The CyberWire Daily Briefing 01.28.13

Cyber Trends

Will your future work machine be a tablet? (Fierce CIO: TechWatch) Both Microsoft (NASDAQ: MSFT) and Apple (NASDAQ: AAPL) held calls on their last quarters' earnings this week, and various reports are filtering in with interesting nuggets of analysis and facts. For one, though the launch of Windows 8 did indeed generate an increase in sales, the 24 percent increase that it clocked starkly contrasts the much larger increases seen with the launch of Windows 7 (76 percent) or even the much-derided Windows Vista (65 percent) operating systems

7 Top Business Intelligence Trends For 2013 (InformationWeek) Short list of BI hot buttons includes dashboards, self-service, mobile, in-memory, cloud, collaboration and, of course, big data

Legislation, Policy and Regulation

Unlocking Your Mobile Phone Is No Longer Legal (Wired Threat Level) Mobile phones purchased beginning Saturday can no longer be legally unlocked by consumers to enable them to be used on competing networks

GitHub unblocked in China after former Google head slams its censorship (IT World) Access to software collaboration site GitHub appeared to be restored in China on Wednesday, just as former Google executive Kai-Fu lee criticized its blocking as a senseless move that would harm the nation's developers

Awareness is not enough, says EU Commissioner Kroes days before introducing EU Cybersecurity Strategy (Diplo News) The WEF affirmed that in the next 10 years there is a 10% likelihood of a major Critical Information Infrastructure breakdown with possible economic damages of over $250 billion. Incidents and attacks are on the rise. The big message was that cybersecurity is a matter that cannot be left to the technical people

John Kerry needs to get a clue (CSO) John Kerry, one of my senators and the next secretary of state, calls foreign hackers "21st Century Nuclear Weapons." For a man known for his nuanced language, the word choice is pretty reckless

Minister calls on City to attack cyber-crime (The Independent) The Cabinet Office minister Francis Maude is expected to launch a key part of his cyber-security strategy this week, as the Government attempts to protect big business and Whitehall from mounting digital attacks. Following a successful pilot project called Auburn, government and industry are poised to unveil what it describes as a "permanent information sharing environment"

Israeli Troops Swap Guns for Computers as Cyber Attacks Increase (Bloomberg) "Cyber has three dimensions: intelligence, defense and offense," said Amos…Check Point Software Technologies Ltd., the world's second- largest maker of

A second look at 'Aaron's Law' (CSO) The idea behind Aaron's Law connects with me on an emotional level. But when it comes to justice, we must use our heads instead of our hearts

Products, Services, and Solutions

Endace Doubles Network Recording Capacity And Introduces Streamlined Network Troubleshooting Workflow (Dark Reading) Version 5.1 of the EndaceProbe Operating Software now available

Facebook Blocks Yandex, the Google of Russia (Wired Business) Facebook has locked out a mobile app from Russian internet powerhouse Yandex. It's the latest examples of how social networks are increasingly hoarding their information and locking out potential competitors

Yes, that PC cleanup app you saw on TV at 3 a.m. is a waste (Ars Technica) Why these apps are awful and what you really need to do about your slow PC. Maybe you've seen the ads on the Internet or on TV in the wee hours of the morning. They make lofty promises: get rid of blue screens and error messages! Increase your speed! Clean up your system! But even when these PC cleanup apps aren't just malware in disguise, the things they're doing for your PC are often dubious. Many either replicate tasks that can be handled by built-in utilities or do things that could cause more problems than they solve

Create a secure browsing session on any Windows computer (Help Net Security) Making online purchases and secure internet browsing is safer and easier than ever with the launch of Kanguru's new Defender DualTrust, a new secure online access and encrypted USB storage device

GitHub's new search reveals passwords and private keys (Help Net Security) GitHub, the popular online source code repository, has unveiled on Wednesday a new search infrastructure that should help coders find specific code within the millions of the individual repositories

