Maryland leads the nation in cybersecurity with a large, highly qualified workforce, 20,000 job openings, investment opportunities, and proximity to key buyers.
February 22, 2016.
By The CyberWire Staff
Russian support for the Assad regime in Syria's civil war strikes observers as following patterns developed in Russia's incursions into Ukraine. Specifically, Russian forces are conducting a widespread cyber espionage campaign against the various groups (including, of course, ISIS) aligned against Assad. They're also shaping information on humanitarian disasters and the extent of Russian intervention.
Hezbollah's Qadmon hacking unit claims it's compromised a number of networked Israeli security cameras.
Joomla has become a target for ransomware purveyors, thought to be the group behind the "admedia" campaign that's afflicted WordPress sites.
Federal law enforcement agencies grapple toward an answer to ransomware even as the Android Xbot Trojan that Palo Alto described last week shows a dismaying convergence between ransomware and credential harvesting.
The JSF*** bug Check Point disclosed in eBay two weeks ago is now being exploited in the wild.
In industry news, businesses are advised to read their cyber policies carefully. A New York State court found that coverage of several upstate Five Guys restaurants specifically excluded losses from electronic data.
In the dispute between Apple and the Department of Justice over help unlocking an iPhone used by the San Bernardino jihadists, it's emerged that a San Bernardino County IT staffer reset the iPhone's iCloud credentials within hours of its seizure, apparently at the FBI's request. This has precluded the possibility of getting data the phone might have backed up to the cloud.
Both sides have their partisans; reactions are mixed. Industry generally favors Apple, the general public the FBI.
Today's issue includes events affecting Brazil, China, India, Iran, Israel, Russia, South Africa, Syria, United Kingdom, United States.
ON THE PODCAST
Today's CyberWire Daily Podcast will have an update on Shodan and the Internet-of-things, as we hear from University of Maryland expert Joe Carrigan.
2016 National Conference of Minority Cybersecurity Professionals(Washington, DC, March 23 - 24, 2016) The landmark ICMCP conference will elevate the national dialogue on the necessary measures needed to attract and develop minority cybersecurity practitioners to address the cross-industry cybersecurity skills shortage.
Women in Cybersecurity (WiCYS) 2016(Dallas, TX, March 31 - April 2, 2016) The 3rd annual conference brings together women (students, faculty, researchers, professionals) in cybersecurity from academia, research organizations and industry for the sharing of knowledge and experience, networking and mentoring.
Cyber Attacks, Threats, and Vulnerabilities
Russia steps up Syria cyber assault(Financial Times) Russia is mounting a far-reaching cyber espionage campaign against Syrian opposition groups and NGOs, as Moscow seeks to influence the flow of information on the country's humanitarian crisis and obscure the full extent of its military operations there
Israeli Security Camera Systems targeted by Pro-Hezbollah Hackers(Hack Read) In 2014, Izz al-Din al-Qassam Brigade of Hamas successfully hacked the ongoing transmission of famous Israeli Channel 10 and replaced it with images of wounded Palestinian families. Now, hackers from the Hezbollah group have claimed to hack numerous security cameras in Israel
New backdoor for Windows has geographical restrictions(Dr. Web) Virus makers keep contriving numerous malicious programs whose purpose is to download other malware on the infected machine and execute cybercriminals? commands. Thus, yet another backdoor Trojan was detected by Doctor Web security researchers in February. Due to some key features it possesses, this Trojan stands out from its counterparts
Dell to Customers: Report 'Service Tag' Scams(KrebsOnSecurity) Computer maker Dell is asking for help in an ongoing probe into the source of customer information that appears to have somehow landed in the laps of fraudsters posing as Dell computer support technicians
Email security still an afterthought(Help Net Security) Email continues to be a critical technology in business and the threat of email hacks and data breaches loom large over IT security managers. Consequently, confidence and experience with previous data breaches and email hacks play key parts in determining a company's perceived level of preparedness against these threats and targeted email attacks
How IoT can improve risk management for insurers(Memeburn) While the insurance industry has traditionally been driven by vehicle theft to embrace telemetry, the time has come to utilise the Internet of Things (IoT) for relevance in the digital age
Software Liability: Where Consumer Fears and Business Risk Converge(Virtual Strategy Magazine) Already another in a series of watershed years for cyber-security, 2015 ended with a noisy bang when Juniper Networks revealed in late December that they had discovered unauthorized code embedded within products that could allow hackers to decrypt VPN connections and access what were thought to be secured communications
