skip navigation

More signal. Less noise.

Daily briefing.

The terrorist strike against the Brussels airport had its expected effect on cyber attacks worldwide, with researchers noting attack activity spikes in both Western Europe and North America. Much of the activity appears ISIS-inspired, but most if not all of it failed to rise above the familiar nuisance level Islamist hacktivists have achieved in the past. (In fact, the annual #OpIsrael action by Anonymous factions, according to Cytegic’s March intelligence report, even showed declining levels of efficacy.)

Governments and electrical power utilities in the US and UK continue to look to ways of shoring up their grids’ defenses. The attacker-induced rolling blackouts in Ukraine are widely regarded as having crossed a significant line in cyber conflict.

SurfWatch says it’s detected and stopped an attempt on websites and fora hosted by Invision Power Services. The threat actor, identified as “AlphaLeon,” began leasing a Trojan, “Thanatos,” in a malware-as-a-service offering in March. He gained access to Invision Power Services (which hosts fully functional e-commerce sites, some of them for large companies) in an effort to increase the size of his botnet. SurfWatch detected his activity and notified Invision Power Services, which then closed off AlphaLeon’s access point.

In industry news, SecureWorks IPO, expected to price tomorrow, is receiving some favorable advance previews from analysts.

In comments prompted by its running dispute with Apple, the US FBI says there’s no “one-size-fits-all” approach to gathering evidence. Apple, for its part, says it’s received requests for source code from China’s government (it refused to comply).


Today's issue includes events affecting Australia, Belgium, China, Cyprus, Iraq, Israel, New Zealand, Syria, United States.

We'll continue our coverage of the SINET ITSEF conference from Mountain View, California, today. Watch for our customary live-Tweets and tomorrow's special issue.

Catch the CyberWire's Podcast later this afternoon, with interviews, educational tips, and more on the stories of the day.

SINET IT Security Entrepreneurs Forum (ITSEF) 2016 (Mountain View, California, USA, April 19 - 20, 2016) ITSEF introduces entrepreneurs to government, business and investment leaders for open collaboration on cybersecurity challenges. Register today.

Cyber Security Summit (Dallas, Texas, USA, May 3, 2016) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security. Register with promo code cyberwire50 for half off your admission (Regular price $250)

Georgetown Cybersecurity Law Institute (Washington, DC, USA, May 25 - 26, 2016) Experienced government officials, general counsels, and cybersecurity practitioners offer insight into governance, preparedness, and resilience. Register Today, CyberWire readers receive a $100 DISCOUNT using code WIRE16.

Dateline SINET ITSEF 2016

SINET IT Security Entrepreneurs Forum (ITSEF) 2016: "Bridging the Gap Between Silicon Valley and the Beltway" (SINET) IT Security Entrepreneurs Forum (ITSEF) — SINET's flagship event — is designed to bridge the gap between the Federal Government and private industry. ITSEF provides a venue where entrepreneurs can meet and interact directly with leaders of government, business and the investment community in an open, collaborative environment focused on addressing the Cybersecurity challenge

SINET ITSEF 2016: Finding Ground Truth in the Security Ecosystem (The CyberWire) The sessions on ITSEF's first day explored topics of close interest to security entrepreneurs: how to quantify cyber risk, how to use adversary modeling to organize defenses, how to design products for integration into customer enterprises, and how (or whether) the concept of an OODA loop can be appliced to cyber defense. Rick Geritz, founder and CEO of LifeJourney, opened the conference with welcoming remarks that drew attention to the way in which ITSEF’s history has paralleled the emergence of the Chief Information Security Officer’s role in government and industry

Minister Sajjan to deliver keynote address at the 2016 SINET IT Security Entrepreneurs Forum (Government of Canada | Gouvernement de Canada) Defence Minister Harjit S. Sajjan will deliver a keynote address at the 2016 SINET IT Security Entrepreneurs Forum to discuss how the Communications Security Establishment (CSE) is approaching evolving challenges in cyber security

Cyber Attacks, Threats, and Vulnerabilities

Brussels Attacks Led to Cyber-Attack Increases (Infosecurity Magazine) March saw heightened cyber activity worldwide, with terrorist attacks impacting cyber-attacks on a global basis

Stepping over the cyber line (C4ISR & Networks) The recent cyberattack on the Ukraine’s power grid has caused several organizations to rethink the threats posed to the U.S. power grid

UN Energy Tsar Warns UK of Cyber Threat (Infosecurity Magazine) The UK’s energy sector is at serious risk of a crippling cyber attack on its infrastructure, the head of the World Energy Council has claimed

