To most observers — including, according to reports, US intelligence services — Russia appears the most likely suspect in December's cyber attack on the Ukrainian power grid. How the attack was accomplished, however, remains less clear. As ESET's reports suggest, signs point to BlackEnergy malware (BlackEnergy was found in affected networks) but many think it's too early to close the case.
The motive for a Russian hack also remains unclear: there's no obvious operational purpose served. Some speculate the episode amounts to dissuasion or saber-rattling. (In its own bit of dissuasion, the US Treasury Department finalizes its system of sanctions for hacking.)
Other utilities around the world reassure stakeholders they've taken precautions against similar attacks.
Saudi Arabia and Iran seem poised to escalate ongoing tension into conflict in cyberspace. ISIS has taken to denouncing the Saudi regime as tyranny and Saudi soldiers as apostates. Shi'ites, Christians, and Jews also come in for their usual share of odium in Daesh social media. Western services are still working out their information operational response.
Anonymous takes down Thai police sites to protest death sentences handed down in the case of two murdered tourists.
"GeNiuS-JorDan," known for attacks on Kuwaiti and Nepalese sites, defaces Ugandan Foreign Ministry sites with protests of US and Israeli actions in the Middle East.
Rapid7 finds issues with Xfinity's home security system.
Android patches five critical security flaws.
Today's issue includes events affecting Afghanistan, Australia, Belgium, Brazil, Canada, China, Denmark, Ethiopia, France, Germany, India, Iraq, Iran, Israel, Italy, Jordan, Latvia, Japan, Kenya, Myanmar, Netherlands, Nigeria, Palestine, Russia, Rwanda, Saudi Arabia, Singapore, Switzerland, Syria, Tanzania, Thailand, Turkey, Uganda, Ukraine, United Kingdom, United States, and Yemen.
ISIS Campaign Targets Saudi Arabia, Calls For Attacks Against Saudi Monarchy, Shi'ites, And Polytheists(MEMRI) The Islamic State (ISIS) has exerted much effort in the last couple of weeks to attacking Saudi Arabia and its ruling and religious echelons in an extensive and well-coordinated media campaign it launched against it. The campaign included the unprecedented release of 15 official ISIS videos from ISIS's various provinces, along with similarly prolific content released from the ISIS-affiliated Al-Battar media company over social networks and jihadi forums
Fixing How We Fight the Islamic State's Narrative(War on the Rocks) Over the past couple of years, counter-messaging has been driven to the forefront of countering violent extremism (CVE) efforts undertaken by the United States and its allies. From defense agencies to diplomats to civil society groups, almost every actor involved in CVE is committed to developing narratives to counter the potent propaganda and appeal of groups such as the Islamic State and al-Qaeda. The need for effective counter-messaging is apparent: The Islamic State in particular possesses an agile and robust propaganda machine that has helped to inspire as many as 31,000 people from across the globe to leave their homes and join the cause
Hell is back with Hell Reloaded on the Dark Web(Hack Read) The Dark Web hacking forum named Hell was shut down last year when a data dump of personal details of users was found on the website. However, a few months after its reported shutdown by authorities, Hell is back
Xfinity's Security System Flaws Open Homes to Thieves(Wired) New-generation alarm systems that send real-time text alerts and other digital notifications if an intruder tries to breach a property offer homeowners a great sense of security. Except when thieves can easily undermine the system to trick homeowners into thinking they're protected when they're not
BTCC Bitcoin Trader Confronts DDoS Attackers Like A Pro(Hack Read) Bitcoin-for-DDoS extortion scheme has a new victim and its none other than the BTCC — however, the hacker was unfortunate this time as the company was capable financially and had implemented advanced DDoS protection measures beforehand
European Trains at risk of being Hacked: Hackers(Hack Read) Trio of Russian hackers revealed numerous bugs in the train systems of many of Europe's railway companies, saying that hackers and terrorists can easily exploit them to derail or even hijack the trains
Nexus Security Bulletin — January 2016(Android) We have released a security update to Nexus devices through an over-the-air (OTA) update as part of our Android Security Bulletin Monthly Release process
Security Notification and Linode Manager Password Reset(Scheduled Maintenance Report for Linode) Effective immediately, Linode Manager passwords have been expired. You will be prompted to set a new password on your next login. We regret this inconvenience, however this is a necessary precaution
3 Information Security Trends for 2016(Recorded Future) Threat intelligence truly took center stage in 2015. While there is an element of trendiness to the term, the need for more accurate, timely, and actionable information about threats to enterprises, individuals, and even nation-states has never been more important