US Department of Homeland Security Vows To Tackle DDoS Attacks(Hack Read) Galois and the Department of Homeland Security (DHS) Science and Technology Directorate (S&T) have formalized a contract to develop technology for preventing and combating extensive, sophisticated DDoS (Distributed Denial of Service) attacks
Departing US-CERT boss to launch cyber venture firm(FCW) The departing leader of the Department of Homeland Security's U.S. Computer Emergency Readiness Team will launch a venture capital firm next week to fund cybersecurity technologies she said are sorely needed
PacketFence: Free and open source network access control(Help Net Security) PacketFence is a fully supported, free and open source network access control (NAC) solution. Its feature set includes a captive-portal for registration and remediation, centralized wired and wireless management, BYOD management options, 802.1X support, and layer-2 isolation of problematic devices
The benefits of encryption for IP-based security systems(Security Info Watch) Physical security technology solutions such as IP surveillance and access systems, cloud storage and mobile monitoring and control are accelerating at a rapid pace and are increasingly exposed to cyber-attacks
Bridging the Gap Between Executive Cyber Awareness and Enterprise Security(Infosecurity Magazine) In many organizations today, keeping pace with the rate of emerging cyber-threats is placing a tremendous strain on IT security teams. They must keep one step ahead of motivated and sophisticated attackers, while communicating the risks and necessary response to executive leadership
Are HR Chiefs The Biggest Cyber Threat?(Forbes) Chief human resource officers (CHROs) are not taking cyber threats seriously, and they are failing to train employees on how to deflect even the simplest hacks
The Moral Hazard of the Fight Against the Islamic State(War on the Rocks) In a recent War on the Rocks podcast, Ryan Evans interviews Basam Ridha al-Hussaini, a special representative of Iraqi Prime Minister Haider al-Abadi, about the state of affairs in Iraq and, in particular, the Popular Mobilization Units — a collection of government-sanctioned militias that currently augment state security in Iraq
CNO: Navy 'leaning in' on information warfare(C4ISR & Networks) The Navy has undergone numerous lines of effort to realign its force to operate in the cyber domain and better conduct information warfare, including strategies and service-wide assessments, and it?s better positioned the force to meet emerging threats, according to the Chief of Naval Operations
San Bernardino victims to oppose Apple on iPhone encryption(Reuters) Some victims of the San Bernardino attack will file a legal brief in support of the U.S. government's attempt to force Apple Inc to unlock the encrypted iPhone belonging to one of the shooters, a lawyer representing the victims said on Sunday
Secret Memo Details U.S.'s Broader Strategy to Crack Phones(Bloomberg Business) Silicon Valley celebrated last fall when the White House revealed it would not seek legislation forcing technology makers to install "backdoors" in their software — secret listening posts where investigators could pierce the veil of secrecy on users' encrypted data, from text messages to video chats
Apple is Selling You a Phone, Not Civil Liberties(Lawfare) Note to Apple: As a general matter of strategic communications, following the words "We have no sympathy for terrorists" with a "But" generally means you?ve gone badly off message — even if you wedge a few sentences in between
Is Law Enforcement Crying Wolf About the Dangers of Locked Phones?(Atlantic) If the FBI takes the position that encrypted iPhones and other secure electronic devices pose a significant impediment to law enforcement, Susan Hennessey and Benjamin Wittes write at Lawfare, it is reasonable to demand that it does "more than cry wolf"
1st U.S. trials of suspected Islamic State sympathizers begin(MIlitary Times) A U.S. Air Force veteran and former airplane mechanic charged with trying to join the Islamic State will be among the first Americans to go on trial as a result of the U.S. government's pursuit of dozens of suspected sympathizers of the militant group
Big Victory — Judge Pushes Jewel v. NSA Forward(Electronic Frontier Foundation) We won a groundbreaking legal victory late Friday in our Jewel v. NSA case, which challenges the NSA's Internet and telephone surveillance. Judge Jeffrey White has authorized EFF, on behalf of the plaintiffs, to conduct discovery against the NSA
NSA Wants 'Zero Day' Process Kept Secret(Courthouse News Service) The National Security Agency on Thursday defended hiding key details of its process for deciding whether to exploit or disclose software security flaws that make people vulnerable to hackers
Insurer won't have to cover Five Guys' data breach(Albany Times Union) The operators of several Five Guys restaurants in the Capital Region won't be able to collect damages from their insurance company after their computer network was breached in late 2011, the state Appellate Division ruled Thursday
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Commonwealth Cybersecurity Forum 2016(London, England, UK, March 23 - 24, 2016) The Commonwealth, built on consensus and mutual support, is an ideal platform to build international cooperation on various aspects of cybersecurity. CTO's Commonwealth Cybersecurity Forum brings together...
