Get threat intelligence on hackers and vulnerabilities FREE every day with the Recorded Future Cyber Daily. Sign up today.
March 15, 2016.
By The CyberWire Staff
The US Government is said to be winding up an indictment of Iranian hackers, charging them with intrusions into networks controlling that small flood-control dam in Rye, New York. The intent is said to be to send a message to Tehran; the New York Congressional delegation appears to be front-running the attribution and calling for a vigorous response.
North Korean dudgeon aside, speculation about who's behind the OnionDog threat group and its attacks on South Korean targets is largely directed toward...North Korea. Chinese security firm Qihoo 360 is tracking OnionDog's activities.
Palo Alto's Unit 42 is reporting on the "digital quartermaster" phenomenon, which it perceives in an ongoing campaign against Mongolian government sites. (A digital quartermaster is a conjectured support service that maintains attack tools used in a variety of campaigns.) The tools that appear to be maintained by the digital quartermaster include the Cmstar downloader and the BBSRAT Trojan. Unit 42 thinks geolocation of attack traffic suggests the hackers are located in China. (Fun fact we learned at RSA, by the way: "Unit 42" got its name as Palo Alto's homage to the Hitchhiker's Guide to the Galaxy.)
Should there in fact be digital quartermasters, it would seem there are challenges in keeping criminals out of their supply chain. Reuters reports, on the basis of studies by Dell SecureWorks, Attack Research, InGuardians, and G-C Partners, that newly sophisticated ransomware hitting targets in the US and elsewhere is using "tactics and tools previously associated with Chinese government-supported computer network intrusions."
Today's issue includes events affecting China, India, Iran, Democratic Peoples Republic of Korea, Republic of Korea, Mongolia, Romania, Russia, United States.
2016 National Conference of Minority Cybersecurity Professionals(Washington, DC, March 23 - 24, 2016) The landmark ICMCP conference will elevate the national dialogue on the necessary measures needed to attract and develop minority cybersecurity practitioners to address the cross-industry cybersecurity skills shortage.
Women in Cybersecurity (WiCYS) 2016(Dallas, TX, March 31 - April 2, 2016) The 3rd annual conference brings together women (students, faculty, researchers, professionals) in cybersecurity from academia, research organizations and industry for the sharing of knowledge and experience, networking and mentoring.
Korean Energy and Transportation Industries attacked by OnionDog APT(eHacking News) Chinese security researchers from cyber-security vendor, Qihoo 360 have blown the lid on a hacker group, ‘OnionDog’ which has been infiltrating and stealing information from the energy, transportation and other infrastructure industries of Korean-language countries through the Internet
Why the OPM Hack Is Far Worse Than You Imagine(Lawfare) The Office of Personnel Management (“OPM”) data breach involves the greatest theft of sensitive personnel data in history. But, to date, neither the scope nor scale of the breach, nor its significance, nor the inadequate and even self-defeating response has been fully aired
One of the world’s most notorious hackers just revealed his identity to me(The Next Web) The man behind Team GhostShell — the hacker collective behind some of the biggest cyber attacks in recent memory, including attacks on the FBI, NASA and the Pentagon as well as a leak that saw 2.5 million Russian “government, educational, academic, political and law enforcement” accounts compromised — is ready to come clean and face the music
State of Automation in Security(Algosec) The “State of Automation in Security” survey uncovers key trends on the use of automation to manage security processes across today’s constantly-evolving environments
Luthra & Luthra advises Quick Heal on IPO(Legal Era) Luthra & Luthra Law Offices recently acted for the underwriters on the Initial Public Offering of Quick Heal Technologies Limited, one of the leading IT security solutions company, first provider of security software products and solutions to begin an Initial Public Offering (IPO) in India
5 Hot Security Job Skills(Dark Reading) Cybersecurity job openings are looking for people with a blend of technical, security, and industry-specific talents -- and it helps to know Python, Hadoop, MongoDB, and other big-data analysis tools, too
Risk managers key to managing cyber exposures(Business Insurance) Risk managers play an integral role in ensuring that their companies adopt an enterprisewide approach to cyber security, the Federation of European Risk Management Associations told a European Commission consultation on public-private partnerships in cyber security
How to conduct a tabletop exercise(CSO) As you discovered in the first installment of this five-part series, tabletop exercises can be an important practical tool for reviewing and updating incident response plans
Why outsource risk management to people who don’t care?(Help Net Security) The 2015 Cost of Cyber Crime Study by the Ponemon Institute reported that 50% of companies have implemented some sort of access governance technology. It fell 4th on the list in terms of ROI that people were getting from governance. The implementation trend is driven primarily by compliance
Data is a toxic asset, so why not throw it out?(CNN) Thefts of personal information aren't unusual. Every week, thieves break into networks and steal data about people, often tens of millions at a time. Most of the time it's information that's needed to commit fraud, as happened in 2015 to Experian and the IRS
It’s time to kill the static password(Help Net Security) How do you manage your passwords? Do you set them all to approximately the same value, for fear of forgetting them? Or do you write them down in a little book, or in a spreadsheet? Perhaps you use clever character combinations or a piece of software to manage them on your behalf?