The Biggest Security Threats We'll Face in 2016(Wired) Hackers are nothing if not persistent. Where others see obstacles and quit, hackers brute-force their way through barriers or find ways to game or bypass them. And they'll patiently invest weeks and months devising new methods to do so
Forward-facing security by remembering the past(GCN) As the new year begins, it?s a good time to look forward to what?s on the horizon and reflect on the successes and struggles of the past 12 months. Given the speed with which technologies emerge, these moments give us perspective when planning to make the coming year a stronger and more successful one
An Internet of Things wish list for 2016(Help Net Security) I've been writing about the Internet of Things for a while now, both from the perspective of the great opportunities that the IoT offers and the very real pressure it will put on both security practice and legislation designed to protect our privacy
Confusion about IT security leaves devices at risk(Help Net Security) When it comes to Internet security, consumer concern and awareness are both on the increase. However, despite a growing recognition of the need to protect devices, many consumers are struggling to identify, install and use security software, according to Kaspersky Lab and B2B International
Infographic: The Size and Scope of Data Breaches in 2015(Bromium) Looking back at 2015, it's clear that IT security is a real and growing concern. Just a few years ago, online retailers were the source of most security failures. Now, cybercriminals are getting more sophisticated. In 2015, cybercriminals have successfully attacked governments, hospitals and insurance companies — the organizations that store our most personal data
More Executives Turn to Cyber Risk Transfer(Tripwire: the State of Security) As cyber threats grow in scope and potential impact, the complexity of enterprise digital data protection grows to astonishing proportions. Last year, a Fortune 500 survey revealed that cyber security is the second biggest concern for CEOs, who keep looking for new solutions to keep their data safe and their clients happy
Cybersecurity Demand Looks Strong into 2016; Is There Enough Pie for Everyone at the Table?(FBR Capital) On the heels of another strong year for cybersecurity players, our field checks for 4Q15/initial 2016 pipelines indicate strong deal flow, particularly on the seven-figure-deal front, as the sophisticated threats facing enterprises and governments remain unprecedented. Our channel partner/customer checks suggest elevated threats coupled with increasing endpoints (e.g., cloud buildouts, mobile proliferation) are catalyzing IT departments to aggressively build out next-generation firewalls, email protection, and advanced threat analysis/detection
Digging Into The Deceleration At Qualys(Seeking Alpha) Qualys Chairman/CEO Philippe Courtot has led many technology companies to strong exits, and Qualys is likely another feather in his cap. Unfortunately, competition is heating up, calling the achievability of both growth rates and the company's aggressive target model into question. At the current valuation, Qualys doesn't look like a compelling long, but it may be an M&A candidate. More aggressive investors might find it worth a look on a deeper selloff
New Company, CyberVista, Launches to Tackle Cybersecurity Training for Business Leaders and Practitioners(BusinessWire) CyberVista, a wholly owned subsidiary of Graham Holdings Company and sister company to Kaplan, Inc., will make its official debut today during the first-ever CES CyberSecurity Forum at 2016 CES in Las Vegas. CyberVista, a cybersecurity education and workforce development company, aims to create a cyber-ready workforce through personalized training programs that provide organizations with the people, knowledge and skills required to defend their most critical assets
What Washington tech startups want out of CES(Washington Business Journal) If you're in the tech world — or even just a self-proclaimed tech geek — it's arguably the most wonderful time of the year for you: The Consumer Electronics Show kicks off Wednesday in Las Vegas
Zerodium offers $100,000 to hackers to breach Flash's new security feature(TechWorm) Zerodium, the company that deals in exploits and zero-days has put up a fresh $100,000 bug bounty for zero-days in the new Flash security feature. Zerodium buys zero-day bugs from security researchers and then sells them forward to government intelligence agencies. It has already been in news for offering a $1 million bug bounty to a security researcher for a zero-day bug in Apple's newly released iOS 9 mobile operating system
Sotera Wins Prime Position on $6 Billion DIA E-SITE IDIQ Contract(PRNewswire) Sotera Defense Solutions (Sotera), a provider of mission-critical, technology-based systems, solutions and services for national security agencies and programs of the U.S. Government, was recently awarded a prime position on the Enhanced Solutions for the Information Technology Enterprise (E-SITE) Indefinite Delivery Indefinite Quantity (IDIQ) — Large Business track
