Reviews of ISIS cyber capabilities (including its jihad helpdesk and cyber operations manual) continue, with derision from Wired, Krebs, and others. Reviews of ISIS information operations, however, are much less derisive: here, at least, the Caliphate is regarded as displaying considerable marketing savvy (and information operations are essentially marketing in battledress). The messaging is brutal in the extreme — do remember, in the face of the temptation to regard the Internet with the disinhibition appropriate to video games, that actual murder is committed therein — but its appeal to the target demographic seems undeniable. Much of the carnage ISIS commits is done with an eye to messaging (and many observers see rival Al Qaeda's strike in Mali last week as an attempt to regain terrorist mindshare).
It's proving difficult to move ISIS off social media accounts, pace the large claims of Anonymous, which Ars Technica sees as conducting a predictably indiscriminate campaign of account reporting.
Someone claiming to represent Anonymous warned of massive ISIS terror actions Sunday. These didn't materialize, and Anonymous says it doesn't know who issued the warnings. Other adherents of the collective claim to have attacked German media (for showing Anonymous insufficient respect) and Japan's Health Ministry (for unclear reasons). It's only fair to note the difficulty of crediting an anarchist collective with policy or programs, as distinct from shared sympathies, so criticisms of Anonymous for lack of focus may be harshly founded on unreasonably high expectations.
Cybercrime hasn't stopped: see individual stories of evolving threats to online commerce.
Today's issue includes events affecting Australia, Canada, China, European Union, France, Germany, Iraq, Japan, Morocco, Russia, Syria, United Arab Emirates, United Kingdom, United States.
Cyber Attacks, Threats, and Vulnerabilities
ISIS' OPSEC Manual Reveals How It Handles Cybersecurity(Techworm) After the gruesome Paris attacks, there have been various reports of varied use of Internet by ISIS for propagating its ideology as well as coordinating its deadly terrorist attacks. While some reports state that ISIS used encrypted channels of communication like the PlayStation 4 and Telegram, other reports state that they used plain vanilla unencrypted SMS to communicate with each other and coordinate the attacks
ISIS Jihadi Helpdesk Customer Log, Nov. 20(KrebsOnSecurity) From NBC News come revelations that ISIS has its very own web-savvy, 24-hour Jihadi Help Desk manned by a half-dozen senior operatives to assist foot soldiers in spreading their message far and wide. My first reaction to this story was disbelief, then envy (hey, where the heck is my 24/7 support?). But soon enough I forgot about all that, my mind racing with other possibilities
ISIS: Terror Has Gone Social [Infographic](ZeroFOX) ISIS has built a sophisticated and effective online propaganda engine, exploiting many mainstream networks such as Facebook, YouTube, Twitter, Telegram, WhatsApp, Diaspora and LinkedIn. Their efforts resemble a well-oiled marketing department, employing experts in PR and design to ensure a legitimate appearance
Why Facebook and Twitter Can't Just Wipe Out ISIS Online(Wired) Given that ISIS and other terrorist organizations have proven adept at using social media to disseminate propaganda and incite fear, it seems obvious that platforms like Facebook and Twitter would aggressively and mercilessly delete such content and ban those who post it
'Spying' on Islamic State instead of hacking them(BBC) In the wake of the Paris attacks, the vigilante hacker group Anonymous has declared war on so-called Islamic State using the internet and claims to have shut thousands of Twitter accounts used by IS operatives. But a much smaller online group has also emerged, with quite a different strategy — and they claim they've already thwarted at least one terror attack
Fake terror alert emails spread malware(Graham Cluley) Researchers have uncovered malicious emails that are spoofing terror alerts from law enforcement agencies in order to trick users into downloading the Jsocket remote access troja
Vonteera Adware Uses Certificates to Disable Anti-Malware(Malwarebytes Unpacked) Vonteera is an adware family that has been around for years. They stand out from the rest because of their very intrusive changes to the affected systems, which is why you will see them classified as Trojan by some anti-malware solutions
Starwood Hotels Warns of Credit Card Breach(KrebsOnSecurity) Starwood Hotels & Resorts Worldwide today warned that malware designed to help cyber thieves steal credit and debit card data was found on point-of-sale cash registers at some of the company's hotels in North America
After Paris, new worries over electrical grid attack(USA Today) The potential for a devastating attack on the U.S. electricity grid remains high on the minds of utility and government leaders, especially in light of the deadly terrorist actions in Paris on Nov. 13
