The attack on power distribution substations in Western Ukraine seems clearly to have been a cyber attack, but how its effects were accomplished remains unclear: BlackEnergy accompanied the attack, but it's not the mechanism by which the breakers were cycled.
Analysts continue to warn utilities to be on their guard. And Corero warns all to watch for what it's calling "dark DDoS": the increasing use of denial-of-service as a "smokescreen" for more serious attacks.
DDoS attacks remain a threat — Akamai reports a 180% increase in the frequency of such attacks in 2015 — but as Tripwire puts it, we're seeing greater numbers but a smaller punch.
ISIS has launched its own encrypted messaging app, but it continues to focus on information operations, offering not only emojis for inspiration across social media, but an online cyber warfare magazine ("Kybernetiq," published in German) and a news service (Amaq) that features early distribution of communiqués claiming responsibility for attacks.
A widow sues Twitter for negligently enabling her husband's murder by ISIS. Few expect the suit to hold up, but should it do so, the implications for online communication would be great.
The SlemBunk Android banking Trojan discovered last year acquires, FireEye reports, a longer attack chain and drive-by infection capability.
Researchers report Apple's patch of OS X's Gatekeeper is more porous than users might wish.
Fortune says cryptography guru David Chaum's PrivaTegrity, his contribution to ending the crypto wars, has been widely misunderstood as incorporating a backdoor. Instead, they say, it implements distributed control.
Today's issue includes events affecting Argentina, Australia, Canada, China, Djibouti, Egypt, European Union, Finland, France, Germany, Japan, New Zealand, India, Iraq, Israel, Jordan, Democratic Peoples Republic of Korea, Mexico, Russia, Syria, Sweden, Ukraine, United Kingdom, United States.
The CyberWire will be taking Monday off in observance of Dr. Martin Luther King, Jr. Day. We'll be back as usual on Tuesday, January 19th. Enjoy the holiday.
Cyber Attacks, Threats, and Vulnerabilities
Cyber Security for the Power Grid — Why We Should Fear Hackers (but not Squirrels)(The CyberWire) Applied Controls Solutions' Joe Weiss, an industrial controls systems security expert who's also the Managing Director of the ISA99 standards body spoke about the December 2015 cyber attack on the power grid in Western Ukraine, and the lessons both cyber security and controls system specialists should draw from it. He put the incident in context and explained to us why people should take cyber threats to controls systems very seriously indeed
'Dark DDoS' — a growing cyber security threat for 2016(Infosecurity Magazine) Today's DDoS attacks are almost unrecognizable from the simple volumetric attacks that gave the technique its name. No longer the preserve of bad actors coding in their bedrooms to carry out protests, today's attacks have the power to wreak significant damage — as all those affected by the TalkTalk and Carphone Warehouse breaches last year will know
A News Agency With Scoops Directly From ISIS, and a Veneer of Objectivity(New York Times) The San Bernardino shootings. The killing rampage this week in a Baghdad mall. On Thursday, it was the explosion that ripped through a Starbucks in Jakarta. In each of those terrorist attacks, an outlet called the Amaq News Agency was first with the news that the Islamic State was going to claim responsibility. The agency has been getting the scoops because it gets tips straight from ISIS, and for those of us on the terrorism beat, that has made Amaq a must-read every time a bomb goes off
'Acedia' And An ISIS-Centered Life Full Of Toxic Purpose(MEMRI) Some might say that the spirit of the modern age, at least in the developed West, is all about an exaltation of the self, or about the primacy of personal choice, or about sexual fulfillment and other hedonistic pleasures. Some critics might point to a spiritual malaise with ancient roots
SlemBunk Android Banking Trojan Gets More Dangerous(Infosecurity Magazine) The SlemBunk Android banking trojan identified late last year has turned out to be more persistent than originally thought — and is being used as part of an ongoing and evolving campaign
IoT 'ding-donger' reveals WiFi passwords(SC Magazine) The Ring WiFi doorbell, an IoT device, allows users to view whoever is on their doorstep via the internet from a mobile device when they are not home
Hack the Toaster, Cyber National Guard & Why L0pht Didn't Shutter the Internet(New America) Chris Wysopal a.k.a Weld Pond, chief technology officer of application security firm Veracode, joins The Cybersecurity Podcast to discuss the suspected cyberattack on the Ukrainian power grid, ways to increase transparency about cybersecurity expertise at publicly-traded companies, and why the L0pht hacking collective he once belonged to didn't want to shut down the Internet back in the 1990s just to prove to senators it could