Security Firm Discovers Secret Plan to Hack Numerous Websites and Forums (Softpedia) Security researchers from SurfWatch Labs have shut down a secret plan to hack and infect hundreds or possibly thousands of forums and websites hosted on the infrastructure of Invision Power Services, who are the makers of the IP.Board forum platform, now known as the IPS Community Suite

Outdated Git version in OS X puts developers at risk (IDG via CSO) The Git version shipped with Apple's command line developer tools is vulnerable to remote code execution attacks

Blue Screen of Death meets cybercrime – true or false? (Naked Security) Over the past week or so, an intriguing story has appeared around and about the web. It falls short of a meme, but sits higher than a rumour, and it’s attracted attention because it deals with an increasingly-endangered event: a BSoD

Web host 123-reg accidentally slaughters customers’ sites (Naked Security) Customers of the web host 123-reg are frantically trying to rebuild their online businesses after the host accidentally erased an unknown number of their virtual private servers (VPS) during a clean-up

Hacking Team postmortem is something all security leaders should read (CSO) Hacking Team is back in the news again. Last weekend, the person responsible for Hacking Team's meltdown posted a recap of the incident, including a detailed overview of how they hacked the Italian firm

Security Patches, Mitigations, and Software Updates

Google: Android security is stronger than ever (CSO) The company scanned 6 billion apps per day in the last year as part of its effort to secure Android's far-flung landscape

Cyber Trends

Most Businesses Have no Cyberattack Response Capability (Channel Partners) Less than one-quarter (23 percent) of organizations are capable of responding effectively to a cyberincident, while 77 percent have no capability to respond to critical incidents and often buy support services only after an incident

Research identifies organised cyber threat to Australia (Computerweekly) Researchers have identified the profiles of cyber criminals and identified the one that is the biggest threat to Australian organisations

Governments vulnerable to attack, says Palo Alto Networks (IT Brief) Governments need to reassess how they’re handling cyber attacks, according to Palo Alto Networks


Huge data breaches have been good for security stocks (CNBC) IT security stocks have soared after the seven big data breaches made public over the past three years, according to the Bessemer Venture Partners Cyber Index released Tuesday

SIM Market Insights 2015 (SIMalliance) SIMalliance is the global, non-profit industry association which simplifies aspects of hardware-based device security to drive the creation, deployment and management of secure mobile services

SecureWorks Goes Big As First Major Tech IPO Of 2016 (Seekihg Alpha) Deal set to price this Thursday evening, 4.21.2016. Enormous team of underwriters includes BofA, Goldman, JPM, Morgan Stanley, Barclays, Citi, UBS, and many others. We strongly suggest obtaining an allocation. While peers Rapid7 and FireEye have struggled post-IPO, the excitement surrounding the deal could boost it to early success

Strategic Cyber Ventures Invests in Deception Technology Vendor TrapX (eWeek) Tom Kellermann, former CSO of Trend Micro, started Strategic Cyber Ventures three months ago, and now he's ready to announce his first investment

Cyber security co TrapX raises $14m (Globes) Sales of the company's DeceptionGrid software tripled in 2015

LANDESK completes Appsense acquisition (ARN) Merger strengthens unified endpoint management capabilities and security offerings

Experian to buy Austin tech firm for $360M (Austin Business Journal) Technology security company CSID Corp. has agreed to be sold for $360 million to credit report specialist Experian PLC

Thycotic Continues Momentum as Fastest Growing Provider of Privileged Account Management Solutions (BWW) Thycotic, a provider of privileged account management (PAM) solutions for more than 3,500 organizations worldwide, continues its record trajectory with a 77 percent compound annual growth rate (CAGR) in Q1 of 2016

IBM's Earnings Show Smooth Sailing For Its Cloud, Mobile And Security Businesses (Forbes) The numbers are in for IBM Corp.’s first quarter of 2016 and they are continuing to bulk up in next generation segments including cloud, mobility, and security

Here's Why Shares of IBM Are Sinking Today (Fortune) Investors are not impressed with its latest results

Is Verizon reinventing itself by shedding its legacy business? ( As recently as 2000, Verizon Communications boasted the nation's largest local phone network with more than 60 million phone lines in 40 states from New York, New Jersey, and Pennsylvania to Florida and California

Intel announces “evolution” away from PC industry, “up to 12,000” layoffs (Ars Technica) Confirms 11 percent shave of Intel's global workforce, reduced revenue projection

Colorado wants to duplicate Israel's success in cybersecurity (Denver Post) University of Denver's first Cybersecurity Summit brings politics, educators, startups, cybersecurity firms together with Israel

