skip navigation

More signal. Less noise.

Daily briefing.

ISIS returns to inspiration in cyberspace, calling for lone wolf attacks in Europe and the US (should you, jihadi, be unable to reach Syria) and stepping up recruiting in India (by promising vengeance for 2002’s riots in Gujarat). The US, meanwhile, is running an info ops campaign (in the form of both physical leaflets and social media image-sharing) designed to undermine ISIS’s hold on its nominal capital, Raqqa, Syria.

Palo Alto’s Unit 42 reports that Operation Ke3chang has resurfaced, now with new TidePool malware. Ke3chang’s targets are mostly Indian diplomats. No attribution, but Unit 42 does see some signs that point to China.

Last week a gang coordinated the theft of some ¥1.44 billion (about $12.7 million) from ATMs in Japan. The gang used forged payment cards. Whether necessary data were obtained from skimmers or some other hack is still unknown.

SWIFT and the banks who use it are working to ward off further attacks like those that looted the Bangladesh Bank earlier this year. Various banking authorities—notably in Hong Kong and the UK—also move to ensure that their wards increase vigilance.

In industry news, IBM plans another round of layoffs. Investors continue to wonder whether recent rough times for cyber stocks represents a buying opportunity. Many think so.

Indonesia and Japan announce plans to establish new cyber security agencies.

US and British officials receive advice from industry: UK insurers want a national database of cyber incidents. US startups tell Congress data security (read, encryption) makes us strong.


Today's issue includes events affecting Australia, Bangladesh, China, Ecuador, India, Indonesia, Iraq, Japan, Kosovo, Syria, United Kingdom, United States, and Vietnam.

Catch the CyberWire's Podcast later this afternoon, with interviews, educational tips, and more on the stories of the week. Today we'll get an update from the Johns Hopkins University's Joe Carrigan on his ongoing efforts to keep his Mom from being hacked. And our guest is Paul Paget, CEO of Pwnie Express, who'll describe the dangers posed by accidental rogue devices on your network. (If you enjoy the Podcast, please share your enjoyment with an iTunes review.)

Georgetown Cybersecurity Law Institute (Washington, DC, USA, May 25 - 26, 2016) Experienced government officials, general counsels, and cybersecurity practitioners offer insight into governance, preparedness, and resilience. Register Today, CyberWire readers receive a $100 DISCOUNT using code WIRE16.

Dateline Jailbreak Security Summit

Jailbreak IoT Security Summit (The CyberWire) Jailbreak Brewing hosted the latest of its security summits at its home in Laurel, Maryland on May 20, 2016. The topic this time around was Internet-of-things security, and the presenters—all industry experts—addressed automotive vulnerability research, the history of industrial control system malware (and its uses in the wild), wireless vulnerabilities, the use of OSINT to inform vulnerability research, hacking security cameras, and the way forward for testing IoT systems

The Internet of Things: IoT Security Talks and Craft Beer (Jailbreak Brewery) The world's only security summit held at a production brewery. Join some of the world's best embedded system security researchers as they talk about home automation, wireless protocols, and other IoT-related security topics at the only computer security event held at a production brewery. Attendance is limited to 100 to keep the Security Summit small and encourage conversation between speakers, attendees, and sponsors

Cyber Attacks, Threats, and Vulnerabilities

Islamic State group leader urges attacks in Europe and US (AP) An Islamic State group spokesman has urged sympathizers in Europe and the U.S. to launch attacks on civilians there if they are unable to travel to the group's self-declared caliphate in Syria and Iraq

The Islamic State Is Now Trying to Convince India's Muslims to Come Join the Caliphate (Vice News) In an attempt to appeal to India's Muslim minority, the Islamic State (IS) has released a video that says the group's fighters are planning to avenge the deaths of hundreds of Muslims who were killed during riots in Prime Minister Narendra Modi's home state of Gujarat in 2002

How Kosovo Was Turned Into Fertile Ground for ISIS (New York Times) Extremist clerics and secretive associations funded by Saudis and others have transformed a once-tolerant Muslim society into a font of extremism

The U.S. military is trying to psych out ISIS by letter bombing its capital in Syria (Military Times) Warning of a major attack on the Islamic State group's capital, aircraft flying over the Syrian city of Raqqa on Friday dropped thousands of leaflets urging residents to flee

Criminals stole $12.7 million from ATMs in Japan (Help Net Security) In the early morning hours of May 15, 2016, a group of over 100 people executed coordinated, fraudulent ATM withdrawals that netted them about 1.44 billion yen

