The CyberWire Daily Briefing 05.23.13

Cyber Trends

Online fraud: Why should you not blame banks (Moneycontrol) "Dear valued customer, Reserve Bank of India has launched, a new security system, to get you protected. Click below, choose your bank and get started," reads a mail sent from no-reply@rbi.org.inIndeed, it is a phishing mail. While some of you end up ignoring it sitting in the commercial capital here in Mumbai, the "RBI instruction" will prompt the rest across India to give details. Consequently, they will fall prey to the catch. Your hard-earned money will be swindled marking the beginning of

Rapid-growing mobile payments market is driving a financial fraud marketplace (PC Advisor) The global mobile payments market is predicted to exceed US$1.3 trillion in the coming years, presenting opportunities for cyber crime gangs to exploit, according to a whitepaper published by the Anti-Phishing Working Group (APWG)."On one hand, we can see just one example of a major European bank that in early 2012 had 100,000 mobile banking users, and by April 2013, four million. In contrast, there were around 50 generally known samples of mobile malware in 2010, rising in 2013 to some 30,000

UK data breaches largely hidden, says Stroz Friedberg (Computer Weekly) The true extent of UK data breaches is unknown because most companies do not report them in the absence of data breach notification laws, says global digital risk and investigations firm Stroz Friedberg.Even companies hit by cyber attacks do not have a good idea of the threats facing them because they tend to put their heads in the sand, said Seth Berman, executive managing director at Stroz Friedberg

IT security vendors seen as clueless on industrial control systems (CSO) Even the most innocuous security processes used for traditional IT systems could spell disaster in an ICS. Many IT security vendors have a minimal understanding of industrial control systems (ICS) and try to sell technology that could easily damage the devices found in plants running the nation's critical infrastructure, experts say

Phishing Expedition? Cyber Heists Expose Flawed Password System (Fox Business) With high-profile cyber attacks on the rise, a spotlight shining on passwords has revealed a faulty system rampant with potential loopholes and a traditional password-username mechanism that has fallen painfully behind the times

Experts highlight top data breach vulnerabilities (Help Net Security) Hidden vulnerabilities lie in everyday activities that can expose personal information and lead to data breach, including buying gas with a credit card or wearing a pacemaker

Why BYOx is the next big concern of CISOs (Help Net Security) Wisegate released new research from its members that demonstrate how CIOs and CISOs are working to achieve the right balance between employee productivity and information security as they face growing IT consumerization trends, such as BYOD and more recently BYOx (where x = anything from the latest mobile device to personal apps, web services, cloud storage and more.)

IT pros focus on cloud security, not hype (Help Net Security) Cloud computing is exceeding expectations, according to a CA report. Respondents indicate the cloud has moved beyond adolescence and is on the path to maturity in the enterprise

Growing mobile malware threat swirls (mostly) around Android (Techworld.com) Meanwhile, the National Cyber Security Alliance is aiming at ordinary users with an education campaign using the slogan, "Stop. Think. Connect." The campaign aims to teach consumers about online safety in the same way children are taught to look both

Global telecom supply chain cyber-attack risk considered low (FierceGovIT) The risk of a cyber attack executed via corrupt hardware inserted into a global supply chain is considered to be low in the private sector, reports the Government Accountability Office. The House Intelligence Committee issued a report in October 2012 urging the federal government to avoid equipment manufactured by Chinese firms Huawei and ZTE, even at the component level, stating that those companies "cannot be trusted to be free of foreign influence"

IT Threat Evolution in Q1 2013: New Incidents and Old Suspects (Security Park) In their latest report, the experts at Kaspersky Lab analysed the development of IT threats in the first quarter of 2013. The first three months of the year turned out to be full of incident, especially when it came to cyberespionage and cyberweapons

Avanade survey finds business, IT leaders turning to consumer tools for social collaboration (FierceContentManagement) Consulting firm Avanade spearheaded a survey to see what kinds of social technologies both business leaders and end users were adopting in the enterprise. And their results were surprising. 77 percent of the business and IT leaders said they're using social collaboration technologies, but that doesn't mean just SharePoint and Salesforce