Cyber-security services: Identify, respond to and evaluate an attack (TechTarget) Sourcefire, a Columbia, Md.-based cyber-security provider recently launched Incident Response Professional Services, aimed at assisting enterprises with

Google Silent About Wireless Experiment (InformationWeek) Google has applied to the FCC for permission to test an experimental wireless system. Is Google about to offer mobile broadband

Fujitsu develops HTML-5-based smartphone platform to secure corporate data (Fierce Mobile IT) Japan's Fujitsu is developing an HTML-5-based smartphone platform designed to secure corporate data in a BYOD environment, according to a report by Computerworld. The system, developed by engineers at Fujitsu Laboratories, matches an app on the smartphone with a cloud-based server that delivers corporate apps like email, sales databases and customer contacts, all as HTML 5 applications

Technologies, Techniques, and Standards

The Three Worst Words In The English Language: Can't We Just? (Dark Reading) The road to poor identity and access management architecture is paved with "can't we justs." It's 2013: Find a way

3 Ways The Cloud Can Complement Virtualization (InformationWeek) Virtual infrastructures -- what vendors like to call internal clouds -- can benefit from the public cloud in ways beyond data backup

Even 'rogue' clouds can be secured, experts say (CSO) It takes multiple measures layered on top of public cloud services to lock down enterprise data, say security pros

Marketplace

Open source policy no guarantee governments will actually use open source (Fierce Government IT) The distance between government policy favoring open source technology and solicitations that don't actively discriminate against it can be great. That's the case found in a sample of 80 solicitations conducted by the Dutch government between January and June 2010. The Dutch government in December 2007 adopted an action plan meant to increase adoption of open source software and open standards in government agencies

Pentagon to create cyber attack wing (Sydney Morning Herald) The Pentagon has approved a major expansion of its cybersecurity force over the next several years, more than quadrupling its size to bolster the nation's ability to defend critical computer systems and conduct offensive computer operations

Pentagon to boost cyber security force (Reuters UK) The plan, which would increase both military and civilian staffing at U.S. Cyber Command, comes as the Pentagon moves toward elevating the new command and putting it on the same level as the major combatant commands. The official said no formal

US Cyber Command gets new teeth for online warfare (SlashGear) The US Cyber Command division, the Pentagon's cybersecurity team established to tackle a new age of digital threats, will be considerably expanded with new specialists in both offensive and defensive technologies, the Defense Department has confirmed

ComSec LLC Appoints Keesling Director of New Healthcare Cyber Defense Initiative (Pharmalive) Healthcare is entering a fight against an opponent that is already armed with advanced tools and techniques that have been field tested against the global financial giants for years. Healthcare data breaches are rapidly outpacing those of the financial services industry Low cybersecurity preparedness in the Healthcare Industry creates challenges for Asymmetric warfare planning ComSec Healthcare Assurance Options provides a preemptive counterespionage compliance plan for C-suite execsComSec LLC's President, J.D. LeaSure announced the appointment of healthcare industry veteran Tom Keesling to lead their newly established Healthcare Cyber Defense initiatives from its world headquarters in Virginia Beach, today

Lenovo Downplays RIM Acquisition Reports, Says It's Looking At M&A Opportunities In General (TechCrunch) Lenovo has denied reports that the company plans to buy Research In Motion, saying that it is instead looking at acquisition opportunities in general, reports Sina Tech (link via Google Translate)

SAIC Targeting Commercial Big Data Portfolio for Energy, Health Sectors (The New New Internet) Science Applications International Corp. has developed a new portfolio of products and services aimed at helping commercial organizations organize large amounts of data in real-time. SAIC intends for its Critical Insight Solutions portfolio to provide commercial entities similar offerings the company provides to U.S. government customers, the company said