Special Report: Cyber thieves exploit banks' faith in SWIFT transfer network (Reuters) Shortly after 7 p.m. on January 12, 2015, a message from a secure computer terminal at Banco del Austro (BDA) in Ecuador instructed San Francisco-based Wells Fargo to transfer money to bank accounts in Hong Kong

Second Bank Suffers Cyber-Theft via SWIFT, Third One Counters Heist Just in Time (Softpedia) Vietnamese and Ecuadorian banks see SWIFT-based attacks

Swift Banking Network Struggles With Wave of Cyberattacks (Wall Street Journal) Gaps in security standards and poor communication about breaches have exposed vulnerabilities of the global money-transfer network

SWIFT asks its customers to help it end a string of high-profile banking frauds (IDG via CSO) The company has promised an update to its security guidelines soon, following criticism of outdated practices

Operation Ke3chang Resurfaces With New TidePool Malware (Palo Alto Networks) Little has been published on the threat actors responsible for Operation Ke3chang since the report was released more than two years ago. However, Unit 42 has recently discovered the actors have continued to evolve their custom malware arsenal. We’ve discovered a new malware family we’ve named TidePool

Over half of enterprise Android users are vulnerable to QSEE flaw (Inquirer) Security Outfit Duo Security has let off a warning about the Qualcomm Secure Execution Environment (QSEE) vulnerability and its threat to enterprise users with Android phones

SS7 Vulnerability Isn’t a Flaw — It Was Designed That Way (IBM Security Intelligence Blog) A television news magazine recently ran a segment showing how German Chaos Computer Club (CCC) members could use the telephone network to access the voice data of a mobile phone, find its location and collect other information. All involved professed shock that such a thing could happen, and Democratic Rep. Ted Lieu of California even called for a congressional investigation about it

Crooks Used SQL Injections to Hack Drupal Sites and Install Fake Ransomware EXCLUSIVE (Softpedia) Drupal sites locked with new strain of Web ransomware Unknown attackers are leveraging a two-year-old vulnerability in Drupal installations to break into sites and install Web-based ransomware that hijacks the website's main page but fails to encrypt any files

Nine Days Later, Flash Zero-Day CVE-2016-4117 Already Added to Exploit Kits (Softpedia) CVE-2016-4117 spotted in Magnitude exploit kit attacks. It took crooks less than two weeks to weaponize the most recent Flash zero-day, which they're now using as a module inside the Magnitude exploit kit

Bug Hunter Found Ways to Hack Any Instagram Accounts (Hacker News) How to hack an Instagram account? The answer to this question is difficult to find, but a bug bounty hunter just did it without too many difficulties

Audit Finds 'Hostile Probes,' Breaches of Weather Satelite System (Nextgov) The nation's weather satellite program over the course of a year suffered 10 data security incidents, including unauthorized access and probes by adversaries, according to a congressional auditor

Pavlok electric shock wristband could be security risk (IT Pro) The wristband that supposedly stops over-spending could be hacked according to Kaspersky Lab

Another college website hacked, cyber cops to inquire (New Indian Express) The website of Tulasi Women’s College in Kendrapara was hacked by Vietnam hacking team on Friday

Teacher’s Email Hacked, Distributes Porn to Staff, Students and Parents (Hack Read) Dear teachers, be careful and protect your emails because you never know what your students are capable of!

Hacktivists Shut Down Donald Trump Hotel Collections Website (Hack Read) Remember the ruthless DDoS attackers from Ghost Squad who previously shut down websites of several banks, Loyal White Knights of the Ku Klux Klan (KKK) and Black Lives Matter (BLM) movement? They are back with yet another attack and this time the target is none other than American presidential Candidate and billionaire Donald Trump

Cyber Trends

No Silver Bullet Will Kill Cybersecurity Threats (Forunte) Time spent on compliance might be better spent actually doing something about security

Contactless payment market to reach $17.56 billion by 2021 (Help Net Security) The contactless payment market is expected to grow from USD 6.70 Billion in 2016 to USD 17.56 Billion by 2021, at a Compound Annual Growth Rate (CAGR) of 21.2%, according to new MarketsandMarkets researc

Middle East companies suffer more cyber-attacks than any other region (Step Feed) Companies in the Middle East are more likely to suffer from cyber-attacks than the rest of the world’s regions, according to a recent study conducted by the Middle East branch of Pricewaterhouse Coopers, one of the world’s four leading professional services firms

UK computers under Cyber criminals’ attacks (The Windows Club News) Microsoft’s News Center in UK recently reported the growing attacks on UK computers by the cyber criminals. As technology is advancing, cyber criminals too are getting smarter. As a result, the incidents of cyber crime is increasing across the globe. And now the activities of cyber criminals are increasing in the UK


Will utilities will drive IoT security market growth? (ReadWrite) Utilities will be among the sectors rushing to keep their fast-growing Internet of Things (IoT) systems safe from hackers will drive growth in the IoT security market by 55% between 2016 and 2020, according to a new study

Reimagining the Cybersecurity Profession (US News and World Report) How can policymakers and industry make cybersecurity a hot profession?

