The terrorist strike against the Brussels airport had its expected effect on cyber attacks worldwide, with researchers noting attack activity spikes in both Western Europe and North America. Much of the activity appears ISIS-inspired, but most if not all of it failed to rise above the familiar nuisance level Islamist hacktivists have achieved in the past. (In fact, the annual #OpIsrael action by Anonymous factions, according to Cytegic’s March intelligence report, even showed declining levels of efficacy.)
Governments and electrical power utilities in the US and UK continue to look to ways of shoring up their grids’ defenses. The attacker-induced rolling blackouts in Ukraine are widely regarded as having crossed a significant line in cyber conflict.
SurfWatch says it’s detected and stopped an attempt on websites and fora hosted by Invision Power Services. The threat actor, identified as “AlphaLeon,” began leasing a Trojan, “Thanatos,” in a malware-as-a-service offering in March. He gained access to Invision Power Services (which hosts fully functional e-commerce sites, some of them for large companies) in an effort to increase the size of his botnet. SurfWatch detected his activity and notified Invision Power Services, which then closed off AlphaLeon’s access point.
In industry news, SecureWorks IPO, expected to price tomorrow, is receiving some favorable advance previews from analysts.
In comments prompted by its running dispute with Apple, the US FBI says there’s no “one-size-fits-all” approach to gathering evidence. Apple, for its part, says it’s received requests for source code from China’s government (it refused to comply).
Today's issue includes events affecting Australia, Belgium, China, Cyprus, Iraq, Israel, New Zealand, Syria, United States.
We'll continue our coverage of the SINET ITSEF conference from Mountain View, California, today. Watch for our customary live-Tweets and tomorrow's special issue.
ON THE PODCAST
Catch the CyberWire's Podcast later this afternoon, with interviews, educational tips, and more on the stories of the day.
SINET ITSEF 2016: Finding Ground Truth in the Security Ecosystem(The CyberWire) The sessions on ITSEF's first day explored topics of close interest to security entrepreneurs: how to quantify cyber risk, how to use adversary modeling to organize defenses, how to design products for integration into customer enterprises, and how (or whether) the concept of an OODA loop can be appliced to cyber defense. Rick Geritz, founder and CEO of LifeJourney, opened the conference with welcoming remarks that drew attention to the way in which ITSEF’s history has paralleled the emergence of the Chief Information Security Officer’s role in government and industry
Stepping over the cyber line(C4ISR & Networks) The recent cyberattack on the Ukraine’s power grid has caused several organizations to rethink the threats posed to the U.S. power grid
UN Energy Tsar Warns UK of Cyber Threat(Infosecurity Magazine) The UK’s energy sector is at serious risk of a crippling cyber attack on its infrastructure, the head of the World Energy Council has claimed
Security Firm Discovers Secret Plan to Hack Numerous Websites and Forums(Softpedia) Security researchers from SurfWatch Labs have shut down a secret plan to hack and infect hundreds or possibly thousands of forums and websites hosted on the infrastructure of Invision Power Services, who are the makers of the IP.Board forum platform, now known as the IPS Community Suite
Blue Screen of Death meets cybercrime – true or false?(Naked Security) Over the past week or so, an intriguing story has appeared around and about the web. It falls short of a meme, but sits higher than a rumour, and it’s attracted attention because it deals with an increasingly-endangered event: a BSoD
Most Businesses Have no Cyberattack Response Capability(Channel Partners) Less than one-quarter (23 percent) of organizations are capable of responding effectively to a cyberincident, while 77 percent have no capability to respond to critical incidents and often buy support services only after an incident
SIM Market Insights 2015(SIMalliance) SIMalliance is the global, non-profit industry association which simplifies aspects of hardware-based device security to drive the creation, deployment and management of secure mobile services
SecureWorks Goes Big As First Major Tech IPO Of 2016(Seekihg Alpha) Deal set to price this Thursday evening, 4.21.2016. Enormous team of underwriters includes BofA, Goldman, JPM, Morgan Stanley, Barclays, Citi, UBS, and many others. We strongly suggest obtaining an allocation. While peers Rapid7 and FireEye have struggled post-IPO, the excitement surrounding the deal could boost it to early success
IKANOW 1.5 Release – Giving Information Security Analysts Lightning Fast Search(IKANOW) IKANOW today released Information Security Analytics (ISA) 1.5. The release includes several new features and some of the most powerful are designed to give information security analysts contextualized search capabilities that can reduce the investigation time between identified incident and confirmed intrusion
Symantec releases beta for Norton Security Premium 2017(Neowin) The American tech company Symantec has made a beta version of Norton Security Premium 2017 available to the public. The virus protection software will be available to users during a 14-day trial period after its installation. The suite will improve upon the currently available Norton Security and Antivirus software
FireEye Introduces Cybersecurity Risk Assessment for Mergers & Acquisitions(CSO) FireEye, Inc. (NASDAQ: FEYE), the leader in stopping today's advanced cyber attacks, today announced the launch of Mandiant® Mergers & Acquisitions (M&A) Risk Assessment, a new rapid service offering cybersecurity assessment as to the level of cyber security risk present in the acquisition that could drive decisions
Anonabox’ Devices Keep Identity Anonymous Using Tor and VPN(HackRead) Anonabox, a hardware company focused on providing internet security and privacy for users has announced the launch of an array of innovative, small-sized new devices, which have been designed primarily to help internet users remain anonymous while surfing the net. These devices have been produced by Sochule, which recently acquired Anonabox
