The CyberWire Daily Briefing 10.02.13

Summary

By The CyberWire Staff

The retiring US Forces Korea commander's valediction warns of North Korea's cyber threat.

Softpedia reports that an unnamed company has sustained a 100 Gbps denial-of-service attack. Whoever conducted it used no amplification, which means the attackers had plenty of bandwidth.

More attacks exploit the IE bug Operation Deputy Dog used last month.

Phishing is much on people's minds today, as the familiar "Microsoft support" bogus calls return and other attackers use a bogus T-Mobile MMS message. Facebook's Graph Search may prove an interesting tool, but it also creates what CIO calls a "phishing wonderland." ICS managers are again warned of the threat to SCADA systems phishing presents.

Some analysts think that enterprise attack surfaces are contracting, but others (including Chertoff Group experts) call major companies' cyber security "appalling."

Defense wonks worry that Britain's MoD is about to prompt a "cyber arms race" and call for arms control, but this seems to overlook the cyber arms races—and cyber wars, false flags and all—that have been on-going for some years. See, for example, Estonia's experience of being on the receiving end of cyber aggression.

Medical device manufacturers and users express increasing concern over vulnerabilities to hacking.

The US Government has "shut down," but details of what this means in practice remain unclear. We do know that our friends at the Defense Cyber Crime Center (DC3) are still tweeting. We don't know whether they're on the job or whether they queued the tweets up Monday, but in either case, bravo DC3.

Notes.

Today's issue includes events affecting Canada, Estonia, European Union, Germany, Ireland, Demoncratic People's Republic of Korea, Republic of Korea, Russia, United Kingdom, and United States..

Selected Reading

Cyber Trends

Zero–days are not the bugs you're looking for (Threatpost) The technology industry often is used by politicians, executives and others as an example of how to adapt quickly and shift gears in the face of disruptive changes. But the security community has been doing defense in basically the same way for several decades now, despite the fact that the threat landscape has changed dramatically

Splunk 2013: Top enterprise cyber security 'appalling' — former NSA CIO/CTO (Computing) Former National Security Agency (NSA) CIO and CTO Dr Prescott Winter believes that many large organisations don't know what they're doing when it comes to cyber security and as a result defences against hackers and cyber attacks are "appalling"

MoD defence force could spark "cyber arms race" (PCR) The UK Government's new Ministry of Defence cyber reserve unit could actually increase risks to internet systems and cause a "cyber arms race", says Kaspersky Lab. The department will recruit hundreds of computer experts as 'cyber reservists'. They will work alongside regular forces to protect critical computer networks, safeguard data, build cyber defences and protect the UK's national security

Cyberattack Attribution Requires Mix Of Data, Intelligence Sources As False Flag Operations Proliferate (Dark Reading) A new report from FireEye outlines some clues that can be used to identify the source of a targeted attack, but false flags make attribution difficult. Even as security pros get better at tracing attacks, proper attribution in the world of cyberwar remains a tricky business. So while a new report from FireEye outlines how certain tactics can serve as fingerprints that tie individual targeted attacks to others from a given region of the world, it does so with a huge caveat: False flag operations are commonplace

Estonia: To Black Out an Entire Country — part one (Infosec Institute) The cyber-attacks that befell Estonia in 2007 is a case much discussed and underrated at the same time. Many tend to ignore the eloquent fact that this incident represents the first time when an entire country's information defense systems and resources were put to the test. Moreover, according to the rumors, Estonia was attacked by foreign entities, which under some circumstances may qualify this little cyber-offensive as a use of force, or even an armed attack, pursuant to UN Charter

FireEye reports world's cyber security to change in near future (ARN) Global network security company, FireEye, has released a report titled World War C: Understanding Nation-State Motives Behind Today's Advanced Cyber Attacks which describes the international and local characteristics of cyber attack campaigns waged by governments worldwide. FireEye provides automated threat forensics and dynamic malware protection against advanced cyber threats. According to the company's website, the FireEye platform provides real-time, dynamic threat protection without the use of signatures to protect an organisation across the primary threat vectors, including Web, email, and files and across the different stages of an attack life cycle. "Cyber weapons are being used as an advantage in real-world conflict,' FireEye senior global threat analyst, Kenneth Geers, said. "Regions have their own set of cyber weapons, which they will use to their advantage when it comes to a conflict or to help their allies"

Keeping every body safe: Medical devices (SC Magazine) As Wirth points out, there are two main scenarios of medical equipment breach: One is the potential "targeted attack" on a pacemaker or an insulin pump, for example (like in the Homeland episode), with the goal ostensibly to do harm to the patient using the device. The second, and much more prevalent issue is the infection or intrusion on medical equipment, which are commonly run in a hospital on operating systems like Java and Windows. The personal medical device attack, which has been demonstrated several times at conferences and clearly "could literally kill someone," according to Wirth, has yet to happen in the wild. But the issue of malware on standard software devices in health care has been growing significantly in recent years, say industry observers