IBM Starts Another Round of Job Cuts (Fortune) The layoffs are just the latest by the tech giant. IBM’s woes continue as it struggles to reinvent itself in a fast-changing technology industry

3 of the Most Undervalued Tech Stocks Today (Motley Fool) It's not often that tech shares sell on the cheap. Here are three great, and extremely undervalued, options

3 Things Palo Alto Networks Inc Needs to Do to Win Back Investors (Motley Fool) The data security provider is growing by leaps and bounds, but shareholder’s rollercoaster ride won’t end until a few areas improve

Should You Consider FireEye After Post-Earnings Selloff? (Guru Focus) Stock looks cheap despite lack of profitability and bad quarter

A year ago, General Dynamics sold its commercial cyber business. Here's where that company is now. (Washington Busines Journal) It’s been a little more than a year since Falls Church-based General Dynamics Corp. (NYSE: GD) shed its commercial cybersecurity division

'Everyone acting like an owner is a key part of our DNA,' James Chappell, Digital Shadows (Management Today) The booming cyber security start-up has raised more than $20m and is expanding into the US

Shift to cyber warfare will bring economic growth, other changes to Augusta area, experts say (Augusta Chronicle) Shifting national defenses to a cyber-warfare footing means some big changes, but what will be most obvious to Augustans is the increased economic activity, experts say

California’s tech industry is headed toward a new frontier (Sacramento Bee) California technology companies are poised to take the lead in developing new anti-drone and gun safety tools for the federal government – adding another layer of complexity to the West Coast industry’s relationship with East Coast intelligence agencies

Vendors experience disruption with growing cloud security market (IT Pro Portal) With increasing threats from hackers, cloud security providers are under immense pressure. Vendors as well as security teams are experiencing disruption

Corero Network Security Wins USD300,000 Order From US Mobile Firm (Alliance News via London South East) Corero Network Security PLC on Monday said it has won a USD300,000 order for its SmartWall Threat Defense System from an unnamed US mobile network operator

Duo Security expands into European data centres ahead of EU data regulations (Financial News) Duo Security has expanded into data centers in Frankfort, Germany and Dublin, Ireland to serve customers in European companies mitigate risk in advance of the GeneralData Protection Regulation (GDPR) set to go into effect in 2018, the company said

Cybersecurity firm opens headquarters in Eldersburg (Carroll County Times) Carroll County officials turned out Friday to welcome the county's latest entry in the high-tech government contracting arena, with the official ribbon cutting of the new corporate headquarters of Applied Technology Group in Eldersburg

Products, Services, and Solutions

F-Secure launches service against targeted cyber attacks (First Post Tech 2) European cyber security provider F-Secure on Friday launched a new intrusion detection and incident response service to uncover cyber attack threats in the corporate network

Why people like Edward Snowden say they will boycott Google’s newest messaging app (Washington Post) Google this week announced a new messaging app with strong encryption, meaning that your communications can’t be wiretapped. But there’s a catch: You have to turn on that feature yourself

Technologies, Techniques, and Standards

Hong Kong Monetary Authority Strengthens Cybersecurity Controls on Banks (Data Protection Report) The Hong Kong Monetary Authority (HKMA) is taking action to tackle cyber security in the banking sector in Hong Kong through the Cybersecurity Fortification Initiative (CFI) – a new comprehensive initiative announced on May 18, 2016, which aims to raise the level of cybersecurity of the banks in Hong Kong. This follows the Hong Kong Securities and Futures Commission’s (SFC) similar initiative of issuing the Circular to All Licensed Corporations on Cybersecurity (see our previous post)

TheCityUK report on cyber attack (Lexology) TheCityUK has published a report on how to make the UK financial and professional services sector more resilient to cyber attack

Making the financial sector more resilient to cyber attack (Help Net Security) Firms across the financial and related professional services industry need to take urgent action on cyber risk, according to a new report from TheCityUK and Marsh

Angry advertisers hope to seal fate of online ad fraud (IDG via CSO) The Certified Against Fraud Program hopes to put an end to online ad fraud

