The emerging consensus over late December's rolling blackouts in Western Ukraine moves decisively toward the conclusion initially reached by ESET and iSight Partners that the affected oblast's grid sustained a cyber attack. The SANS Institute's influential Industrial Control Systems blog says, "We assess with high confidence based on company statements, media reports, and first-hand analysis that the incident was due to a coordinated intentional attack." Attackers apparently gained network access to control systems, turning them on and off at will. Other bits of malware and supporting attacks served as misdirection. Ukraine's government plans to release results of its investigation next week.
German intelligence services resume cooperation with US services after an interruption brought on by objections to US electronic surveillance of German and other friendly European targets.
A group of Germany-based jihadists begin publishing a cryptography magazine. While denying adherence to ISIS, the publishers nonetheless expect their work to useful to colleagues in cyber-jihad.
Counter-terror operations were the focus of Friday's White House outreach to Silicon Valley, with particular emphasis on denying ISIS a platform in social media. But the Daily Beast points out that the old-school, dead-tree ISIS magazine "Dabiq" enjoys wide influence, the message apparently trumping the medium.
Twitter finds itself in conflict with Turkey's government over Kurdish pro-independence.
UK opposition leader Jeremy Corbyn's Twitter account was briefly hijacked.
The Rovnix Trojan worries Japanese banks. Other countries go on alert against similar infestations.
Juniper Networks drops its backdoored encryption scheme. Microsoft's support for older IE versions ends tomorrow.
Today's issue includes events affecting European Union, France, Germany, Iran, Iraq, Japan, Moldova, Nigeria, Philippines, Romania, Russia, Syria, Turkey, Ukraine, United Kingdom, United States.
Confirmation of a Coordinated Attack on the Ukrainian Power Grid(SANS Industrial Control Systems Blog) After analyzing the information that has been made available by affected power companies, researchers, and the media it is clear that cyber attacks were directly responsible for power outages in Ukraine. The SANS ICS team has been coordinating ongoing discussions and providing analysis across multiple international community members and companies. We assess with high confidence based on company statements, media reports, and first-hand analysis that the incident was due to a coordinated intentional attack
Was the Cyber Attack on a Dam in New York an Armed Attack?(Just Security) Concerns about the vulnerability of infrastructure to cyber attacks were highlighted in two recent news articles. Last month, the Wall Street Journal reported that in 2013, Iranian hackers infiltrated the control system of a dam 20 miles outside of New York City…How should this event be characterized? Is it an act of cyberwar? Is it an inter-state attack? What measures can the United States take in response to this event?
Twitter's Latest Challenge: Deciding Who's a Terrorist(Wired) Times are challengeing for Twitter. Its stock price is down. Its product strategy is under constant scrutiny. And recently, it's put itself in the position of defying a government's claim that it's offering a venue for terrorists
A Look Inside Cybercriminal Call Centers(KrebsOnSecurity) Crooks who make a living via identity theft schemes, dating scams and other con games often run into trouble when presented with a phone-based challenge that requires them to demonstrate mastery of a language they don't speak fluently. Enter the criminal call center, which allows scammers to outsource those calls to multi-lingual men and women who can be hired to close the deal
A Guide on 5 Common Twitter Scams(Tripwire: the State of Security) For National Cyber Security Awareness Month (NCSAM) last year, The State of Security published an article offering advice on how users can securely navigate the world of social networking. Among other things, our experts cited users sharing too much information and posting revealing photos as dangerous behaviors that could potentially invite attackers to profile their accounts
Social Network Sharing Makes Users an Easy Target for Cyber-Criminals(Information Security Buzz) A quiz from Kaspersky Lab has found that almost a third (30 per cent) of social network users share their posts, check-ins and other personal information, not just with their friends, but with everybody who is online. This is leaving the door wide open for cyber-criminals to attack, as users remain unaware of just how public their private information can be on these channels
Older IE Versions Losing Security Support on Tuesday(Threatpost) Anxiety was high around April 8, 2014 when Microsoft officially closed the door on security support for Windows XP. Many envisioned black hats worldwide stockpiling exploits waiting for the day when XP machines would be left permanently exposed
MD5 signatures accepted within TLS 1.2 ServerKeyExchange in server signature(Mozilla Foundation Security Advisory 2015-150) Security researcher Karthikeyan Bhargavan reported an issue in Network Security Services (NSS) where MD5 signatures in the server signature within the TLS 1.2 ServerKeyExchange message are still accepted. This is an issue since NSS has officially disallowed the accepting MD5 as a hash algorithm in signatures since 2011. This issues exposes NSS based clients such as Firefox to theoretical collision-based forgery attacks. This issue was fixed in NSS version 3.20.2
About the security content of QuickTime 7.7.9(Apple Support) This document describes the security content of QuickTime 7.7.9. For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available
Cybersecurity Predictions From 2015: Were the Experts Right?(Business 2 Community) About this time last year, experts and analysts all placed their official predictions for the cyber threat landscape in 2015. Now that a year has come and gone, it would be interesting to see if these so called analysts were correct