Booz Allen Wins 3 SPAWAR Contracts Worth $95M (Govconwire) Booz Allen Hamilton (NYSE: BAH) has been awarded three contracts with a total value of over $95 million by the Space and Naval Warfare Systems Command, according to a company statement. "In today's budget environment, our clients, including the Navy, are looking at the cost of doing business," said David Karp, Booz Allen senior vice president. "We're helping the

Cyber Attacks, Threats, and Vulnerabilities

'Red October' Response Shows Importance Of Threat Indicators (Dark Reading) Researchers provide indicators of compromise for Red October that helps companies check for infections. When Kaspersky Lab published the initial report identifying the Red October cyberespionage campaign early last week, many companies likely searched the publication for ways to detect the malware in their own systems

Citizens Bank Hit By Possible Cyber Attack (CBS Local) Add Citizens Bank to the list of financial institutions whose online banking websites are tough to access, Citizens officials confirmed on Friday. "Our website has experienced temporary disruptions due to an unusually high volume

Big Bank Mules Target Small Bank Businesses (KrebsonSecurity) A $170,000 cyberheist last month against an Illinois nursing home provider starkly illustrates how large financial institutions are being leveraged to target security weaknesses at small to regional banks and credit unions. I have written about more than 80 organizations that were victims of cyberheists, and a few recurring themes have emerged from nearly all of these breaches. First, a majority of the victim organizations banked at smaller institutions

QassamCyberFighters PasteBin profile (Cyberwarzone) The group that got know for their attacks on the banks in the month December and January are still active on PasteBin. As their profile on Pastebin shows their latest post was posted on the 22nd of january. The profile contains a lot of Pastebins that have messages towards the banks and governments

Big U.S. Banks Unprepared for Growing Wave of Cyber Attacks (The Motley Fool) Distributed Denial of Service attacks. Better known as DDoS attacks. That's geek speak for the kind of cyber assault that hits a web server with so many requests for service that the site becomes unavailable for use by anyone else. Quite literally information overload…As investors, we need to know that the banks we own shares in are taking care of the people they depend on to stay in business. And if JPMorgan, Citi, B of A, or Wells Fargo can't give us proper peace of mind, we'll find some company that can

Anonymous hackers hijack US agency website (Computer Weekly) Hackers have embedded a video statement on the homepage of a US government agency in response to the death of digital activist Aaron Swartz[, who] hanged himself in his Brooklyn apartment. The statement - purportedly from hacktivist collective Anonymous - said Aaron Swartz had died because he "faced an impossible choice" and had been forced into "playing a game he could not win"

Cyber attack shuts down US Justice Department's website (Press TV) The hacker group Anonymous has briefly shut down a website belonging to the US Justice Department, following a warning by the Homeland Security about an imminent 9/11-style cyber attack. The Saturday attack by the group against the US Sentencing

Anonymous Releases 'Warhead' via #OpLastResort (McAfee) There has been a great explosion of chatter in the last day around Anonymous' "Operation Last Resort" (a.k.a. #OpLastResort). The entities behind the various "official" communications around this operation have a sense of humor that we must point out (especially because if you don't catch it, you will end up wiping your disk). In typical fashion with these events, some data suggests that the whole thing (or at least the leak) is a hoax. Regardless of what data resides in the leaked files, it is apparent that someone is having fun, via the embedded scripts in the USSC site. (See the Update section, below, for details on the Konami scripts.) Anonymous has infiltrated specific US government systems in response to the "killing" of Aaron Swartz

Hackers play Asteroids on US government websites (Naked Security) To have one website fall foul of Asteroid-loving hackers may be regarded as a misfortune; but to have two looks like carelessness

Expert Finds DOM-Based XSS Vulnerabilities on Kaspersky, Panda and AVG Sites (Softpedia) Web security analyst David Sopas from Portugal has identified DOM-based cross-site scripting (XSS) vulnerabilities on the websites of three world-renowned security solutions providers: Kaspersky Lab, Panda Security and AVG Technologies. Security firms often warn about the importance of properly secured websites. However, these days, websites are so complex that it's hard not to miss a few vulnerabilities

