecurity M&A(Payments Source) The recent uptick in cyberattacks, including the hack of extramarital dating site Ashley Madison, is making companies tighten their Web security and driving up demand for cybersecurity providers
Cyber security sector struggles to fill skills gap(Financial Times) Global demand for cyber security experts is forecast to outstrip supply by a third before the end of the decade, with companies struggling against what one senior industry figure has called the "largest human capital shortage in the world"
BrightPoint Security CEO Anne Bonaparte Wins Female Executive of the Year(TopTechNews) BrightPoint Security™, a leading Threat Intelligence Platform provider for automation, curation and sharing of threat intelligence Relevant Products/Services to fight cyber attacks, today announced that President and CEO Anne Bonaparte was named a Female Executive of the Year Silver Stevie® Award winner in the 12th annual Stevie Awards for Women in Business
Here's a Spy Firm's Price List for Secret Hacker Techniques(Wired) The trade in the secret hacker techniques known as "zero day exploits" has long taken place in the dark, hidden from the companies whose software those exploits target, and from the privacy advocates who revile the practice. But one zero-day broker is taking the market for these hacking techniques into the open, complete with a full price list
Inside the largely unexplored world of mainframe security(Help Net Security) The security of mainframe computers — the so-called "big iron", which is mainly used by large organizations for critical applications, bulk data and transaction processing — is not a topic that has garnered much interest from the public
Guidelines for smart city technology adoption(Help Net Security) Securing Smart Cities, the not-for-profit global initiative addressing the cyber security challenges of smart cities, released guidelines jointly developed by Securing Smart Cities and the Cloud Security Alliance (CSA) for the adoption of smart city technology
Insider Threats: 10 Ways To Protect Your Data(InformationWeek) While IT focuses on outside threats, danger lurks from within — your employees. Whether intentional or unintentional, data breaches resulting from workers mishandling data can be prevented. Here's a look at 10 ways it can be done effectively
Don't Just Turn It On(Alert Logic Blog) Most businesses do a pretty thorough job of planning and researching their security purchases
Norms of cyberwar in peacetime(Brookings) Cyberattacks and the appropriate response are new territories in national security. While most attacks do little damage and their perpetrators are often unclear, the potential risk is growing
Canada quietly ramped up security: Expert(Ottawa Sun) A noted terrorism expert believes domestic security forces have quietly ramped up their efforts in the wake of the Paris attacks, despite terrorists making no specific threat against Canada
University Responds to Accusations of FBI Funding for Tor Hack(SecurityWeek) Carnegie Mellon University released a statement on Wednesday in response to recent allegations that the organization was paid by the FBI for help in unmasking individuals suspected of using the Tor anonymity network for illegal activities
Education Department CIO says FITARA Scorecard is bogus(FierceGovernmentIT) The Education and Energy departments were ranked the worst among federal agencies for their failure to execute the Federal Information Technology Acquisition Reform Act, or FITARA, in a scorecard issued by lawmakers earlier this month
Connolly, Chaffetz can't have it both ways on FITARA Scorecard(FierceGovernmentIT) Compliance and implementation are difficult things to measure in the world of federal information technology, so the government relies on inspectors general, the Government Accountability Office, Congress and others to ensure agencies are minding their Ps and Qs
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Internet-of-Things World Forum 2015(London, England, UK, November 18 - 19, 2015) This conference features speakers from leading IoT companies and their customers. Learn how the Internet-of-Things is creating new markets for products, services, and solutions
2015 U.S. Cyber Crime Conference(National Harbor, Maryland, USA, November 14, 2015) The 2015 U.S. Cyber Crime Conference (Formerly the DoD Cyber Crime Conference) has brought world-class forensics and incident response training combined with outstanding community networking for over 15...
CyberPoint 2nd Annual Women in Cyber Security Reception(Baltimore, Maryland, USA, November 19, 2015) CyberPoint International announces its 2nd Annual Women in Cyber Security Reception to be held on November 19, 2015. Bringing together women from across the region and all different points on the career...