SRA International awarded DCGS maintenance contract(UPI) SRA International has been awarded a $35 million contract to manage and maintain the Processing, Exploitation, and Dissemination, or PED, Operation Center of the Air Force Distributed Common Ground System
Microsoft's New Security Approach(Redmond Magazine) Microsoft is shifting to an operational focus and creating a security graph to help address the alarming new threat landscape and the rise of cloud computing
LoJack SCI and TransVoyant Partner to Deliver Supply Chain Risk Alerting(PRNewswire) Will the potential for a port workers' strike in Shanghai affect my shipments? How risky is this shipping route through northwestern Mexico for cargo theft? Will severe weather in the Pacific cause my ocean cargo to arrive late into the Port of Long Beach? Converging logistical risk subject matter expertise with live data analytics, LoJack SCI and TransVoyant today announced a partnership that will answer these questions and more
Cyber security guidelines for the shipping industry(Help Net Security) A group consisting of several leading shipping organizations and companies has published a set of guidelines to help the global shipping industry develop good solutions for preventing cyber incidents onboard their ships
Cyber security: making banking safer(The Banker) Protecting the banks' crown jewels — money and personal data — may have become more difficult than ever, but financial institutions have fortified their defences with a little help from their fintech friends
The Father of Online Anonymity Has a Plan to End the Crypto War(Wired) It's been more than 30 years since David Chaum launched the ideas that would serve as much of the groundwork for anonymity online. In doing so, he also helped spark the debate that's endured ever since, over the anarchic freedoms that digital secrecy enables — the conflict between privacy advocates and governments known today as the "crypto wars"
De-anonymizing code authors by analyzing executable binaries(Help Net Security) A group of researchers that have previously proven that it's possible to de-anonymize programmers by analysing the source code of programs they have created, have now demonstrated that a good result can be also be achieved by analyzing executable binaries of those programs
Quantum Cryptography May Not Be as Secure as Previously Thought(IBM Security Intelligence) Researchers from Stockholm University and Linköping University in Sweden have discovered that quantum cryptography may not be as secure as it was presumed to be. They found that energy-time entanglement, which forms the basis for many systems of quantum cryptography, is vulnerable to attack
Hacking the Bell test using classical light in energy-time entanglement-based quantum key distribution(Science Advances) Photonic systems based on energy-time entanglement have been proposed to test local realism using the Bell inequality. A violation of this inequality normally also certifies security of device-independent quantum key distribution (QKD) so that an attacker cannot eavesdrop or control the system. We show how this security test can be circumvented in energy-time entangled systems when using standard avalanche photodetectors, allowing an attacker to compromise the system without leaving a trace
Dutch Government Embraces Encryption, Denounces Backdoors(Threatpost) While the "Going Dark" debate over encryption standards rages on here in the United States, government officials in the Netherlands this week released a statement that actually calls for stronger encryption and rejects backdoors entirely
CSU : Financial Constraints to Combat Terrorism Includes Call for Bitcoin Framework(CryptoCoinNews) The Christian Social Union (CSU), a leading Christian democratic and conservative political party in Bavaria, Germany is due to issue a paper detailing effective ways to combat terrorism that will include financial restraints, as the party sees it. The paper will also include regulation for all virtual currencies including Bitcoin
Treasury finalizes rule for imposing cyber sanctions(Federal Times) As the U.S. looks to get tougher on cyber criminals that threaten the nation's critical infrastructure, the Treasury Department released an abridged version of a proposed regulation for imposing cyber-related sanctions to foreign actors, whether individuals, groups or nation-states
CRS sheds light on enforcement authority in data breach notification legislation(FierceGovernmentIT) As lawmakers return to the Hill, several data security and breach notification bills remain up for consideration in the 114th Congress. Among the major legal issues members of Congress must consider in proposed legislation is the existing jurisdiction and enforcement authority of the Federal Trade Commission and the Federal Communications Commission, reported the Congressional Research Service
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Global Cybersecurity Innovation Summit(London, England, UK, January 26 - 27, 2016) SINET presents the Global Cybersecurity Innovation Summit, which focuses on providing thought leadership and building international public-private partnerships that will improve the protection of our respective...