Legislation, Policy and Regulation

The global cyber game (Defence Academy of the United Kingdom) This report provides a systematic way of thinking about cyberpower and its use by a variety of global players. A synthesis of the findings of the Defence Academy Cyber Inquiry. The Inquiry was an open source research programme formed in response to a strategic research question posed by the Ministry of Defence. The report gives an overview of the Cyber Inquiry's big-picture conclusions

Legislators: Electric Utilities Dragging Heels on Cybersecurity Mitigations (Threatpost) It would seem that what spurs private and public electric grid utility operators to action with regard to cybersecurity isn't the Chinese or Iranians attacking them, but the word "mandatory"

How to Fix the EU's 'Right to Be Forgotten' (Huffington Post) It has been more than a year since the European Union Data Protection Regulation (DPR) was unveiled, including a controversial proposal known as the "Right to Be Forgotten" (RTBF). While the proposal is intended to give Internet users more control over their data, many critics, including CDT, have charged that the new right would pose significant unintended risks for free expression online. As the European Parliament considers amendments to the Data Protection Regulation, ensuring that good intentions

NATO's geek brigade (Global Post) With cyber war pegged as a serious threat, NATO is prepared to respond with real force. It was a horrific scenario. The African island nation of Boolea was reeling from an attack by religiously inspired insurgents. Then a deadly cholera epidemic struck

The Commission on the Theft of American Intellectual Property (IP Commission) The scale of international theft of American intellectual property (IP) is unprecedented--hundreds of billions of dollars per year, on the order of the size of U.S. exports to Asia. The effects of this theft are twofold. The first is the tremendous loss of revenue and reward for those who made the inventions or who have purchased licenses to provide goods and services based on them, as well as of the jobs associated with those losses. American companies of all sizes are victimized

Killer Apps: The cyber security recommendations of Blair and Huntsman's report (Foreign Policy) (The private commission — loosely affiliated with the National Bureau of Asian Research — was led by Dennis Blair, who served as President Barack Obama's first director of national intelligence, and former Utah Governor John Huntsman

US urged to permit self-defense retaliation on hackers (ZDNet) Would retaliatory attacks make hackers think twice? Throwing money at creating cyberpolice forces and technology to keep up with digital threats may not be the only tactics the U.S. will employ in the future. As a meeting between President Obama and the new president of China, Xi Jinping, draws near, former senior officials in the Obama Administration will recommend a series of steps to deter hackers from the country from stealing U.S. industrial secrets

Private Retaliation in Cyberspace (Center for Strategic and International Studies) There has been a resounding chorus of voices in Washington calling for the United States to give companies the right to retaliate against cyber attackers in China with counterstrikes of their own, the most recent being a report that concludes that if other measures to get China to change its behavior fails, "the United States should consider giving companies the right to retaliate against cyber attackers with counterstrikes of their own." This is a remarkably bad idea that would harm the national interest. Our goal is to make cyberspace more stable and secure, not less. Endorsing retaliation works against that goal in many ways, all damaging

'Irrational' hackers are growing U.S. security fear (Reuters) Cybersecurity researcher HD Moore discovered he could use the Internet to access the controls of some 30 pipeline sensors around the country that were not password protected…U.S. national security experts used to take comfort in the belief that "rational" super powers like China or Russia were their main adversaries in cyber space. These countries may have the ability to destroy critical U.S. infrastructure with the click of a mouse, but they are unlikely to do so, in part because they fear Washington would retaliate. Now, concerns are growing that "irrational" cyber actors - such as extremist groups, rogue nations or hacker activists - are infiltrating U.S. systems to hunt for security gaps like the one uncovered by Moore

CrowdStrike: Jump the gun (SC Magazine) Security industry called to take assertive action. IT security vendors have such a warped sense of priority, that if they attempted to solve a gun crime, they would focus more on finding the bullet than catching the guy who pulled the trigger, according to CrowdStrike co-founder Dmitri Alperovitch

Products, Services, and Solutions

SecureAuth Launches "Fingerprint" Authentication For BYOD Security (Dark Reading) SecureAuth IdP 7.0 uses an heuristics approach to identify, authenticate, and assert access to mobile devices and apps