Cutwail botnet on spam rampage, delivers Cridex worm (Help Net Security) Since its inception some six years ago, the Cutwail / Pandex botnet experienced its fair share of setbacks, but it's still going strong. The main reason for its existence is to send out millions of

Alabama Department Homeland Security confirms 'cyber-intrusion' of state (al.com) A spokeswoman said the incident was still under criminal investigation. "The Alabama Department of Homeland Security acknowledges that there has been a cyber-intrusion of state government IT infrastructure. It is currently under criminal investigation

Blocking SSH to Limit Security Exposures (Internet Storm Center) If you look over the ISC diaries from the past few years, you will find a sizable number which discuss some vulnerabilty or another involving SSH. Recently, I have seen a number of security issues involving SSH that has caught my attention. The first two are the recent announcement of the Barracuda backdoor earlier this week, and that malware authors have been targeting Linux with backdoored SSH daemons meant to steal account credentials. The next didn't directly involve SSH, but does shine a light on the lax controls that many organizations have toward resources that should only be accessible inside the corporate network. That Google was able to index a significant number of HP printers seems to indicate that many organizations have been slow to limit the flow of data in and out of the network

New BYOD Threat: Email That Self-Destructs (InformationWeek) Employees who bring apps like Wickr to work could bypass enterprise security systems

Biggest challenge for BYOD is data security not phishing (Gomo news) Responding to a recent opinion piece from SpamTitan here, hospital professional, Trinity Shravner has written in to warn of the security dangers from BYOD, Trinty says, I agree that in 2013 that social media will be the platform of choice for phishing attacks, but I think one of the biggest BYOD challenges will be data security and device control. Trinity continues, We were really struggling with BYOD since we are a hospital and we have HIPAA security issues to deal with, and we are too small to get a large BYOD system

Facebook's Graph Search worries security experts (CSO) Post highlighting embarrassing things raises questions of user privacy with Graph Search, which Facebook users cannot opt out of

Employees put critical infrastructure security at risk (CSO) Sweeping change needed to boost critical infrastructure security handcuffed by lack of cooperation between IT, grid operations workers

NZ smartphone's 'highly vulnerable', says expert (MSN NZ News) NZ staff New Zealand is in the top ten countries most vulnerable to privacy exposure, according to a new report by Trend Micro. Cyber safety

Academia

Countering cyber threat: UGC, AICTE to introduce cyber security courses (Daily Bhaskar) In an attempt to minimise increasing incidents of cyber crimes in state and to raise awareness among the students, the University Grants Commission (UGC) and the All India Council for Technical Education (AICTE) have asked the technical colleges and universities to create and introduce cyber security courses as a part of the syllabus for undergraduate and post-graduate students. The move comes on the advice of the task force of the national security system. The force was set up by the cabinet committee on security and was mandated to review existing process, procedures and practices in the national security and to suggest measures to strengthen the security and to make students aware of such activities

UConn Offers Range of Resources to Promote Data Privacy and Security (UConn Advance) The University has also been named a Data Privacy Champion by the National Cyber Security Alliance for its efforts. One major initiative has been the launch

Litigation, Investigation, and Enforcement

Explaining the Kim Dotcom/Megaupload case (IT World) Confused about all the fuss around Kim Dotcom and Megaupload? Wondering what it's all about? Let us explain it so even mom will understand

Microsoft waived hearing in EU browser ballot antitrust case (Computer World) Microsoft waived its right to a hearing before European antitrust regulators to further answer charges that it failed to offer customers a browser choice screen, according to documents filed with the U.S. Securities and Exchange Commission (SEC). The company faces fines in the billions for the blunder. In a Jan. 24 filing with the SEC, Microsoft noted the ongoing investigation by the European Commission, the EU's antitrust arm, and gave a short status update of the case