More options to defeat ransomware (Network World via CSO) A researcher talks about ways to cut short attacks, protect files from encryption

How to negotiate when hackers are holding you to ransom (Wired) According to online-security giant Symantec, over $4 billion in ransom money was paid to hackers in 2013

Blockchain technologies: A key tool for data management? (Help Net Security) Blockchain technologies (the technical foundation for Bitcoin) hold great potential to solve government’s long-term challenge of establishing clear rules about who has control over specific types of information

Microsoft outlines new policies for dealing with terrorist content (GeekWire) The threat of terrorism has escalated the age-old battle between national security and individual rights — and technology companies are often caught in the crosshairs

HPE Exec: How to Disrupt the Business of Hacking (eWeek) A Hewlett Packard Enterprise executive details how hacking now has an organized business model and suggests steps to make it less profitable for hackers

Where Should Security Keys be Kept in the Cloud? (eSecurity Planet) The use of cryptographic keys is a linchpin of modern security. When it comes to the cloud, there is some debate as to where those keys should exist and how their placement impacts cloud security

Companies need to deal with the enemy inside the gates: EY India's Nitin Bhatt (Economic Times) Organisations today face cyber threats that are not just external, but also internal, as attackers figure out ways to compromise sensitive data, including IP and critical infrastructure, companies need to do a lot more to protect against them, Nitin Bhatt , national leader & risk advisory partner, EY India, told ET's Neha Alawadhi in an interview

Why organisations should care about security culture (IT Pro Portal) We spoke to Kai Roer, an award-winning author and CEO & Co-Founder of CLTRe, about the concept of IT security culture and why organisations should care about its impact

Blueprint: Evolving Security for Evolving Threats in Payments (Converge! Network Digest) At this point in the history of cyber security, it seems like the eternal optimism of “it couldn’t happen to me” is the only reason consumers by the millions haven’t abandoned the digital life and gone back to cash-only transactions. Huge-scale data breaches persist, snatching more and more personal data. Retailers certainly want to protect their customers and their reputation, but are they really doing all they can?

Design and Innovation

Behavior is the new authentication: A look into the future (Help Net Security) In the next few years organizations will face extreme IT security challenges. Hackers are targeting humans instead of machines. All the most costly cyber attacks (APTs, ransomware) are a result of employees or third party providers’ privilege misuse, and executing a social engineering attack is easier than finding zero days

IBM Looks To Watson To Fight Online Criminals And Filter The Flood Of Security Data (Fast Company) The company will be teaching the AI tool to read security advisories and advise system administrators on keeping out hackers


Raytheon awards Women's Cybersecurity Scholarships (PRNewswire) Partnership with Center for Cyber Safety and Education seeks to close the gender gap in cybersecurity workforce

Augusta University Cyber Institute recognized by NSA and DHD (News Channel 6) The Augusta University Cyber Institute is just shy of a year old, but it’s already gaining national attention

Legislation, Policy, and Regulation

What Europe Tells Us About The Future Of Data Privacy (Dark Reading) Recent initiatives offer new strategies for balancing technology, security, and organizational policy goals. Here are three approaches worth considering

Japan Set to Develop Elite White Hat Agency (Infosecurity Magazine) The Japanese government is set to create a new agency tasked with recruiting a crack team of white hats and conducting cybersecurity R&D ahead of the 2020 Olympics, it has been revealed.

National Cyber Agency to Begin Operations Next Monthi (Jakarta Globe) The government will soon officiate a national body aimed at protecting all of its institutions from wiretappings, a senior minister has said

Insurers push for creation of cyber attack database (Fiancial Times) The head of the Association of British Insurers has called on the government to create a database where companies would have to record details of cyber attacks

Startups to Congress: Strong data security keeps us competitive (TechCrunch) Twilio recently had the opportunity to meet with members of Congress and their staff who have taken on the difficult task of balancing security and privacy. We were struck by the sincere desire to understand how actions proposed by those in Washington impact smaller technology businesses

Senators take aim at ‘armies of zombie computers’ (Cybersecurity Dojo) A group of senators this week introduced reworked legislation to combat botnets, which transmit computer viruses, after the measure failed to make it into the major cybersecurity bill passed late last year. The reintroduced bill, from Sens. Lindsey Graham (R-S.C.), Sheldon Whitehouse (D-R.I.) and Richard Blumenthal (D-Conn.), would expand the authority of law enforcement and the courts to crack down on botnets

Lawmakers push to make U.S. Cyber Command a top military command (Baltimore Sun) Officials and business leaders in Maryland are backing a proposal to elevate U.S. Cyber Command to a unified combatant command — one of 10 charged with carrying out missions around the world — a move they hope will bring prestige and more jobs to the state