Pen Test Hackfest Summit & Training(Alexandria, Virgina, USA, November 16 - 23, 2015) SANS Pen Test Hackfest Training Event and Summit is coming back to Washington DC, bigger and better than ever! The Hackfest is an ideal way to learn offensive techniques so you can better defend your environment.
Energy Tech 2015(Cleveland, Ohio, USA, November 30 - December 2, 2015) Now in its 5th year, EnergyTech 2015 seeks the convergence of the best minds in policy, systems engineering and applied technology to address some of the critical issues of our time. In addition to its...
IoT Security Foundation Conference(London, England, UK, December 1, 2015) The is the first official conference of IoTSF. It follows on from the IoT Security Summit earlier in the year, maintaining the momentum of the theme. Delegates can expect a similar level of quality of...
Public Sector Cybersecurity Summit 2015(Reston, Virginia, USA, December 1 - 2, 2015) The Raytheon|Websense 6th Annual Public Sector Cybersecurity Summit is a unique opportunity to learn about the state of cybersecurity and how to prepare for future threats from many thought provoking government...
Enterprise Security and Risk Management(London, England, UK, December 2, 2015) Whitehall Media's 4th ESRM conference will bring together hundreds of leading InfoSec, cyber security and risk management professionals to discuss the latest industry developments and identify the most...
Cargo Logistics America(San Diego, California, USA, December 2 - 3, 2015) Cargo Logistics America (CLA) connects freight owners with freight movers, fostering multimodal synergy between diverse stakeholders in import, export and domestic supply chains. This year's conference...
NG Security Summit US(Austin, Texas, USA, December 2 - 4, 2015) The NG Security Summit US will bring together 65 senior decision makers and business leaders from across the region. The event aims to solve key business challenges. In particular, the ability to network...
Program on Cyber Security Studies (PCSS)(Garmisch-Partenkirchen, Germany, December 2 - 17, 2015) The Marshall Center has developed a comprehensive program to explore the increasing domestic, international and transnational challenges in cyber security. Our goal is to provide a comprehensive, policy-focused,...
Cloud Security Alliance Summit Los Angeles 2015(Los Angeles, California, USA, December 3, 2015) The full day Cloud Security Alliance LA Summit is a standalone event in the greater Los Angeles area. Hosted by the CSA LA/SoCal chapter, some 200 well-qualified attendees are expected. The theme is "Enterprise...
2015 Cyber Security Exchange(Orlando, Florida, USA, December 6 - 8, 2015) This dynamic, three-day event will provide Cyber Security executives with valuable insights to reach their full potential by exploring security leadership strategies, heightened data privacy concerns,...
Disrupt London 2015(London, England, UK, December 7 - 8, 2015) TechCrunch Disrupt is one of the most anticipated technology conferences of the year. Join us at this iconic startup and thought leadership event in London on December 7 and 8. What happens at Disrupt?...
Passwords 2015(University of Cambridge, England, UK, December 7 - 9, 2015) More than half a billion user passwords have been compromised over the last five years, including breaches at internet companies such as Target, Adobe, Heartland, Forbes, LinkedIn, Yahoo, and LivingSocial.
ACSAC (Annual Computer Security Applications Conference)(Los Angeles, California, USA, December 7 - 11, 2015) ACSAC is one of the most important cyber security conferences in the world, and the oldest information security conference held annually. Researchers, government representatives, academia and security...
NSA RCTCON(Fort Meade, Maryland, USA, December 9, 2015) The NSA RCTCON industry exposition will be attended by 250-300 IC (Intelligence Community) cyber personnel working on solutions to the current cyber threats that face the U.S
SANS Institute: Information Security Training(Las Vegas, Nevada, USA, September 12 - 21, 2015) Information security training in Las Vegas from SANS Institute, the global leader in information security training. At SANS Network Security 2015, SANS offers more than 40 hands-on, immersion-style security...
cyberSecure (New York, New York, USA, December 15 - 16, 2015) Today's business leaders recognize that a multi-disciplinary approach is critical to protecting the bottom line. What's too often missed is a vision that incorporates best practices that allow you add...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.