Energy industry under cyber-attack(Kallanish Energy) A major high-pressure, interstate pipeline's sensors show nothing is wrong — as crude oil spews barrels of product in the middle of "nowhere"
Cybersecurity and the Manufacturing Mindset(Automation World) As the network infrastructure evolves to include more connected systems and smart devices, so must a company's security strategy. The move is on to a built-in vs. a bolt-on model, which requires an ecosystem of technology partners and an eye toward business
Australians among world's worst malware victims — but the death of APTs signals worse times ahead(CSO) Australian users remain among the world's most likely to click on malicious links, new industry research suggests — but if you thought things were bad now, hold onto your hats: security specialists warn that 2016 is likely to make things even worse as growing desire to commercialise the spoils of data breaches drives a transformation in the way attackers launch already-insidious advanced persistent threats (APTs)
CME Ventures invests in cyber security firm(Crain's Chicago Business) Futures exchange operator CME Group's venture arm has made another investment, this time in a cyber security software company with roots in Israel
Cybersecurity Sector's Biggest Challenge (It's Not The Hackers)(PYMNTS) The security certification and industry body (ISC)² predicts that 6 million security professionals will be needed by both the public and private sectors by 2019. Unfortunately, only 4.5 million of those experts will have the necessary qualifications
Saudi citizens well equipped for careers in cybersecurity(MENAFN) According to a new survey commissioned by Raytheon Company and the National Cyber Security Alliance (NCSA) adults and youths in the Middle East region are more confident in their knowledge of and education in cyber-related issues than in the rest of the world and feel they have a good understanding of the elements involved in cybersecurity
PwnBin: A script for scraping Pastebin for leaked API keys, SSH credentials(Help Net Security) Pastebins, apart from being a great help for programmers as they offer a place where one can store text online for a set period of time and share it with others, are also loved by hackers who often use them to leak stolen credentials — mostly usernames and passwords to popular online services, but also other types of sensitive credentials
Technologies, Techniques, and Standards
German Government Audits Truecrypt(Threatpost) TrueCrypt continues to fascinate even though it hasn't been updated in more than a year and has been cleared of backdoors in more than one extensive audit
Defining a Cyber Breach Workflow Is Key, and Expensive(Financial Executives International Daily) Financial executives facing a cyber breach will find themselves in a spiral of legal, technical and public relations landmines, but a workflow can be put in place to manage even the most catastrophic events, said John Reed Stark, keynote speaker at Financial Executive International's Current Financial Reporting Issues conference in New York
Security Council calls for eradicating ISIL safe havens in Syria and Iraq(UN News Centre) The United Nations Security Council this evening called on all countries that can do so to take the war on terrorism to Islamic State-controlled territory in Syria and Iraq and destroy its safe haven, warning that the group intends to mount further terror attacks like those that devastated Paris and Beirut last week
Pentagon pressing allies for more help against Islamic State(AP via Yahoo! News) The Pentagon is pressing European and Arab allies to provide more troops and support for the war against the Islamic State group, hoping that the horror of the Paris attacks — and the fear more are coming — will compel them to get more deeply involved
China 'Vulnerable' in Cyberspace, US Cyber Chief Warns(Defense News) The head of US Cyber Command said China is as vulnerable to cyber attacks as any other nation, offering a veiled suggestion that further malicious hacks by the Chinese could result in reprisals in the cyber realm
Foster specialized staff to fend off cyber-attacks(Yomiuri Shimbun via the Japan News) The government's move to strengthen its measures against cyber-attacks on municipalities was prompted by its strong desire to curb the public's uncertainty regarding the My Number system
There's a booming black market for fake Syrian passports(Washington Post) The terrorist who blew himself up outside the Stade de France had fingerprints matching that of a man who arrived on European shores Oct. 3 alongside desperate migrants who had crossed over from Turkey, according to French and Greek officials
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Energy Tech 2015(Cleveland, Ohio, USA, November 30 - December 2, 2015) Now in its 5th year, EnergyTech 2015 seeks the convergence of the best minds in policy, systems engineering and applied technology to address some of the critical issues of our time. In addition to its...