Lax medical device security could endanger patient lives, warns Deloitte (FierceITSecurity) Some hospitals have no plan to secure their networked medical devices, survey finds

ECRI Institute Tackles Medical Device Cybersecurity (Infection Control Today) Healthcare organizations and medical device manufacturers are increasingly concerned about protecting their medical devices and associated networks from cyber-attacks. Recent high-profile articles and alerts from the Department of Homeland Security's Industrial Control Systems-Cyber Emergency Response Team (ICS-CERT) and the Food and Drug Administration (FDA) has put medical device security in the hot seat

Pregnancy apps face scrutiny over privacy concerns (FierceMobileHealthcare) BabyCenter.com, a website owned by Johnson & Johnson that offers a free mobile pregnancy app, was named last week by the Senate Commerce Committee as one of 12 companies it contacted to assist with its ongoing investigation of data brokers and their collection of health information for use in advertising

Phishing: A Look Into the E–Crime Landscape (CircleID) At the recent Anti-Phishing Working Group meeting in San Francisco, Rod Rasmussen and I published our latest APWG Global Phishing Survey. Phishing is a distinct kind of e-crime, one that's possible to measure and analyze in depth. Our report is a look at how criminals act and react, and what the implications are for the domain name industry

Why phishing continues to trigger cyberattacks (USA Today) As we mark the 10th annual National Cyber Security Awareness, the most common — and effective — cyberattack method is spear phishing. Some 92 percent of targeted attacks in 2012 started with spear phishing, according to research by Trend Micro

ThreatVlog Episode 7: Phishing schemes are on the rise (Webroot ThreatVlog) In this edition of the Webroot ThreatVlog, Grayson Milbourne talks about the rise of digital phisihing schemes on the internet and how they affect the victims. He then unveils a brand new product from Webroot that is designed to keep users protected from websites that are malicious in nature that could be trying to capture credit card and other personal information

Take control of IT to reduce cyber–crime vulnerability (Control Engineering) With the ever-present integration of the Internet into day-to-day aspects of our lives, cyber-attacks are becoming all too common. Organisations need to act now to protect themselves, says Paul Gogarty, Cyber Security, Oil & Gas at ABB UK. There have been several high-profile cases where cyber-attacks have led to security breaches affecting large organisations and in some cases even Government organisations. It comes as no surprise that in the past 10 years, as the reach of the Internet has expanded, the level of threats to individuals and organisations from cyber-attacks has increased significantly. This increase has been so sharp in its development that governments and organisations have joined forces in an effort to increase resilience against attacks and to mitigate the risks cyber-attacks pose to our economies

Over 50% don't protect their Android devices (Help Net Security) Over 50 percent of Android-based smartphone and tablet owners do not use any security software to protect their devices against cyber-threats, according to Kaspersky Lab

Beware the little brother of surveillance — your employer (Guardian) While state snooping has hit the headlines, the worrying levels of employer surveillance of workers is perhaps a greater threat

Legislation, Policy and Regulation

Former Obama official: Domestic spying 'inconsistent with the values of this country' (Washington Post) Chris Finan is a former Obama administration official who has come to have serious doubts about the National Security Agency's role in domestic surveillance and cybersecurity efforts. In the past, policymakers looked to the NSA for its unparalleled expertise in cryptography and computer security. But Finan argues that rapid improvement in private-sector cybersecurity expertise has made dependence on the NSA unnecessary and, especially in the wake of Edward Snowden's revelations, potentially dangerous. He argues that domestic counterterrorism efforts should depend more on civilian agencies and the private sector, not military agencies such as the NSA

Think tankers call for more transparency of NSA's metadata monopoly (UPI) Three national security experts agree that changes to the NSA's database system are necessary to reassure Americans that their Fourth Amendment rights will not be violated

Can a new round of NSA transparency bills make it through Congress? (The Verge) In July, the US House of Representatives came within 12 votes of defunding NSA surveillance in a sweeping amendment vote that caught much of Washington by surprise. It was a broad stroke, designed more as a statement than sustainable legislation, but it sent a clear message: Congress is ready to take on the NSA. Or at least they're ready to talk about it

The Chilling Effect of the NSA Surveillance Leaks (Threatpost) In this city, one of the great world capitals, history is never far away. It permeates every aspect of daily life, and the German people are quite proud of much of that history. But there were dark days here too, and not so long ago, when the Stasi, the East German secret police, operated a