Is The Raspberry Pi Secure? (TrendLabs Security Intelligence Blog) Since its initial release in February 2012 the Raspberry Pi — a very inexpensive, palm-sized computer meant to help teach computer science in schools — has become a favorite of hobbyists, makers, and tech enthusiasts everywhere. Why wouldn't it be? The Raspberry Pi offers tinkerers a very low-cost (both to buy and to run) computer in an extremely compact platform. In addition, because of its origins as an educational tool, it's easy to use and is versatile

Check Point introduces security solutions for small businesses (InformationWeek India) Check Point Software Technologies launched its new 600 Appliances, delivering powerful…Cyber security is a growing challenge for small businesses

Free tool repairs critical Windows configuration vulnerabilities (Help Net Security) Tripwire announced SecureCheq, a free configuration utility that helps evaluate and repair the most common, critical configuration vulnerabilities in Windows desktops and servers

Twitter launches two-factor authentication (Infosecurity) In a tweet yesterday and accompanying blog, Twitter announced that it has joined other large cloud companies in offering two-factor authentication

Prevent a hack attack with Twitter's new two-factor authentication (CSO) After a series of high-profile hackings, Twitter has finally introduced two-factor authentication. Twitter on Wednesday said users will now be able to protect their accounts by registering a phone number and e-mail address. This isn't automatic: You have to select, "Require a verification code when I sign in," on your Account Settings page

Kim Dotcom Claims He Invented Two-Factor Authentication, Has A Patent To Prove It (TechCrunch) Oh, Kim Dotcom. You just never stop surprising us. Just hours after Twitter finally rolled out its long-awaited Two-Factor authentication, the Megaupload founder is claiming to have invented the entire mechanism…and he's got a patent to prove it

Deloitte, Salesforce Grow Cloud Tech Partnership (Executive Biz) Deloitte will demonstrate cloud computing products that use Salesforce.com's technology at Deloitte's federal innovation center in Rosslyn, Va. as the companies aim to expand their public sector market partnership

Accellion teams with Ricoh to offer secure mobile printing product (FierceMobileIT) Accellion, a provider of mobile file sharing products, and copier and printer maker Ricoh have teamed to provide enterprises with a secure mobile printing product. Accellion Mobile Apps for iOS and Android enables enterprises with Ricoh HotSpot Enterprise software to print securely within a closed-loop system

Bitdefender Clueful exposes Android spies (The H) Bitdefender Clueful is designed to warn Android users about apps that put their privacy at risk. Available free of charge, the app checks whether any of a user's installed programs are known to transmit smartphone numbers to advertising networks or

Technologies, Techniques, and Standards

Amateur sleuths crack North Korean secrets (Sydney Morning Herald) An online community of amateur satellite sleuths are gathering intelligence about North Korea by comparing historical differences in publicly accessible satellite imagery

What Connections Between Attacks Say About Them (TrendLabs Threat Intelligence Blog) In the process of investigating and analyzing targeted attacks, we have seen that attacks which may not be related at first glance may in fact be linked; conversely attacks that may seem unrelated may turn out to be connected. Knowing which is which can provide useful information in determining how to respond to an attack

Bad first impression? Give the cloud a second chance (InfoWorld) My InfoWorld colleague Ted Samson noted this was a major concern at this year's RSA Conference in San Francisco, reporting on the nine top threats to cloud computing security, according to the CSA (Cloud Security Alliance). First on the list? Data

NIST Releases Cloud Computing "Security Reference Architecture" (Information Law Group) The National Institute of Standards and Technology ("NIST") loves its "Special Publications" the way IRS agents love new tax forms. NIST's SP's, however, are much more useful, and its latest Special Publication release in draft form for public comment, SP 500-299 "Cloud Computing Security Reference Architecture" introduces NIST's Cloud Computing Security Reference Architecture ("SRA") as the latest piece in NIST's broader cloud computing review

Grant: NSTIC will succeed where other programs have failed (FierceGovIT) The National Strategy for Trusted Identities in Cyberspace will succeed where other federal attempts at offering the public a common online identity have not, said Jeremy Grant, senior executive advisor for identity management at the National Institute of Standards and Technology. Grant spoke May 21 during a panel session during the annual ACT-IAC Management of Change conference