IoT Security Foundation Conference(London, England, UK, December 1, 2015) The is the first official conference of IoTSF. It follows on from the IoT Security Summit earlier in the year, maintaining the momentum of the theme. Delegates can expect a similar level of quality of...
Public Sector Cybersecurity Summit 2015(Reston, Virginia, USA, December 1 - 2, 2015) The Raytheon|Websense 6th Annual Public Sector Cybersecurity Summit is a unique opportunity to learn about the state of cybersecurity and how to prepare for future threats from many thought provoking government...
Enterprise Security and Risk Management(London, England, UK, December 2, 2015) Whitehall Media's 4th ESRM conference will bring together hundreds of leading InfoSec, cyber security and risk management professionals to discuss the latest industry developments and identify the most...
Cargo Logistics America(San Diego, California, USA, December 2 - 3, 2015) Cargo Logistics America (CLA) connects freight owners with freight movers, fostering multimodal synergy between diverse stakeholders in import, export and domestic supply chains. This year's conference...
NG Security Summit US(Austin, Texas, USA, December 2 - 4, 2015) The NG Security Summit US will bring together 65 senior decision makers and business leaders from across the region. The event aims to solve key business challenges. In particular, the ability to network...
Program on Cyber Security Studies (PCSS)(Garmisch-Partenkirchen, Germany, December 2 - 17, 2015) The Marshall Center has developed a comprehensive program to explore the increasing domestic, international and transnational challenges in cyber security. Our goal is to provide a comprehensive, policy-focused,...
Cyber Security Breakdown: Washington DC(Washington, DC, USA, December 3, 2015) This half day session will provide you with the critical information you need to start formulating an effective response in the eventuality of a cyber security event. Rather than try and handle the breach...
Cloud Security Alliance Summit Los Angeles 2015(Los Angeles, California, USA, December 3, 2015) The full day Cloud Security Alliance LA Summit is a standalone event in the greater Los Angeles area. Hosted by the CSA LA/SoCal chapter, some 200 well-qualified attendees are expected. The theme is "Enterprise...
2015 Cyber Security Exchange(Orlando, Florida, USA, December 6 - 8, 2015) This dynamic, three-day event will provide Cyber Security executives with valuable insights to reach their full potential by exploring security leadership strategies, heightened data privacy concerns,...
Disrupt London 2015(London, England, UK, December 7 - 8, 2015) TechCrunch Disrupt is one of the most anticipated technology conferences of the year. Join us at this iconic startup and thought leadership event in London on December 7 and 8. What happens at Disrupt?...
Passwords 2015(University of Cambridge, England, UK, December 7 - 9, 2015) More than half a billion user passwords have been compromised over the last five years, including breaches at internet companies such as Target, Adobe, Heartland, Forbes, LinkedIn, Yahoo, and LivingSocial.
ACSAC (Annual Computer Security Applications Conference)(Los Angeles, California, USA, December 7 - 11, 2015) ACSAC is one of the most important cyber security conferences in the world, and the oldest information security conference held annually. Researchers, government representatives, academia and security...
NSA RCTCON(Fort Meade, Maryland, USA, December 9, 2015) The NSA RCTCON industry exposition will be attended by 250-300 IC (Intelligence Community) cyber personnel working on solutions to the current cyber threats that face the U.S
SANS Institute: Information Security Training(Las Vegas, Nevada, USA, September 12 - 21, 2015) Information security training in Las Vegas from SANS Institute, the global leader in information security training. At SANS Network Security 2015, SANS offers more than 40 hands-on, immersion-style security...
cyberSecure (New York, New York, USA, December 15 - 16, 2015) Today's business leaders recognize that a multi-disciplinary approach is critical to protecting the bottom line. What's too often missed is a vision that incorporates best practices that allow you add...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.