DigiCert CEO Nicholas Hales Named 2016 EY Entrepreneur Of The Year® Utah Region Finalist (PRNewswire) Hales' leadership has guided DigiCert to become the world's second-largest issuer of high-assurance digital certificates for retail, enterprise and the IoT

Products, Services, and Solutions

IKANOW 1.5 Release – Giving Information Security Analysts Lightning Fast Search (IKANOW) IKANOW today released Information Security Analytics (ISA) 1.5. The release includes several new features and some of the most powerful are designed to give information security analysts contextualized search capabilities that can reduce the investigation time between identified incident and confirmed intrusion

vArmour Announces the Industry's Most Simple, Scalable and Economical Data Center and Cloud Security Architecture, "Project Ice Cream" (MarketWired) vArmour takes a non-cloudwashing approach to securing clouds

VASCO Launches FIDO U2F Certified Authenticator for Use with Popular Online Applications (PRNewswire) DIGIPASS SecureClick one-button authenticator allows users to easily add the enhanced security of two-factor authentication to common applications

ThreatTrack Enhances Its Advanced Threat Protection Platform to Better Secure Distributed Networks (PRNewsire) ThreatSecure® Network 2.2 offers a hub-sensor architecture that delivers greater visibility and scale to accelerate malware detection and response across global networks

Another Big Messaging App Joins the End-to-End Encryption Party (Fortune) No self-respecting messaging service wants to be seen without end-to-end encryption this season, and Viber has become the latest to don the garb most recently flaunted by the scene’s biggest star, WhatsApp

Verizon looks at the emergence of software-defined networking (The Stack) SDN is not a new technology as such, but uses for it are. Businesses are finding novel and exciting ways to leverage SDN to improve performance, reinvent business processes and compete more effectively

Kaspersky Announces Antivirus for Industrial Control Systems (ICS) (Softpedia) With the number of attacks on industrial systems growing at a rapid pace, Kaspersky announced last week the launch of a new cyber-security solution aimed at Industrial Control Systems (ICS)

Symantec releases beta for Norton Security Premium 2017 (Neowin) The American tech company Symantec has made a beta version of Norton Security Premium 2017 available to the public. The virus protection software will be available to users during a 14-day trial period after its installation. The suite will improve upon the currently available Norton Security and Antivirus software

CrowdStrike Offers Cyber Risk Assessment Program Targeted at M&A Process (BusinessWire) New security assessment practice determines readiness for safe integration and identifies cyber risks to consider during M&A transactions

FireEye Introduces Cybersecurity Risk Assessment for Mergers & Acquisitions (CSO) FireEye, Inc. (NASDAQ: FEYE), the leader in stopping today's advanced cyber attacks, today announced the launch of Mandiant® Mergers & Acquisitions (M&A) Risk Assessment, a new rapid service offering cybersecurity assessment as to the level of cyber security risk present in the acquisition that could drive decisions

Dome9 triple protects AWS infrastructure, but is it necessary? (Network World) That old "is the cloud secure?" discussion has been reopened, and another vendor hopes to plug the gaps

Permit the Application, but Manage the Behavior -- Netskope Selects Infoblox to Protect Data and Ensure Compliance (MarketWired) nfoblox Inc. (NYSE: BLOX), the network control company, today announced that Netskope has deployed Infoblox solutions to achieve its mission of delivering secure cloud-based services to its customers

ThreatTrack Enhances Its Advanced Threat Protection Platform to Better Secure Distributed Networks (PRNewswire) ThreatSecure® Network 2.2 offers a hub-sensor architecture that delivers greater visibility and scale to accelerate malware detection and response across global networks

Anonabox’ Devices Keep Identity Anonymous Using Tor and VPN (HackRead) Anonabox, a hardware company focused on providing internet security and privacy for users has announced the launch of an array of innovative, small-sized new devices, which have been designed primarily to help internet users remain anonymous while surfing the net. These devices have been produced by Sochule, which recently acquired Anonabox

Technologies, Techniques, and Standards

DHS is busy sharing threat info with the private sector (FCW) The Automated Indicator Sharing system, which facilitates machine-to-machine sharing of cyber threat indicators between the federal government and the private sector, is busy

Making Ethically Based Decisions: Lessons from MedStar Health Cyber Attack (Physicians Money Digest) There has been an increasing number of cyber threats and “ransomware” attacks on healthcare information systems

Crisis Communication After an Attack (MIT Technology Review) Here’s an increasingly common scenario: You’re a business or IT leader, and you learn—quite possibly from sources outside your company—that cyberattackers have compromised your organization’s systems. You don’t know yet how serious a breach you’re facing, but it’s clearly time to activate your crisis-communication plan