Gazing into access control crystal ball for 2016(Security Info Watch) Although access control may not generate the same amount of headlines that other product segments do when it comes technology innovation in the security industry, the fact is the market has experienced a proverbial whirlwind of change in recent years
Legal Mandates Fuel Cybersecurity Insurance Growth(Bloomberg BNA) The rise of state data breach notification laws, as well as federal breach notice and data security obligations affecting some businesses, largely created the demand for cybersecurity insurance, analysts told Bloomberg BNA
Cyber security company Appthority raises $10 mln(PE Hub Network) San Francisco-based Appthority, a provider of mobile enterprise security services, announced this week it has raised $10 million in Series B funding from existing investors U.S. Venture Partners and Venrock, as well as new investors Blue Coat Systems and Knollwood Investment Advisory
FirstNet RFP released(GCN) The final request for proposals for a nationwide, wireless, interoperable broadband communications network for first responders has been issued after a year of dialogue with public safety and industry leaders on its objectives and scope
Nick FitzGerald joins ESET as a Senior Research Fellow(Exchange 4 Media) Information security expert, Nick FitzGerald is joining ESET as a Senior Research Fellow. Working with ESET Australia, he will focus on the whole Asia-Pacific region, including his home country, New Zealand
Jim Holtzclaw joins Marsh Risk Consulting as Senior VP(Consultancy.UK) Jim Holtzclaw has joined the Cyber Security Consulting and Advisory Services practice at Marsh Risk Consulting (MRC) as Senior Vice-President. He brings more than 34 years of professional experience to the consultancy, and will be charged with providing the firm's offerings to its private and public client base
Compliance compounded by evolving threat landscape(Help Net Security) As industry business models change, compliance challenges are being compounded by an evolving threat landscape and by increased scrutiny from federal agencies looking to protect critical data
Server Hardening(Linux Journal) Server hardening. The very words conjure up images of tempering soft steel into an unbreakable blade, or taking soft clay and firing it in a kiln, producing a hardened vessel that will last many years. Indeed, server hardening is very much like that
How To Run A Data Breach Fire Drill(Law 360) When a data breach hits a company, it delivers a healthy dose of stress, panic and urgency — and it's just about the worst environment for an incident response team to put its procedures into action for the first time
Building Security In versus Building Security On(SecurityWeek) Built in or bolted on? When have you ever seen "bolted on" as the first choice of anyone in just about any imaginable scenario? Yet for software security, "bolted on" is certainly the norm
Research and Development
ONR Research Seeks Quick-Reaction Capabilities, Breakthrough Technologies(Seapower) The director of the Office of Naval Research (ONR) said he divides his $2 billion science and technology budget into quick-reaction programs that can bring new capabilities to the fleet quickly, in efforts to mature technology that will produce better systems in three to four years, in "leap-ahead innovation" that could become operational within eight years, and into discovery and invention that can uncover new concepts to yield breakthrough capabilities for the warfighters a decade from now
UCF cyber defense club recognized as best in nation(Central Florida Future) After dominating the collegiate cyber defense circuit last year, Hack@UCF was recognized for best overall performance of the year based on 21 cybersecurity competitions spanning from June 2014 to May 2015
Twitter, ISIS, and Civil Liability(Lawfare) A few months ago, we wrote a lengthy piece about the possibility that Apple could face civil liability for providing end-to-end encryption to criminals and terrorists. We got a lot of heat for this piece. But today it's looking pretty good
'Good enough' isn't good enough to secure NRC network center(FCW) The Nuclear Regulatory Commission's network security operations center meets the operational security requirements under an IT services contract, but there's room for improvement, according to a report from the commission's inspector general
Online predator busted after being intercepted by tech-savvy mom(We Live Security) Being a tech-savvy parent is one way to make your child's online experience secure, as a recent story has revealed. In what was an almost textbook example of online grooming that surfaced only a few days ago in Colonie, New York, a watchful mom uncovered and helped to arrest an online predator
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
VB 2016(Denver, Colorado, USA, October 5 - 7, 2016) The 26th annual international Virus Bulletin conference meets this October in Denver
POPL 2016(St. Petersburg, Florida, USA, January 20 - 22, 2016) The annual Symposium on Principles of Programming Languages is a forum for the discussion of all aspects of programming languages and programming systems. Both theoretical and experimental papers are welcome,...