Ortiz says suicide will not change handling of cases (Forensic Focus) U.S. Attorney Carmen Ortizs office doubled down in defense of its handling of the case against the late Aaron Swartz last night, but his loved ones say she needs to reflect on her official bullying, while legal experts said they believe the Internet activists suicide while facing cyber-theft charges could haunt Ortizs career and change the way her office prosecutes cases. Ortizs spokeswoman, Christina DiIorio-Sterling, said last night the Swartz case wont affect the offices handling of other cases. Absolutely not, she said

Not-so anonymous Anonymouses head off to prison over PayPal DDoS (Naked Security) Four young Englishmen who went on an Anonymous rampage back in 2010 weren't as anonymous as they might have hoped. They were traced, identified and arrested…now two of them are on their not-so-anonymous way to prison

Zero-Day Exploits (Air Force General Counsel) Homeland Security has recently issued a warning for all users to disable their Java plug-ins in their browsers. This warning was spurred on by the discovery of a Java zero-day exploit that puts 850 million computers at risk of malware attacks. Although terrifying, this is just one example of how zero-day exploits are changing the face of cyber warfare

Bullied Cork Teens Died from Suicide (Evening Echo) TWO Cork teenagers who were subjected to online bullying have died by suicide in the past six months. In both instances, the bullying took place on social networking sites over a number of months

Design and Innovation

In Big Tech, Bet on Companies That Seek a 'Better Way' (Wired Business) Consumer internet companies are notorious for selling us something we don't really need, whether it's Foursquare telling us to check in to the restaurants and shops we enter, or Facebook encouraging us to share every detail of our lives. It's a different story in the enterprise. In the last year we've seen that the most successful business-to-business companies, and the ones that gain the most loyal followings, started when a genuine problem began plaguing their founders

With $1 Trillion at Stake, Enterprise Technology Gets Its Star Turn (Wired Business) But here's why you should care about the latest enterprise software or services outfit knocking on your company's door. Every 10 to 15 years the enterprise market goes through an upheaval where the next generation of technology replaces the old. We're in the early stages of one of those big displacements right now, where huge companies are brought to their knees, and new giants are born

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

Data Privacy Day (Various locations, January 28, 2013) The National Cyber Security Alliance (NCSA), a non-profit public-private partnership focused on helping all digital citizens stay safer and more secure online, and official coordinator of Data Privacy Day (DPD), is collaborating with many educational institutions, corporations, government and non-profit organizations across the world to make Data Privacy Day on January 28th a success. Data Privacy Day is an international day of awareness to educate everyone to respect privacy and safeguard personal information.

North American ICS & SCADA Summit (Lake Buena Vista, Florida, USA, February 6 - 15, 2013) The Summit brings together the program managers, control systems engineers, IT security professionals and critical infrastructure protection specialists from asset owning and operating organizations along with control systems and security vendors who have innovative solutions for improving security. Along with government and research leaders, they are coming together to learn and discuss the newest and most challenging cyber security risks to control systems and the most effective defenses.

ATMiA US Conference 2013 (Scottsdale, Arizona, US, February 19 - 21, 2013) A conference devoted to the design of ATMs, and the future of the ATM industry.

#BSidesBOS (Cambridge, Massachusetts, USA, February 23, 2013) Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of space and time. It creates opportunities for individuals to both present and participate in an intimate atmosphere that encourages collaboration. It is an intense event with discussions, demos, and interaction from participants. It is where conversations for the next-big-thing are happening..

RSA USA 2013 (San Francisco, California, USA, February 25 - March 1, 2013) RSA Conference continually evolves program offerings to meet the ever-changing needs of our delegates in the dynamic infosec industry.

Nullcon Goa 2013 (Bogmallo Beach Resort, Goa, India, February 26 - March 2, 2013) An international information security conference that will feature speakers and training. Topics include security and politics, vulnerability elimination, Android hacking, SCADA and smart grid penetration testing, and more.