Marketplace

Intelligence Taps Industry for Essential Technologies (Signal Magazine) James Bond's U.S. counterpart may be equipped more with commercial technologies than with systems developed in intelligence community laboratories. The private sector will be called upon to provide even more capabilities to help keep the intelligence community ahead of adversaries and budget cuts

Did The Pentagon Cry Wolf Over Sequestration? (McClatchy Newspapers) A funny thing happened on the way to a predicted disaster: The Pentagon is learning to live with the automatic budget cuts its leaders had warned would threaten national security if they took effect

Coast Guard Rides Waves of Joint Information Environment (Signal Magazine) As the director of the Coast Guard Cyber Command, the admiral also is mindful that the JIE will improve his ability to control what devices are attached to the network, giving him the opportunity, for example, to stop an unauthorized USB thumb drive

Honeywell to Provide Cyber Readiness Services (Signal Magazine) Services shall include conducting command cyber readiness inspections, cybersecurity inspections and command assessment and training in support of Fleet Cyber Command's Cyber Security Inspection Certification Program and verification, validation, and

DISA Voice Services Purchases Voice Encryption Device From EADS North America (Wall Street Journal) The device, which recently was approved for operation by the National Security Agency and evaluated by the Joint Interoperability Test Command, helps DISA meet the U.S. government's requirements for next-generation secure voice services, including

Navy Awards $99M for Anti-Terror Program Hardware, Software (GovConWire) Three companies have won positions on a potential $99 million contract to design and install hardware and software for the U.S. Navy's anti-terrorism force protection programs. Contractors will compete for task orders to perform work during the one-year base period and two option years if they are exercised, the Defense Department said Tuesday

General Dynamics Wins Army Intell Systems Order (GovConWire) General Dynamics' (NYSE: GD) C4 systems business unit has won a potential $31.5 million order from the U.S. Army for 10 intelligence systems that will be mounted on vehicles. The order includes an option for 11 additional Tactical Ground Station Lot D systems and the company intends to deliver the systems to the Army during the third quarter of 2013, General Dynamics said Wednesday

SoftBank said to be in talks with US to allay national security fears (CSO) The Japanese company will allow the U.S government to approve a director on the Sprint Nextel board tasked with monitoring security issues

Wall Street banks band together against Bloomberg (FierceFinance) The news that top Wall Street banks have formed a partnership to develop an alternative to Bloomberg's chat service is not novel. The financial information juggernaut, which has its eyes on electronic trading as well, has long inspired fear in top banks, even before it became the leading vendor

Why Thomson Reuters doesn't stand much chance of displacing Bloomberg's chat service (Quartz) Bloomberg terminals have become pretty much indispensable to investors, and one of the key reasons, besides their news and data, is their private chat feature, where much of Wall Street's conversation happens. Since the company's journalists were caught peeking at data about users' activities, the users have somewhat lost trust in that privacy. But is that enough to pave the way for a new player?

Nordstrom Halts Mobile Customer-Tracking Trial (StoreFrontBacktalk) Eight months into a controversial customer-tracking mobile trial, Nordstrom (NYSE:JWN) has halted the effort. Although Nordstrom took a lot of criticism for the mostly misunderstood program from consumer media, it's not clear whether the project ended as a result of the criticism or the trial had simply run its course

Dell SecureWorks heading for Australia (IT Wire) Dell's SecureWorks information security services operation is expanding into the ANZ market with the establishment of an Australian operation. Dell acquired SecureWorks in 2011, and the company expanded into the Asia Pacific region earlier this year with the opening of an operation in Japan

After bouts of drama, HP's turnaround is taking hold (Quartz) The numbers: They were good. PC maker Hewlett-Packard reported a 32% decline in profit, but that still beat analyst expectations. Net revenue was also down by 10%, but the company raised the lower end of its annual forecast by $0.10 to $3.50 earnings per share

Nuix appoints Neil Condon as VP of Public Sector (Fort Mill Times) Nuix, a worldwide provider of information management technologies, has appointed digital forensics and computer security specialist Neil Condon as Vice President of Public Sector. Condon is responsible for supporting Nuix's public sector customers and growing the company's digital forensics and investigation business in North America