What Can Germans Teach Us About Privacy? (Atlantic) Asking delicate questions in Berlin, the capital of personal data protection

'Would Be Nice to Have a Similar Shutdown in Russia' (Atlantic) Foreigners react to news of America's broken-down government

California governor inks laws that expand privacy protections (FierceITSecurity) Data breach notification law amendment expands definition of protected personal information

Alan Lynn Succeeds David Simpson as DISA Vice Director (ExecutiveBiz) Maj. Gen. Alan Lynn, former commanding general of the Army network enterprise technology command, has succeeded Navy Rear Adm. David Simpson as the Defense Information Systems Agency's vice director

FPC gives banks a year to create cyber attack plan (Telegraph) Britain's banks have been instructed to strengthen their defences against the "growing" threat of cyber attacks

European Parliament Names Edward Snowden a Finalist for the 2013 Sakharov Prize (eNews Park Forest) The European Parliament (EP) has named former National Security Agency (NSA) contractor Edward Snowden a 2013 finalist for its prestigious international human rights award, the Sakharov Prize for Freedom of Thought

Products, Services, and Solutions

When Your DDoS Defense Service Fails (Dark Reading) A startup founded by a DDoS defense pioneer has launched a new service that acts as a backup to your existing DDoS prevention service. Distributed denial-of-service (DDoS) attacks have changed dramatically in the past decade since Barrett Lyon, who helped establish the DDoS mitigation market, and other security experts fought mainly extortionist attackers holding machines for ransom. Lyon, founder and CTO of a new startup called Defense.net, says his firm is filling a new requirement for "reinsurance" in DDoS defenses in the face of more powerful and pervasive attacks

CloudPassage CEO Wants to Automate Cloud Security (eSecurity Planet) When it comes to cloud security, control is the key, says the CEO of CloudPassage. CloudPassage is one of a number of different companies in the market today vying to help enterprises securely use the cloud. The company, led by RSA veteran Carson Sweet, has raised $29 million in

Portable USB drive fixes malware–crippled machines (Help Net Security) Malwarebytes launched Techbench, a tool to help IT workers fix and restore even the most malware-infected computers. The 16GB USB simply needs to be plugged into the infected computer, before it automatically scans and removes even the most advanced Trojans, spyware, worms and other malicious software

AIT Offers Discount on Security Scans in Support of National Cyber Security Awareness Month (PRWeb) Advanced Internet Technologies, a Fayetteville, N.C.-based Web-hosting firm, recognizes the importance of protecting its customers and raising awareness of potential security threats and supports National Cyber Security Awareness Month. October marks the 10th Anniversary of National Cyber Security Awareness Month and for this observance, AIT is offering a 50% discount on Security Scans for new customers, current customers and resellers

ThreatTrack Security Senior Leadership to Demonstrate its ThreatAnalyzer APT Defense at Virus Bulletin Conference (Digital Journal) ThreatTrack Security's CEO, Julian Waits, Sr., and Executive Vice President of Engineering and Products, Dipto Chakravarty, will demonstrate the company's latest version of ThreatAnalyzer, a dynamic malware analysis solution that defends organizations against Advanced Persistent Threats (APTs) and custom-targeted attacks, at this week's VB2013 - Berlin in Berlin, Germany

Microsoft's Azure Cloud Platform Gains FedRAMP Board OK (ExecutiveBiz) Microsoft has secured approval from a federal government body to offer Windows Azure for agencies to build and manage applications in a cloud computing infrastructure

Aruba Boosts Partners' Managed Services Play With Cloud Wi–Fi Platform (CRN) Aruba Networks has expanded its wireless lineup to include new access points and a cloud-based management platform that lets solution providers manage customers' wireless infrastructures as a service

Bitdefender revamps partner program (ARN) Bitdefender is overhauling its channel program, Partner Advantage Network, to include new features and benefits, as well as partner support and tools

Technologies, Techniques, and Standards

Senior Cryptographers Move away from NIST Algorithms (InfoSecurity Magazine) 'Do not trust proprietary cryptography — stick to peer–reviewed international standards' has long been standard security advice. Perhaps no longer, as the cryptographers at Silent Circle move on, or away, from National Institute of Standards and Technology algorithms

5 Reasons Every Company Should Have A Honeypot (Dark Reading) In January 1991, a group of Dutch hackers attempted to break into a system at Bell Labs, only to be directed into a digital sandbox administered by one of the research groups at AT&T. In an account of the five-month incident involving one of the first computer honeypots, Bill Cheswick echoed a complaint of the systems frequently made since the incident: "How much effort was this jerk worth? It was fun to lead him on, but what's the point?" Yet, increasingly, companies are seeing a point