ESA 2016 Leadership Summit(Chandler, Arizona, USA, January 31 - February 3, 2016) The electronic security industry is rapidly changing and continuously evolving. It's not enough to just survive. Businesses looking to thrive need to adapt to ensure their people, products, services and...
Cybersecurity: Defense Sector Summit(Troy, Michigan, USA, March 1 - 2, 2016) The National Defense Industrial Association (NDIA) Michigan Chapter Cybersecurity: Defense Sector Summit is to provide a forum to foster educational dialog between government, industry and academia in...
Cybersecurity Law Institute(Washington, DC, USA, May 25 - 26, 2016) Those lawyers who ignore cyber threats are risking millions of dollars for their companies or their clients. Recent reports by Cisco and the World Economic Forum both highlight the paramount importance...
CES CyberSecurity Forum(Las Vegas, Nevada, USA, January 6, 2016) Premiering at CES 2016 — the global stage for next generation technologies — The CyberSecurity Forum will bring together security experts and technology visionaries with executives and policymakers...
FloCon 2016(Daytona Beach, Florida, USA, January 11 - 14, 2016) The FloCon network security conference provides a forum for large-scale network flow analytics. Showcasing next-generation analytic techniques, FloCon is geared toward operational analysts, tool developers,...
Cyber Security Breakdown: Chicago(Chicago, Illinois, USA, January 12, 2016) This half day session will provide you with the critical information you need to start formulating an effective response in the eventuality of a cyber security event. Rather than try and handle the breach...
Insider Threat Program Development Training Course — Georgia(Atlanta, Georgia, USA, January 12 - 14, 2016) The National Insider Threat Special Interest Group website has some very "eye opening" examples of how "damaging and costly" an "insider threat incident" can be. The FBI Insider Threat Alert states companies...
FTC PrivacyCon(Washington, DC, USA, January 14, 2016) The Federal Trade Commission will in January hold a wide-ranging conference on security and privacy issues lead by all manner of whitehat security researchers and academics, industry representatives, consumer...
National Insider Threat Special Interest Group Meeting(Laurel, Maryland, USA, July 16, 2015) Topics to be discussed at the meeting; Insider Threat Program Development & Implementation, Behavioral Indicators Of Concern, Legal Considerations When Developing & Managing An Insider Threat Program.
POPL 2016(St. Petersburg, Florida, USA, January 20 - 22, 2016) The annual Symposium on Principles of Programming Languages is a forum for the discussion of all aspects of programming languages and programming systems. Both theoretical and experimental papers are welcome,...
Automotive Cyber Security Summit — Shanghai(Shanghai, China, January 21 - 22, 2016) The conference, which brings together automakers, suppliers, various connected-services providers and security specialists, will focus on government regulations, emerging automotive cyber security standards...
SANS Institute: Information Security Training(Las Vegas, Nevada, USA, September 12 - 21, 2015) Information security training in Las Vegas from SANS Institute, the global leader in information security training. At SANS Network Security 2015, SANS offers more than 40 hands-on, immersion-style security...
CyberTech 2016(Tel Aviv, Israel, January 26 - 27, 2016) Cybertech is the most significant conference and exhibition of cyber technologies outside of the United States. Cybertech provided attendees with a unique and special opportunity to get acquainted with...
Fort Meade IT & Cyber Day(Fort Meade, Maryland, USA, January 27, 2016) The Ft. Meade IT and Cyber Day is a one-day event held at the Officers' Club (Club Meade) on base. The event is held on-site, where industry vendors will have the opportunity to display their products...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.