Camby cash crypto-coders Cronto chomped on pronto by Vasco (The Register) Swiss software firm Vasco has bought Cambridge-based banking security specialist Cronto in a deal valued at up to £14.5m.Vasco will pay $19.3m (€15m, £12.7m), and a further $2.6m (€2m, £1.8m) depending on future earnings, to get its hands on the British upstart's malware-defeating technology. Its software attempts to shield online transactions from any eavesdropping or interfering Trojans lurking on bank customers' PCs. Germany's Commerzbank AG and Switzerland's Raiffeisen bank use the tech

Big Brother security tech gets $20m (The Register) Skyhigh Networks has trousered $20m from VC firms keen on the security company's tech for snooping on corporate networks and locking down banned apps.The $20 megabuck Series E investment round was led by Sequoia Capital along with pre-existing investors Greylock Partners, the company announced on Tuesday.By scanning networking traffic from logs from firewalls, proxies, and web security gateways, the company's tech can sniff out network traffic that matches up with any of its 2,000 or so profiled

UAE cloud security market poised for growth, says Frost and Sullivan (SCO) According to the latest report from Frost & Sullivan, the United Arab Emirates (UAE) is showing a greater demand for cloud security solutions, as cloud uptake across the region continues to increase.In its recent "State of Cloud Computing Security in the UAE" report, Frost & Sullivan said that the country's cloud security market generated more than $8.7 million in 2012. The research firm expects this number to reach $72.3 million by 2019.Frost & Sullivan said that the UAE is one of the most spam

Cyber Recruiting, Country Music Style (Nextgov) The need for skilled cybersecurity experts continues to be a priority for the U.S. government, the private sector and academia. Since the need for a skilled workforce has been stressed in traditional and non-traditional methods and publications in almost every way possible except maybe in song I thought I would make the case in a country song. With apologies to Willie Nelson:Mamas please let your babies grow up to be hackers Please let em write source code and fix their tabletsMake em be geek

Research and Development

Intel Fuels a Rebellion Around Your Data (Technology Review) The world's largest chip maker wants to see a new kind of economy bloom around personal data. Data science and personal information are converging to shape the Internet's most powerful and surprising consumer products. Intel is a $53-billion-a-year company that enjoys a near monopoly on the computer chips that go into PCs. But when it comes to the data underlying big companies like Facebook and Google, it says it wants to "return power to the people"

Security Patches, Mitigations, and Software Updates

Wireshark 1.8.7 and 1.6.15 Released (Wireshark) Wireshark 1.8.7 and 1.6.15 have been released. Installers for Windows, Mac OS X 10.5.5 and above (Intel and PPC), and source code are now available

Stable Channel Release (Chrome Releases) The Chrome team is excited to announce the promotion of Chrome 27 to the Stable Channel. Chrome 27.0.1453.93 for Windows, Mac, Linux, and Chrome Frame contains number of new items including

Cyber Attacks, Threats, and Vulnerabilities

Another Mac OS X Backdoor Reported (Threatpost) It was inevitable another sample of the Mac OS X spyware discovered last week would surface. Researchers said today that a German investigator informed its researchers of another instance in the wild. Spread via a spear phishing campaign that's apparently been circulating since December, the malware is a backdoor that opens a connection to a Romanian command and control server and is able to steal screenshots and perform other surveillance on infected machines, researchers at F-Secure said. The first sample connected to servers in the Netherlands and France

Researchers Discover Dozens of Gaming Client and Server Vulnerabilities (Threatpost) Two video game researchers have discovered a slew of zero day vulnerabilities in the engines that run popular first person shooter games like "Quake 4," "Monday Night Combat," "Crysis 2" and "Homefront," among others that could put their servers and the gamers who use them in danger

NC Fuel Distributor Hit by $800,000 Cyberheist (Krebs on Security) A fuel distribution firm in North Carolina lost more than $800,000 in a cyberheist earlier this month. Had the victim company or its bank detected the unauthorized activity sooner, the loss would have been far less. But both parties failed to notice the attackers coming and going for five days before being notified by a reporter.Organized cyber thieves began siphoning cash from Mooresville, N.C. based J.T. Alexander & Son Inc. on the morning of May 1, sending money in sub-$5,000 and sub-$10,000