BSP wary of financial cybercrimes(Manilla Bulletin) Late last year, the Bangko Sentral ng Pilipinas (BSP) held its first-ever "Cybersecurity Summit for the Financial Services Industry" as the central bank and the banking community recognized the growing threat in digital, mobile and Internet banking from hackers-for-hire and cyber syndicates
Simi Valley's American Technology Solutions targets cybersecurity products(Ventura County Star) With increasingly sophisticated threats to cybersecurity, it has become more important to find new and better ways to protect valuable information and systems. Chuck Sedlacek, president of Simi Valley-based firm American Technology Solutions Inc., or ATS, believes he and his colleagues have the solution
GM Asks Friendly Hackers to Report Its Cars' Security Flaws(Wired) As automotive cybersecurity has become an increasingly heated concern, security researchers and auto giants have been locked in an uneasy standoff. Now one Detroit mega-carmaker has taken a first baby step toward cooperating with friendly car hackers, asking for their help in identifying and fixing its vehicles' security bugs
Sookasa Adds Security to Box's Cloud Storage Platform(CloudWedge) Sookasa has emerged as a leader within the cloud access security broker (CASB) market. As evidence of Sookasa's rapid rise in popularity, the security suite can now be integrated directly into your organization's Box storage accounts
Technologies, Techniques, and Standards
Vulnerability Management Program Best Practices — Part 1(Tripwire: the State of Security) An enterprise vulnerability management program can reach its full potential when it is built on well-established foundational goals that address the information needs of all stakeholders, its output is tied back to the goals of the enterprise, and there is a reduction in the overall risk of the organization
The futility of data breach notifications(TechTarget) Olivia Eckerson discusses how her healthcare insurance provider was hacked, and why the data breach notification letter she received was less than helpful
Germany restarts joint intelligence surveillance with US(Deutsche Welle) Germany's BND intelligence agency is once again working with its US counterpart on Middle East surveillance. Collaboration had been suspended after it was revealed the US was spying on European officials and firms
New National Security Tool Activated At Challenging Time(IC on the Record) Late last year, a judge of the Foreign Intelligence Surveillance Court gave the green light to the National Security Agency to start using a new tool to help the government protect against international terrorism while balancing the legitimate need to protect privacy and civil liberties
5 things Obama will say, should say, won't say on cyber(Federal Times) Cybersecurity was a small but important part of President Barack Obama?s 2015 State of the Union address. And with the events of the last year — the hack of Office of Personnel Management networks, breach of an IRS database, passage of information sharing legislation and an agreement with China to curb economic espionage — one would expect cyber to be a major part of this year's speech on Jan. 12
9 DoD IT moves you missed over the holidays(C4ISR & Networks) Between Christmas Eve and New Year's Day, most people were checked out of the office — but not so at the Pentagon, where over the holidays new guidance, memos, reports and contract action all quietly emerged under the radar
Building a better cyber weapon(Politico) If the United States is going to have an effective cyber strike capability, then cyber weapons must resemble traditional ordnance, says William Leigher, a retired Navy admiral turned top Raytheon executive. "It's got to look and smell like a weapon," he told MC on Thursday. "It doesn't yet"
Clinton says she did not get classified information through email(Reuters) Democratic presidential candidate Hillary Clinton said on Sunday that she did not ask for classified information to be sent over a non-secure system while heading the State Department, responding to the latest development in an issue that has dogged her campaign for months
NSA, the black hole of government spying(Examiner) It was revealed last week that Israeli diplomats were not the only targets of the Department of Defense's data gathering operation on Capitol Hill. The NSA also intercepted sensitive calls by members of Congress in the data collection frenzy
FTC Levies Hefty Fine Over False Encryption Claims(Infosecurity Magazine) Dental software provider Henry Schein Practice Solutions has agreed to settle with the Federal Trade Commission (FTC) over charges it misled customers on the level of encryption its software provided to protect sensitive patient data
Takedown of criminal gang behind ATM malware attacks(Help Net Security) The Romanian National Police and the Directorate for Investigating Organised Crimes and Terrorism (DIICOT), assisted by Europol and Eurojust as well as a number of European Law Enforcement authorities, disrupted an international criminal group responsible for ATM malware attacks
Judges struggle with cyber crime punishment(The Hill) Judges are struggling to determine the appropriate punishments for cyber crimes even as U.S. law enforcement works to bring more of the Internet's bad actors to justice
Verizon Routing Millions of IP Addresses for Cybercrime Gangs(Spamhaus) Over the past few years, spammers have sought out large ranges of IP addresses. By spreading out their sending patterns across a wide range of IP addresses, they can attempt to defeat spam filters and get spam and malware emails delivered where they are not wanted. However, IPv4 addresses are getting scarce and hard to come by
How Stories Deceive(New Yorker) On the afternoon of October 10, 2013, an unusually cold day, the streets of downtown Dublin were filled with tourists and people leaving work early. In their midst, one young woman stood out. She seemed dazed and distressed as she wandered down O?Connell Street, looking around timidly, a helpless-seeming terror in her eyes
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
The Law and Policy of Cybersecurity Symposium(Rockville, Maryland, USA, February 5, 2016) This one-day symposium will cover the critical legal and policy issues, challenges, and developments in cybersecurity. Legal professionals, professionals who develop cybersecurity strategies and policies,...