5 Steps to Protect Against Ransomware (Above Security) Ransomware is a type of malware that attacks your computer and usually threatens to encrypt all your data and files unless a fee is paid within a certain time limit in order to decrypt your information

Design and Innovation

Microsoft and Google Want to Let Artificial Intelligence Loose on Our Most Private Data (MIT Technology Review) The recent emergence of a powerful machine-learning technique known as deep learning has made computing giants such as Google, Facebook, and Microsoft even hungrier for data. It’s what lets software learn to do things like recognize images or understand language

How machine learning in the cloud can help enterprise security (Tech Target) There's a growing trend of machine learning in the cloud and security should take advantage of it. Expert Dave Shackleford discusses machine learning and its benefits to security

Research and Development

Vencore to support DARPA cybersecurity (C4ISR & Networks) Vencore Labs has been awarded a $7.7 million DARPA cybersecurity contract

DARPA could double wireless capacity (C4ISR & Networks) A DARPA-funded team has been able to produce electronic circuits that could double capacity for wireless communications. Researchers at Columbia University, funded under DARPA's Arrays at Commercial Timescales (ACT) program, were able to make miniaturized circulators that ensure that radio frequency signals

The Military Wants a Privacy Firewall for Disaster Response (Defense One) A new tool to strip personal information from tweets and social media could help troops zero in on trouble spots


Liberty University Shines in Raytheon Cyber Tournament (DCInno) A group of seven students from rural Lynchburg, Va.-based Liberty University are making a name for themselves in a high-profile national collegiate cybersecurity competition

Legislation, Policy, and Regulation

President Xi calls for cyberspace security, technological breakthroughs ( Chinese President Xi Jinping on Tuesday called for coordinated development of cyberspace security and informatization as well as breakthroughs in core Internet technology

A New Generation of Unrestricted Warfare (War on the Rocks) In 1999, two Chinese colonels wrote a book called Unrestricted Warfare, about warfare in the age of globalization. Their main argument: Warfare in the modern world will no longer be primarily a struggle defined by military means — or even involve the military at all. They were about a decade and a half before their time

Netanyahu scraps plans to regulate cyber security cos (Globes) Israel will comply with the Wassenaar Arrangement, an international convention regulating cyber exports

Lawmakers call for middle ground on law enforcement access to encryption (IDG via CSO) Tech companies and law enforcement agencies need to find a compromise, House members say

Lawmakers Struggle for Answers on Encryption (Wall Street Journal) Congress offers few ideas on how to find a middle road between security and privacy

The dumb, delusional US Senate encryption bill is everything wrong with tech politics (Quartz) There is much I could write about this week: Intel’s rumored layoffs in Oregon just ahead of its quarterly earnings release, president Obama’s support of the FCC’s open cable box proposal, Motor Trend’s shameless attempt to design the putative Apple Car by committee (with the regrettable participation of an otherwise-serious Apple blog), or rumors of an Apple App Store reorganization (about time) and paid-search app promotion (what?). Exciting as these all are, we have a more pressing matter before us: The just-released draft of the Compliance with Court Orders Act of 2016, an anti-encryption bill co-authored by Senate Select Committee on Intelligence chairman Richard Burr (North Carolina Republican) and vice chairman Dianne Feinstein (California Democrat)

Cyber Threats: Only Getting Worse (Cipher Brief) Former CIA Acting Director and Deputy Director Michael Morell spoke with The Cipher Brief about his assessment of the growing cyber-threat, as well as a potential solution to increasingly contentious discord between government and the tech industry on the topic of encryption

House Bill Would Limit DoD Silicon Valley Outreach Fund (DefenseNews) A House subcommittee wants to withhold 20 percent of the funds for the expansion of the Pentagon’s key Silicon Valley outreach effort until the defense secretary provides a detailed plan to Congress

Three Ways to Judge the Pentagon’s Tech-Sector Outreach (Defense One) Hint: it’s not about how many zeroes are on the first checks

Litigation, Investigation, and Law Enforcement

Secret spy court scolded NSA, FBI for not deleting data (The Hill) Analysts within the National Security Agency “potentially” violated the law by improperly failing to delete information collected about people on the Internet, the federal court overseeing U.S. intelligence agencies declared in an opinion declassified on Tuesday

U.S. spy court judge dismissed privacy advocate's concerns about data use (Los Angeles Times) An independent lawyer assigned to represent Americans’ privacy interests before the nation’s top-secret spy court failed to persuade a judge to block FBI agents from searching intelligence databases to hunt for evidence of traditional crimes rather than restricting them to national security probes, according to a newly declassified court opinion