Marine cyber warriors will mess with their enemies' heads (Marine Corps Times) Psyching out their adversaries will be one of the best ways Marines will dominate future battlefields, the general in charge of the Marine Corps’ cyber warfare command says

Litigation, Investigation, and Law Enforcement

It's Not ‘Malware’ When We Have a Warrant, FBI Says (Motherboard) The FBI has been in the hacking business for a long time, famously using malware to log suspects' keystrokes as early as the 1990s. But in the high-profile case surrounding a dark web child abuse site called Playpen, the Bureau is arguing that because it was authorized by a warrant, its computer intrusion code shouldn't be called “malware” at all

Snowden: NBN leaker raids a 'misuse' of Australian Federal Police (Register) NSA nemesis says Australia's surveillance state is even nastier than the USA's

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

SIFMA Cyber Law Seminar (New York, New York, USA, June 9, 2016) During this full-day program attorneys and compliance professionals will gain insights and regulatory perspectives on cybersecurity law as well as strategies for how to take an active and valuable role...

2016 Information Assurance Symposium (Washington, DC, USA, August 16 - 18, 2016) The Information Assurance Symposium is the premier IA event at which leaders and practitioners share vital information and provide direction and best practices to meet today’s challenges in IA and the...

Upcoming Events

HITBSecConf2016 Amsterdam (Amsterdam, the Netherlands, May 23 - 27, 2016) The event kicks off with all new 2 and for the first time, 3-day training sessions held on the 23rd, 24th and 25th. Courses include all new IPv6 material by Marc 'van Hauser' Heuse of, an in-depth...

Enfuse 2016 (Las Vegas, Nevada, USA, May 23 - 26, 2016) Enfuse is a three-day security and digital investigations conference where specialists, executives, and experts break new ground for the year ahead. It's a global event. It's a community. It's where problems...

Cybersecurity Law Institute (Washington, DC, USA, May 25 - 26, 2016) Those lawyers who ignore cyber threats are risking millions of dollars for their companies or their clients. Recent reports by Cisco and the World Economic Forum both highlight the paramount importance...

4th Annual Cybersecurity Law Institute (Washington, DC, USA, May 25 - 26, 2016) At our 4th annual Institute, in the capital where cybersecurity regulations and enforcement decisions are made, you will be able to receive pragmatic advice from the most knowledgeable legal cybersecurity...

SecureWorld Atlanta (Atlanta, Georgia, USA , June 1 - 2, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...

C³ Voluntary Program Regional Workshop: Understanding and Managing Cyber Risk in the Water and Energy Sectors (Indianapolis, Indiana, USA, June 1, 2016) The Department of Homeland Security's Critical Infrastructure Cyber Community (C3) Voluntary Program and the Indiana Utility Regulatory Commission (IURC) will host a free cybersecurity risk management...

Innovations in Cybersecurity Education Workshop 2016 (Halethorpe, Maryland, USA, June 3, 2016) Innovations in Cybersecurity Education is a free regional workshop on cybersecurity education from high school through post-graduate. It is intended primarily for educators who are teaching cybersecurity...

ISS World Europe (Prague, Czech Republic, June 7 - 9, 2016) ISS World Europe is the world's largest gathering of regional law enforcement, intelligence and homeland security analysts as well as telecom operators responsible for lawful interception, hi-tech electronic...

Data Breach & Fraud Prevention Summit Asia (Mumbai, India, June 8, 2016) ISMG’s Data Breach & Fraud Prevention Summit Asia – Mumbai is a one-day event that will focus on the latest fraud techniques and technologies, as well as a holistic, strategic approach to looking at the ...

New York State Cyber Security Conference (Albany, New York, USA, June 8 - 9, 2016) June 8-9 marks the 19th Annual New York State Cyber Security Conference and 11th Annual Symposium on Information Assurance (ASIA) and we invite you to join us for this nationally recognized event. The...

SecureWorld Portland (Portland, Oregon, USA, June 9, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements learning from nationally recognized industry...

Cleared Job Fair (Tysons Corner, Virginia, USA, June 9, 2016) connects you with cleared facilities employers, including Federal Acquisition Strategies, Firebird Analytical Solutions & Technologies, Leidos, PAE, TRIAEM, Commonwealth Computer Research,...

SIFMA Cyber Law Seminar (New York, New York, USA, June 9, 2016) During this full-day program attorneys and compliance professionals will gain insights and regulatory perspectives on cybersecurity law as well as strategies for how to take an active and valuable role...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.