Crisis Communication After an Attack(MIT Technology Review) Here’s an increasingly common scenario: You’re a business or IT leader, and you learn—quite possibly from sources outside your company—that cyberattackers have compromised your organization’s systems. You don’t know yet how serious a breach you’re facing, but it’s clearly time to activate your crisis-communication plan
5 Steps to Protect Against Ransomware(Above Security) Ransomware is a type of malware that attacks your computer and usually threatens to encrypt all your data and files unless a fee is paid within a certain time limit in order to decrypt your information
DARPA could double wireless capacity(C4ISR & Networks) A DARPA-funded team has been able to produce electronic circuits that could double capacity for wireless communications. Researchers at Columbia University, funded under DARPA's Arrays at Commercial Timescales (ACT) program, were able to make miniaturized circulators that ensure that radio frequency signals
A New Generation of Unrestricted Warfare(War on the Rocks) In 1999, two Chinese colonels wrote a book called Unrestricted Warfare, about warfare in the age of globalization. Their main argument: Warfare in the modern world will no longer be primarily a struggle defined by military means — or even involve the military at all. They were about a decade and a half before their time
The dumb, delusional US Senate encryption bill is everything wrong with tech politics(Quartz) There is much I could write about this week: Intel’s rumored layoffs in Oregon just ahead of its quarterly earnings release, president Obama’s support of the FCC’s open cable box proposal, Motor Trend’s shameless attempt to design the putative Apple Car by committee (with the regrettable participation of an otherwise-serious Apple blog), or rumors of an Apple App Store reorganization (about time) and paid-search app promotion (what?). Exciting as these all are, we have a more pressing matter before us: The just-released draft of the Compliance with Court Orders Act of 2016, an anti-encryption bill co-authored by Senate Select Committee on Intelligence chairman Richard Burr (North Carolina Republican) and vice chairman Dianne Feinstein (California Democrat)
Cyber Threats: Only Getting Worse(Cipher Brief) Former CIA Acting Director and Deputy Director Michael Morell spoke with The Cipher Brief about his assessment of the growing cyber-threat, as well as a potential solution to increasingly contentious discord between government and the tech industry on the topic of encryption
Secret spy court scolded NSA, FBI for not deleting data(The Hill) Analysts within the National Security Agency “potentially” violated the law by improperly failing to delete information collected about people on the Internet, the federal court overseeing U.S. intelligence agencies declared in an opinion declassified on Tuesday
U.S. spy court judge dismissed privacy advocate's concerns about data use(Los Angeles Times) An independent lawyer assigned to represent Americans’ privacy interests before the nation’s top-secret spy court failed to persuade a judge to block FBI agents from searching intelligence databases to hunt for evidence of traditional crimes rather than restricting them to national security probes, according to a newly declassified court opinion
China Sentences Man to Death for Espionage, Saying He Sold Secrets(New York Times) In a sign of China’s increasingly aggressive efforts to combat espionage and other security threats, the government said it had sentenced a former computer technician to death for selling 150,000 classified documents to foreign spies, according to state media reports on Tuesday
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
CSO 50 Conference and Awards(Litchfield Park, Arizona, USA, April 18 - 20, 2016) We at CSO, the award-winning media brand, will bring you speakers from up to 50 organizations with outstanding security prowess. Over 2 ½ days, these distinguished executives and technologists will share...
2016 Cybersecurity Symposium( Coeur d’Alene, Idaho, USA, April 18 - 20, 2016) The Cybersecurity Symposium: Your Security, Your Future is an opportunity for academic researchers and software and system developers from industry and government to meet and discuss state of the art processes...
Amsterdam 2016 FIRST Technical Colloquium(Amsterdam, the Netherlands, April 19 - 20, 2016) FIRST Technical Colloquia & Symposia provide a discussion forum for FIRST member teams and invited guests to share information about vulnerabilities, incidents, tools and all other issues that affect the...
Security & Counter Terror Expo 2016(London, England, UK, April 19 - 20, 2016) Security & Counter Terror Expo (formerly Counter Terror Expo) is the event for any professional tasked with protecting assets, business, people and nations from terrorism. It brings over 9000 attendees...
SINET IT Security Entrepreneurs Forum (ITSEF) 2016(Mountain View, California, USA, April 19 - 20, 2016) IT Security Entrepreneurs Forum (ITSEF) — SINET's flagship event — is designed to bridge the gap between the Federal Government and private industry. ITSEF provides a venue where entrepreneurs can meet...
SecureWorld Philadelphia(King of Prussia, Pennsylvania, USA, April 20 - 21, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...
Army SIGINT(Fort Meade, Maryland, USA, April 25, 2016) Approximately 500 attendees will come together to discuss future technologies in Signals Intelligence (SIGINT), focusing on applications for the actual users in the field (the soldiers). Most attendees...
6th European Data Protection Days (EDPD)(Berlin, Germany, April 25 - 26, 2016) The EDPD Conference will provide participants from the business side with all the important news and updates for the international data protection business at a high level. These include key developments...
CISO San Francisco(San Francisco, California, USA, April 26, 2016) The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions...
Staying Ahead of the Curve - Securing a Nation Amid Change(Washington, DC, USA, April 26, 2016) A discussion of the changing cybersecurity landscape, featuring a keynote by General Keith Alexander, former Director, National Security Agency, and a panel discussion of the challenges facing Federal...
Assured Communications 2016(Crystal City, Virginia, USA, April 27, 2016) A basic tenet of building an expeditionary fighting force that can respond to hot spots around the world is the ability to surge. That applies to satellite bandwidth as much as it does to personnel and...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.