EFF sues to uncover government demands to decrypt communications (IDG via CSO) The group says the USA Freedom Act compels the DOJ to publish significant decisions of the secret FISC court

FBI: Using Third Parties To Break Encryption Is Not the Only Answer (Time) It was also said there was no "one-size-fits-all" approach to recovering evidence

UPDATE 1-Apple refused China request for source code in last two years -lawyer (CNBC) Apple has been asked by Chinese authorities within the last two years to hand over its source code but refused to do so, the company's top lawyer told U.S. lawmakers at a hearing on Tuesday

China Sentences Man to Death for Espionage, Saying He Sold Secrets (New York Times) In a sign of China’s increasingly aggressive efforts to combat espionage and other security threats, the government said it had sentenced a former computer technician to death for selling 150,000 classified documents to foreign spies, according to state media reports on Tuesday

Want to sue Ashley Madison over data breach? You must use your real name (Ars Technica) Judge weighing if data hacked from the cheating site may be used at trial

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

CSO 50 Conference and Awards (Litchfield Park, Arizona, USA, April 18 - 20, 2016) We at CSO, the award-winning media brand, will bring you speakers from up to 50 organizations with outstanding security prowess. Over 2 ½ days, these distinguished executives and technologists will share...

2016 Cybersecurity Symposium ( Coeur d’Alene, Idaho, USA, April 18 - 20, 2016) The Cybersecurity Symposium: Your Security, Your Future is an opportunity for academic researchers and software and system developers from industry and government to meet and discuss state of the art processes...

Amsterdam 2016 FIRST Technical Colloquium (Amsterdam, the Netherlands, April 19 - 20, 2016) FIRST Technical Colloquia & Symposia provide a discussion forum for FIRST member teams and invited guests to share information about vulnerabilities, incidents, tools and all other issues that affect the...

Security & Counter Terror Expo 2016 (London, England, UK, April 19 - 20, 2016) Security & Counter Terror Expo (formerly Counter Terror Expo) is the event for any professional tasked with protecting assets, business, people and nations from terrorism. It brings over 9000 attendees...

SINET IT Security Entrepreneurs Forum (ITSEF) 2016 (Mountain View, California, USA, April 19 - 20, 2016) IT Security Entrepreneurs Forum (ITSEF) — SINET's flagship event — is designed to bridge the gap between the Federal Government and private industry. ITSEF provides a venue where entrepreneurs can meet...

SecureWorld Philadelphia (King of Prussia, Pennsylvania, USA, April 20 - 21, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...

2016 Akamai Government Forum: Safeguarding a Dynamic Government — End–to–End Security for your Agency (Washington, DC, USA, April 21, 2016) Today's public demands a high performance — and safe — web experience from government and public organizations. And public IT leaders require flawless web protection to securely meet that...

2016 Akamai Government Forum: Safeguarding a Dynamic Government — End–to–End Security for your Agency (Washington, DC, USA, April 21, 2016) Today's public demands a high performance — and safe — web experience from government and public organizations. And public IT leaders require flawless web protection to securely meet that demand. Join...

Army SIGINT (Fort Meade, Maryland, USA, April 25, 2016) Approximately 500 attendees will come together to discuss future technologies in Signals Intelligence (SIGINT), focusing on applications for the actual users in the field (the soldiers). Most attendees...

6th European Data Protection Days (EDPD) (Berlin, Germany, April 25 - 26, 2016) The EDPD Conference will provide participants from the business side with all the important news and updates for the international data protection business at a high level. These include key developments...

CISO San Francisco (San Francisco, California, USA, April 26, 2016) The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions...

Staying Ahead of the Curve - Securing a Nation Amid Change (Washington, DC, USA, April 26, 2016) A discussion of the changing cybersecurity landscape, featuring a keynote by General Keith Alexander, former Director, National Security Agency, and a panel discussion of the challenges facing Federal...

Are You Protecting Your Business? Why Cyber Threat is a C-Level Priority (Cerritos, California, USA, April 26, 2016) Whether you’re a company of five or 5000, join us for this educational workshop and learn innovative ways to protect your small business from #cybercrime. FBI Special Agent Joey Abelon will share FBI insights...

Assured Communications 2016 (Crystal City, Virginia, USA, April 27, 2016) A basic tenet of building an expeditionary fighting force that can respond to hot spots around the world is the ability to surge. That applies to satellite bandwidth as much as it does to personnel and...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.