CISO Chicago Summit(Chicago, Illinois, USA, March 8, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations...
CISO Atlanta Summit(Atlanta, Georgia, USA, March 10, 2016) Tactics and Best Practices for Taking on Enterprise IT Security Threats. With newspaper headlines covering the latest data breaches, cloud computing security questions going unanswered and hackers developing...
CISO Summit France(Paris, France, March 22, 2016) A forum for innovative IT thought leaders across France. Despite economic instability in the euro zone amid an on-going global financial crisis, IT spending worldwide is expected to increase in the coming...
Army SIGINT(Fort Meade, Maryland, USA, April 25, 2016) Approximately 500 attendees will come together to discuss future technologies in Signals Intelligence (SIGINT), focusing on applications for the actual users in the field (the soldiers). Most attendees...
FloCon 2016(Daytona Beach, Florida, USA, January 11 - 14, 2016) The FloCon network security conference provides a forum for large-scale network flow analytics. Showcasing next-generation analytic techniques, FloCon is geared toward operational analysts, tool developers,...
Cyber Security Breakdown: Chicago(Chicago, Illinois, USA, January 12, 2016) This half day session will provide you with the critical information you need to start formulating an effective response in the eventuality of a cyber security event. Rather than try and handle the breach...
Insider Threat Program Development Training Course — Georgia(Atlanta, Georgia, USA, January 12 - 14, 2016) The National Insider Threat Special Interest Group website has some very "eye opening" examples of how "damaging and costly" an "insider threat incident" can be. The FBI Insider Threat Alert states companies...
FTC PrivacyCon(Washington, DC, USA, January 14, 2016) The Federal Trade Commission will in January hold a wide-ranging conference on security and privacy issues lead by all manner of whitehat security researchers and academics, industry representatives, consumer...
National Insider Threat Special Interest Group Meeting(Laurel, Maryland, USA, July 16, 2015) Topics to be discussed at the meeting; Insider Threat Program Development & Implementation, Behavioral Indicators Of Concern, Legal Considerations When Developing & Managing An Insider Threat Program.
POPL 2016(St. Petersburg, Florida, USA, January 20 - 22, 2016) The annual Symposium on Principles of Programming Languages is a forum for the discussion of all aspects of programming languages and programming systems. Both theoretical and experimental papers are welcome,...
Automotive Cyber Security Summit — Shanghai(Shanghai, China, January 21 - 22, 2016) The conference, which brings together automakers, suppliers, various connected-services providers and security specialists, will focus on government regulations, emerging automotive cyber security standards...
SANS Institute: Information Security Training(Las Vegas, Nevada, USA, September 12 - 21, 2015) Information security training in Las Vegas from SANS Institute, the global leader in information security training. At SANS Network Security 2015, SANS offers more than 40 hands-on, immersion-style security...
CyberTech 2016(Tel Aviv, Israel, January 26 - 27, 2016) Cybertech is the most significant conference and exhibition of cyber technologies outside of the United States. Cybertech provided attendees with a unique and special opportunity to get acquainted with...
Global Cybersecurity Innovation Summit(London, England, UK, January 26 - 27, 2016) SINET presents the Global Cybersecurity Innovation Summit, which focuses on providing thought leadership and building international public-private partnerships that will improve the protection of our respective...
Fort Meade IT & Cyber Day(Fort Meade, Maryland, USA, January 27, 2016) The Ft. Meade IT and Cyber Day is a one-day event held at the Officers' Club (Club Meade) on base. The event is held on-site, where industry vendors will have the opportunity to display their products...
ESA 2016 Leadership Summit(Chandler, Arizona, USA, January 31 - February 3, 2016) The electronic security industry is rapidly changing and continuously evolving. It's not enough to just survive. Businesses looking to thrive need to adapt to ensure their people, products, services and...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.