Google engineer bashes Microsoft's handling of security researchers, discloses Windows zero-day (Computer World) A Google security engineer accused Microsoft of treating outside researchers with "great hostility" just days before posting details of an unpatched vulnerability in Windows that could be used to crash PCs or gain additional access rights.Microsoft acknowledged the vulnerability late Tuesday. "We are aware of claims regarding a potential issue affecting Microsoft Windows and are investigating," said Dustin Childs, a spokesman for the company's security response group, in an email. "We will take

Microsoft decrypts Skype comms to detect malicious links (Help Net Security) The issue addresses last week by The H and their associates at heise Security of whether or not Microsoft checks links contained in encrypted Skype chat sessions and their claim that it did has raised quite a few questions

Keeping Up With the Andromeda Botnet (TrendLabs Threat Intelligence Blog) Last March, I blogged about the Andromeda, a well-known botnet that surfaced in 2011 and is making a comeback this year. Just months after my report, we are still seeing notable activities from the said botnet, in particular a sudden boost of GAMARUE variants last week. The Andromeda botnet is a spam botnet that delivers GAMARUE variants, which are known backdoors and have a noteworthy way of propagating via removable drives

Fake 'Export License/Payment Invoice' themed emails lead to malware (Webroot Threat Blog) We have just intercepted yet another currently ongoing malicious spam campaign, enticing users into executing a fake Export License/Payment Invoice. Once gullible and socially engineering users do so, their PCs automatically join the botnet operated by the cybercriminals

Breakfast malware at Tiffany's? Trojan horses spammed out widely (Naked Security) Little blue boxes from Tiffany & Co. are the stuff of dreams for many. Don't let an unexpected email delivery — apparently from the company — make you so giddy with an excitement that you end up with a computer nightmare

It's VKontakte, NOT Vikontakte. Twitter phishing, Soviet-style. (Naked Security) With a cybercrime plan as poorly thought out as this, maybe it's no wonder the Soviet Union didn't survive

Privilege escalation, why should I care? (Internet Storm Center) In my day job I spend about 90% of my time on the red team, performing vulnerability assessment and penetration testing. The rest is spent on threat research, incident response, and digital forensics. Interacting with clients as a consultant I often hear what I term 'interesting' responses. When a penetration tester calls something interesting you should probably pay attention. The IDS only listens external to the firewall? SharePoint is directly exposed to the Internet? The WAF protects against attacks therefore we don't have to fix the application? The VMs are all physically on the same host? The DMZ and the internal VLAN are physically on the same switch? You don't bother with privilege escalation patches? All quite interesting

Cyber security expert Eugene Kaspersky says cyber 'hactivists' the greatest threat at next year's G20 Summit (Courier-Mail) International cyber spies loom as one of the biggest security threats at next year's G20 summit in Brisbane, according to one of the world's leading security experts. Eugene Kaspersky, once voted the world's most powerful security executive, said espionage was a very real risk at the G20, to be held in November next year

Cyber Attack Temporarily Shuts Down Will Courts Website (Oak Forest Patch) Luckily, the Will County website with court information remains intact, according to Sun-Times Media reports

Cyber Attack On Utilities Would be a 'Katrina-Like Disaster Affecting Affecting Cities for Days, Months' (Business Insider) The possibility of a cyber attack on U.S. infrastructure is a bigger risk than ever, as utility companies report a record amount of vulnerability probing from outside sources in recent months, according to Bloomberg. The attack on critical

Norwegian company names Indian firm for global cyber offensive? (Economic Times) A Norwegian cyber security firm has alleged that a sophisticated cyber attack infrastructure appears to originate from India, conducted by private actors with no evidence of state-sponsorship. Norman Shark, Norwegian firm, has also named an Indian company that is known to work with Indian military and intelligence as one of the possible suspects behind the attacks