FCC pushes for ISP data-sharing disclosures(FierceCIO) The Federal Communications Commission issued proposed rules on Thursday that would require Internet Service Providers to obtain the consent of those using their services if they plan to share customer data with third parties
FBI's Most Wanted Cybercriminals(Dark Reading) The Federal Bureau of Investigation has got millions of dollars worth of rewards waiting for those who can help them nab these accused cyber thieves, spies and fraudsters
Why This Former U.S. Counterterrorism Chief Supports Apple(Fortune) You might think that as the senior counterterrorism official in the U.S. government for nine years, and the man whose warnings of an impending al-Qaida attack before 9/11 were famously ignored by the second Bush administration, Richard Clarke would be sympathetic to the FBI in its standoff with Apple AAPL 0.25% over access to a terrorist’s locked iPhone. You would be wrong
WhatsApp Encryption Said to Stymie Wiretap Order(New York Times) While the Justice Department wages a public fight with Apple over access to a locked iPhone, government officials are privately debating how to resolve a prolonged standoff with another technology company, WhatsApp, over access to its popular instant messaging application, officials and others involved in the case said
#Arrested: Md. man accused of using hashtags in bank robberies(Daily Record) Prince George's County authorities say they have arrested a robber who used hashtags in his notes to bank tellers, linking him to at least nine bank robberies in Maryland. County police spokeswoman Julie Parker announced Friday that 45-year-old Leroy Earl Daley, of Landover, likely will be charged with five bank robberies in the county
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Security & Counter Terror Expo 2016(London, England, UK, April 19 - 20, 2016) Security & Counter Terror Expo (formerly Counter Terror Expo) is the event for any professional tasked with protecting assets, business, people and nations from terrorism. It brings over 9000 attendees...
4th Annual Cybersecurity Law Institute(Washington, DC, USA, May 25 - 26, 2016) At our 4th annual Institute, in the capital where cybersecurity regulations and enforcement decisions are made, you will be able to receive pragmatic advice from the most knowledgeable legal cybersecurity...
SANS 2016(Orlando, Florida, USA, March 12 - 19, 2016) It is time we unite, join forces, and show that if we work together, we can make a measurable difference in security. It is our pleasure to announce that SANS 2016 is back in Orlando, Florida March 12-21
Pwn2Own 2016(Vancouver, British Columbia, Canada, March 16 - 17, 2016) Since its inception in 2007, Pwn2Own has increased the challenge level at each new competition, and this year is no different. While the latest browsers from Google, Microsoft, and Apple are still targets,...
Insider Threat Symposium & Expo™(San Antonio, Texas, USA, March 17, 2016) The Insider Threat Symposium & Expo was created in the wake of the recent data breaches affecting the U.S. Government (WikiLeaks, NSA Breach), and the continued damaging and costly insider threat incidents...
ICCWS 2016(Boston, Massachusetts, USA, March 17 - 18, 2016) ICCWS 2016 will cover the complex but exciting aspects of international cyber warfare and security
CISO Summit France(Paris, France, March 22, 2016) A forum for innovative IT thought leaders across France. Despite economic instability in the euro zone amid an on-going global financial crisis, IT spending worldwide is expected to increase in the coming...
Risk Management Summit(New York, New York, USA, March 22 - 23, 2016) The Business Insurance Risk Management Summit is a unique two-day conference serving the information and networking needs of senior risk managers, benefits managers and related decision makers from the...
Artificial Intelligence and Autonomous Robotics(Clingendael, the Netherlands, March 23 - 24, 2016) Artificial Intelligence (AI) has been a feature of science fiction writing for almost a century, but it is only in more recent years that the prospect of truly autonomous robotics — even those that...
Commonwealth Cybersecurity Forum 2016(London, England, UK, March 23 - 24, 2016) The Commonwealth, built on consensus and mutual support, is an ideal platform to build international cooperation on various aspects of cybersecurity. CTO's Commonwealth Cybersecurity Forum brings together...
Black Hat Asia 2016(Singapore, March 29, 2016) Black Hat is returning to Asia again in 2016, and we have quite an event in store. Here the brightest professionals and researchers in the industry will come together for a total of four days — two...
TU-Automotive Cybersecurity USA 2016(Novi, Michigan, USA, March 29 - 30, 2016) TU-Automotive Cybersecurity dissects the real issues behind the headlines, helping you to apply technology and best practices to deliver robust security defenses and processes within a more secure ecosystem.
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.