Show Me Con(St. Charles, Missouri, USA, June 13 - 14, 2016) SHOWMECON. The name says it all. Known as the Show Me State, Missouri is home to St. Louis-based ethical hacking firm, Parameter Security, and security training company, Hacker University. Together, they...
CISO Canada Summit(Montréal, Québec, Canada, February 21 - 23, 2016) Tactics and best practices for taking on enterprise IT security threats. The CISO Summit will bring together C-level IT security executives, industry analysts and solution providers to discuss challenges...
Interconnect2016(Las Vegas, Nevada, USA, February 21 - 25, 2016) IBM InterConnect 2016 is for those who are building new business models, transforming industries, and creating better outcomes. Whether you're a C-suite executive, IT leader, developer, designer, architect,...
Insider Threat Program Development Training Course — Maryland(Annapolis, Maryland, USA, February 23 - 25, 2016) The National Insider Threat Special Interest Group website has some very "eye opening" examples of how "damaging and costly" an "insider threat incident" can be. The FBI Insider Threat Alert states companies...
CISO New York Summit(New York, New York, USA, February 25, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations...
BSides San Francisco(San Francisco, California, USA, February 28 - 29, 2016) BSides San Francisco is an Information / Security conference that's different. We're a 100% volunteer organized event, put on by and for the community, and we truly strive to keep information free. There...
CISO Summit Europe(London, England, UK, February 28 - March 1, 2016) With the media covering the latest data breaches, cloud computing security questions going unanswered and hackers developing more sophisticated attacks, the IT department has a growing responsibility to...
RSA Conference 2016(San Francisco, California, USA, February 29 - March 4, 2016) Celebrating its 25th anniversary, RSA Conference continues to drive the information security agenda forward. Connect with industry leaders at RSA Conference 2016
Cybersecurity: Defense Sector Summit(Troy, Michigan, USA, March 1 - 2, 2016) The National Defense Industrial Association (NDIA) Michigan Chapter Cybersecurity: Defense Sector Summit is to provide a forum to foster educational dialog between government, industry and academia in...
International Academic Business Conference(New Orleans, Louisiana, USA, March 6 - 10, 2016) The Clute Institute of Littleton Colorado sponsors six academic conferences annually that include sessions on all aspects of cybersecurity. Cybersecurity professionals from industry and academics are...
CISO Chicago Summit(Chicago, Illinois, USA, March 8, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations...
Navigating Summit 2016(Canberra, Australia, March 8, 2016) The Australian government has pledged to create a future-proofed nation, one that is fit to drive higher economic growth and improved standards of living using information technology innovatively. Privacy...
CISO Atlanta Summit(Atlanta, Georgia, USA, March 10, 2016) Tactics and Best Practices for Taking on Enterprise IT Security Threats. With newspaper headlines covering the latest data breaches, cloud computing security questions going unanswered and hackers developing...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.