China's hackers are still at it; Iran's are getting better (Foreign Policy) Not only is APT1, the Chinese-government hacking group made famous by Mandiant last February back at its old tricks, but other Chinese espionage outfits have been hacking away undeterred by the public naming and shaming of their colleagues…In the meantime, Mandiant has also seen a rise in Middle Eastern hackers, suspected of being Iranian, who appear to be honing their abilities to penetrate and stay in the networks of both governments and businesses

Hackers Find China Is Land of Opportunity (New York Times) Name a target anywhere in China, an official at a state-owned company boasted recently, and his crack staff will break into that persons computer, download the contents of the hard drive, record the keystrokes and monitor cellphone communications, too. Pitches like that, from a salesman for Nanjing Xhunter Software, were not uncommon at a crowded trade show this month that brought together Chinese law enforcement officials and entrepreneurs eager to win government contracts for police equipment

'The Chinese Are Not Going to Stop' (Threatpost) The news that the attack on Google in 2009 also compromised a database holding warrants for lawful intercept surveillance on users has raised fears about the security of national security data on private networks. Cyberspionage operations pose a serious threat to national security, and these attacks are increasing. Dennis Fisher spoke with Anup Ghosh of Invincea about the nature of the threat and what can be done to address it

Meet Zhang. He hacks for Beijing. (Global Post) Hacking may be a threat "akin to a nuclear bomb." But the Chinese behind most attacks see it as a dull office job. These days, any conversation about hacking and cyber warfare inevitably has to turn to China. The People's Republic is, by just about any measure, home to the world's most relentless, prolific and successful hackers in the world. More cyber-attack traffic comes from China than any other country: over 40 percent of the world total in the last quarter of 2012, according to a new report by Akamai Technologies (Disclosure: Paul Sagan, Akamai's executive vice chairman, is one of GlobalPost's investors)

Dragon at the Gates (SC Magazine) After 34 years studying Chinese and 27 years in the US military, retired Lt Col Bill Hagestad is careful to describe the middle kingdom's growing cyber capabilities not as a threat but a challenge

U.S. Power Grid Vulnerable to Attack by Iran,Congressional Report (Cyberwarzone) Several major U.S. utilities are under "constant" cyberattack and haven't taken precautions to protect critical systems from Iran, North Korea and other adversaries, according to a congressional survey of more than 100 companies accounting for much of the nation's power system

Iran's View of Cyberwarfare (Cyberwarzone) Although Iran has been the recipient of protracted waves of state-sponsored cyberattacks attempting to target Iran's civilian nuclear facilities, power grids, oil terminals and other industrial sectors, it has never taken countermeasures against the perpetrators of cyberattacks. Nor, contrary to the article's assertion, has Iran ever engaged in such attacks against its Persian Gulf neighbors, with which Iran has maintained good neighborly relations

Cyber Achilles Heal Afflicts Electric Sector (and other) Senior Leaders (Smart Grid Security) Just for fun, let's begin with a few quotes from an article in yesterday's Wall Street Journal of the mind-blower variety:Executives are disconnected from reality when it comes to IT and security.Top leaders seem particularly inclined to do things their IT departments warn against, such as opening email from unfamiliar senders, or clicking on links.During…simulated attacks, top executives are 25% more likely to click on the links that in a real attack could install malware

AusCERT 2013: Users, cats more likely hack culprits than cyber-espionage: Trustwave (CSO) Organisations convinced they have been the victims of state-sponsored cyberattacks may want to take a deep breath and look at their employees first, one security expert has advised during his address at the AusCERT 2013 security conference

Dissidents Fight Back as Governments Step Up Spyware Attacks (The Atlantic) One of the first times hackers tried to infiltrate Danny O'Brien through his email inbox, it was in the guise of a human-rights event invitation from what appeared to be a friend."It included a PDF, which, when clicked on, would log all your keystrokes, record audio, and download documents from your hard drive," said O'Brien, the international director of the Electronic Frontier Foundation, who has since found himself a repeat target of cyber attacks.Such "spear-phishing" attempts— which take

SAPS hack spells negligence (ITWeb) The SAPS needs to beef up its IT security measures following a breach that has compromised thousands of whistle-blowers. The SAPS needs to beef up its IT security measures following a breach that has compromised thousands of whistle-blowers. The hacking of the SA Police Service's (SAPS's) Web site, that has put thousands of lives in jeopardy, spells gross negligence and raises questions around the police's IT systems and security

Thousands of Whistle Blowers Vulnerable After Anonymous Hacks SAPS (Slashdot) First time accepted submitter fezzzz writes "Anonymous performed a data dump of hundreds of whistle blowers' private details in an attempt to show their unhappiness with the SAPS (South African Police Service) for the Marikana shooting. In so doing, the identities of nearly 16,000 South Africans who lodged a complaint with police on their website, provided tip-offs, or reported crimes are now publicly available."