Automotive Cyber Security Summit — Shanghai(Shanghai, China, January 21 - 22, 2016) The conference, which brings together automakers, suppliers, various connected-services providers and security specialists, will focus on government regulations, emerging automotive cyber security standards...
CyberTech 2016(Tel Aviv, Israel, January 26 - 27, 2016) Cybertech is the most significant conference and exhibition of cyber technologies outside of the United States. Cybertech provided attendees with a unique and special opportunity to get acquainted with...
Global Cybersecurity Innovation Summit(London, England, UK, January 26 - 27, 2016) SINET presents the Global Cybersecurity Innovation Summit, which focuses on providing thought leadership and building international public-private partnerships that will improve the protection of our respective...
Fort Meade IT & Cyber Day(Fort Meade, Maryland, USA, January 27, 2016) The Ft. Meade IT and Cyber Day is a one-day event held at the Officers' Club (Club Meade) on base. The event is held on-site, where industry vendors will have the opportunity to display their products...
ESA 2016 Leadership Summit(Chandler, Arizona, USA, January 31 - February 3, 2016) The electronic security industry is rapidly changing and continuously evolving. It's not enough to just survive. Businesses looking to thrive need to adapt to ensure their people, products, services and...
SANS Cyber Threat Intelligence Summit & Training 2016(Alexandria, Virginia, USA, February 3 - 10, 2016) This Summit will focus on specific analysis techniques and capabilities that can be used to properly create and maintain Cyber Threat Intelligence in your organization. Attend this summit to learn and...
BSides Tampa 2016(MV Royal Caribbean Brilliance of the Seas, Tampa to Mexico, February 4 - 8, 2016) BSides Tampa is an annual IT security/hacking conference featuring hands on training classes and lectures from some of the greatest minds in the industry and academia
The Law and Policy of Cybersecurity Symposium(Rockville, Maryland, USA, February 5, 2016) This one-day symposium will cover the critical legal and policy issues, challenges, and developments in cybersecurity. Legal professionals, professionals who develop cybersecurity strategies and policies,...
Insider Threat Program Development Training — California(Carlsbad, California, USA, February 8 - 10, 2016) The National Insider Threat Special Interest Group website has some very "eye opening" examples of how "damaging and costly" an "insider threat incident" can be. The FBI Insider Threat Alert states companies...
OPSWAT Cyber Security Seminar(Washington, DC, February 9, 2016) OPSWAT, along with our Washington DC partners, InQuest and Punch Cyber, will be hosting a half-day seminar to cover several threat detection and research technologies
Secure Rail(Orlando, Florida, USA, February 9 - 10, 2016) The first conference to address physical and cyber rail security in North America
Cyber Security Breakdown: Dallas(Dallas, Texas, USA, February 10, 2016) This half day session will provide you with the critical information you need to start formulating an effective response in the eventuality of a cyber security event. Rather than try and handle the breach...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.