NRO Winter Way Forward Conference (Chantilly, Virginia, USA, February 28, 2013) This annual event will provide an increased awareness, understanding and support among the IT workforce by focusing on the NRO IT Way-Forward in terms of the NRO IT Sub-Portfolio Roadmaps. Exhibitors will gain valuable networking time with conference attendees and all NRO personnel.

TechMentor Orlando 2013 (Orland, Florida, USA, March 4 - 8, 2013) Celebrating 15 years of educational events for the IT community, TechMentor is returning to Orlando, Florida, March 4-8, for 5 days of information-packed sessions and workshops. Surrounded by your fellow IT professionals, you will receive immediately usable education that will keep you relevant in the workforce. TechMentor track topics include:Windows PowerShell and AutomationCisco and Networking Infrastructure Windows Server Management Windows Client Management Cloud and Virtualization Identity, Access Management and Security Performance Tuning and Troubleshooting Mobility and BYOD Messaging and Collaboration.

IHS CERAWeek 2013 (Houston, Texas, USA, March 4 - 8, 2013) IHS CERAWeek 2013 will offer new insight on the energy future -- and on the strategic and investment responses by producers, consumers and policy-makers. What are the changes ahead in the competitive landscape for oil, natural gas, coal, renewables, and nuclear power? How will the global unconventional oil and gas revolution change the game for all energy participants? What will be the fuel and technology choices of the future. Michael Hayden will deliver the keynote. While primarily concerned with the energy sector, the conference may also be of interest to the cyber security industry.

Business Insurance Risk Management Summit (New York City, New York, USA, March 5 - 6, 2013) The annual Risk Management Summit, now in it its fourth year, provides attendees with focused insight via specific, timely general sessions and strategic, thought-provoking discussions with peers and industry leaders.

CanSecWest 2013 (Vancouver, British Columbia, Canada, March 6 - 8, 2013) CanSecWest, the world's most advanced conference focusing on applied digital security, is about bringing the industry luminaries together in a relaxed environment which promotes collaboration and social networking. The conference lasts for three days and features a single track of thought provoking presentations, each prepared by an experienced professional and talented educator who is at the cutting edge of his or her field. We give preference to new and innovative material, highlighting important, emergent technologies, techniques, or best industry practices. It will feature a bigger, enhanced Pwn2own.

e-Crime Congress 2013 (London, England, March 12 - 13, 2013) The e-Crime Congress is designed to meet the needs of key stakeholders and decision makers who are responsible for designing and coordinating information security and risk management strategy, safeguarding digital assets and sensitive information, protecting customers, defending against internal or external threats and responding to incidents.

CTIN Digital Forensics Conference (Seattle, Washington, USA, March 13 - 15, 2013) Speakers include experts and published authors in the field of digital forensics and cybersecurity. Topics include; Mobile Device Forensics, Internet Forensics, Physical Memory Analysis, Open Source Tools, Data Carving, Registry Forensics, Placing the Suspect Behind the Keyboard, Triage and Live Forensics CDs, and more.

Google and University of Maryland Cybersecurity Seminar (College Park, Maryland, USA, March 14, 2013) Dr. Ari Juels, Chief Scientist of RSA, The Security Division of EMC, and Director of RSA Laboratories, will discuss "Aggregation and Distribution in Cloud Security." His talk will feature information on cloud computing and virtualization, a key supporting technology. Cloud computing offers flexibility and agility in the placement of resources. Certain risks, however, arise from cloud services' tendency to aggregate sensitive data and workloads. He will discuss side-channel attacks resulting from the co-location of disparate tenants' virtual machines (VMs) on hosts and the vulnerabilities posed by databases aggregating the authentication secrets, e.g., password hashes, of numerous users. Conversely, cloud computing offers new opportunities to distribute data. Dr. Juels will also describe a new, research-driven RSA product that splits sensitive data across systems or organizations, removing the single points of compromise that otherwise naturally arise in cloud services.