Litigation, Investigation, and Enforcement

Sharyl Attkisson's computers compromised (Politico) Sharyl Attkisson, the Emmy-award winning CBS News investigative reporter, says that her personal and work computers have been compromised and are under investigation…UPDATE (Wed., 7:30 a.m.): The Justice Dept. now tells POLITICO that it is not responsible for the irregular activity: "To our knowledge, the Justice Department has never 'compromised' Ms. Atkisson's computers, or otherwise sought any information from or concerning any telephone, computer, or other media device she may own or use," Dean Boyd, a Justice Dept. spokesperson, told POLITICO on Tuesday night

Former Elgin deputy police chief charged with identity theft, misconduct (Chicago Tribune) A former high-ranking Elgin police officer and current Stockton police chief was indicted Tuesday on charges he used a law enforcement database to hack into an e-mail account and get personal information, according to Kane County prosecutors. Robert Beeter, 51, of Elgin, faces felony charges of identity theft and official misconduct, Kane County prosecutors said. He was arrested Tuesday afternoon and released after posting $2,500 bond, according to prosecutors.Beeter could not immediately

'Hacking' Journalists Case Dredges Up Security Research Legal Debates (Dark Reading) A legal storm is brewing between researchers who uncovered a cache of sensitive information about 170,000 consumers through a Google search and the company which left the information freely available online. It sounds like the typical disclosure scuffle that the security research community has come to expect as part of the territory, with the exposed firm threatening to ring up researchers for violating the Computer Fraud and Abuse Act. But this one comes with a twist: the researchers in this in

Network Insecurity: Losing Cyber Crime Battle (Cryptome) Richard McFeedy, of the F.B.I., is a former insurance adjuster from Union-ville, in eastern Pennsylyvania horse country. He has a friendly face, meatry hands, and a folksy speking style that does,t seem very F.B.I. like. "Call me Rick," he said, when I met him at his office, in Washington, coming around his wide desk and gesturing toward the soft fumiture in the front part of the room

Bradley Manning sympathetic star of WikiLeaks doc (ArmyTimes) Army Pfc. Bradley Manning, center, is escorted into a courthouse May 21 in Fort Meade, Md., before a pretrial military hearing. Manning, who is scheduled to face a court-martial beginning June 3, is accused of sending hundreds of thousands of

Reporting on national security isn't espionage (Arizona Republic) Or by the New York Times' James Risen and Eric Lichtblau, who revealed the National Security Agency's eavesdropping program. A federal "shield" law protecting reporters from having to divulge their sources means nothing if it includes an exception for

FBI now focus of public investigation: National Security 101 (Examiner) On Tuesday, May 21, 2013 the FBI once again sat down at a seat at the interrogation table, but it was the premier federal law enforcement agency being grilled this time around according to the National Public Radio. The Federal Bureau of Investigation, at the behest of the U.S. Justice Department, is alleged to have seized the phone records and emails of a Fox News reporter in 2009—along with phone records of his parents—through a warrant that is causing outrage among the press and public

Administration Thoughts on the James Rosen Furor (Lawfare) An administration national security official writes in with the following thoughts on the furor over the warrant application against James Rosen of Fox News

Design and Innovation

Who Is Satoshi Nakamoto, the Creator of Bitcoin? (Motherboard) Satoshi appeared seemingly out of nowhere in 2008 when he released a research paper on the Cryptography Mailing List, which laid the foundation for the Bitcoin protocol. He claimed to have been working on the idea for about two years, which, given the

The CyberWire Daily Briefing for 5.23.2013