New standard claims to alleviate cloud security concerns (CIO) STAR Certification provides greater understanding of security controls. The Cloud Security Alliance (CSA) and BSI have launched a technology-neutral certification they claim provides an additional layer of transparency around security controls used by cloud service providers

Protect Your Identity: Don't Get Phished! (Better Business Bureau) It's Cyber Security Awareness Month. Do you know how to protect your identity online? "Phishing" — the act of targeting victims via email in the hopes of spreading viruses and gathering personal information – can happen to anyone. Cybercriminals have become quite savvy in their attempts to lure people into clicking on links or opening phony email attachments. Online phishing attacks can not only spread computer viruses, but they can pose a significant risk for identity theft

What the heck is going on with NIST's cryptographic standard, SHA-3? (Center for Democracy and Technology) The cryptographic community has been deeply shaken since revelations earlier this month that the National Security Agency (NSA) has been using a number of underhanded methods – stealing encryption keys, subverting standards setting processes, planting backdoors in products – to undermine much of the encryption used online. This includes crucial pieces of e-commerce like HTTPS (SSL/TLS) and Virtual Private Networks (VPN) that we use each day to purchase things online, to socialize in private, and that businesses use to communicate confidential and proprietary information

Geo–tag Forensics (Forensic Focus) A geo–tagged image is an image which holds geographical identification metadata. This data consists of latitude and longitude co-ordinates (sometimes altitude also). Though there are some extremely powerful tools available for extracting geo-tag information from geo–tagged images but the insight knowledge of how a tool actually works and gets the data for us is always a plus

From iPhone to Access Point (Forensic Focus) A wireless Access Point (AP) is a device that allows wireless devices to connect to internet using Wi-Fi. With the remarkable increase in number of wireless devices the number of APs has also increased drastically to serve the Wi-Fi needs of these devices. We have APs at home, offices, airports, public hotspots. Any clue about the AP a device connected to could be an important piece of information for law enforcement or examiners. When a device connects to an AP it leaves evidence behind. This article is geared towards analyzing a file in iPhone that contains vital information about the Wi-Fi AP to which the device got connected

Streamlining Digital Forensics through Google Glass Eyes (Forensic Focus) The world of digital forensics involves the use of a very diverse array of tools, some highly specialized and technical and others pretty simple, as we all know, and these tools are constantly evolving as the digital landscape itself changes and becomes more complex (and more defensive if we're also talking about those who try to cause harm or conceal their digital footprints). One of the latest of these tools to enter the market and become useful to analysts, educators and students of the computer forensics industry has been none other than the now famous Google Glass

Marketplace

Why is NASA.gov shut down while CIA.gov is still open? (Quartz) As some US government websites have gone dark during the shutdown, others remain up, and some are up but have notices saying they're not being updated. It seems like there's no rhyme or reason to these decisions. So what's the deal

Most Federal National Security IT Considerd 'Essential,' Industry Official Says (Nextgov) Information technology programs that support national security, homeland security and law enforcement will be deemed essential during the government shutdown, a top executive of an industry trade group predicted. Even with a shutdown, the government needs to protect and operate its networks, and federal workers who maintain those systems will stay on their jobs, said Trey Hodgkins, TechAmerica's senior vice president of global public policy

NSA, intelligence workers 'stretched to limit' by shutdown, official says (CNET) The Director of Public Affairs for National Intelligence speaks of "greater risk" as civilian workers get sent home on furlough because of the budget impasse and resulting government shutdown

U.S. spy agencies face big layoffs in government shutdown (Reuters) More than 70 percent of the civilians working for U.S. spy agencies have been deemed "non-essential" employees and face temporary layoffs due to the government shutdown that began on Tuesday, three officials familiar with the matter said

Shutdown to Freeze DoD Contracting (DoD Buzz) A government shutdown would bring virtually all new contracting to an abrupt halt — stalling or stopping critical acquisition activities for the Department of Defense, Pentagon officials told

Contractors may struggle under burden of shutdown (FierceGovernmentIT) Many companies that cannot perform their federal contract work during the government shutdown will still have to pay their employees, which could be a challenge with their government revenue cut off. Contractors retain employees who can't work during the shutdown because once it ends, "you have to have the people available to start work again immediately," said Trey Hodgkins, a senior vice president at the trade association TechAmerica. "The company is faced with having to pay these people even if they have nowhere to go to do the work." They can't simply furlough their employees the way federal agencies can, for legal reasons

General Dynamics Awarded U.S. Navy SSC Atlantic Integrated Cyber Operations Pillar Contract (Wall Street Journal) General Dynamics (NYSE: GD) is one of 13 companies awarded the Integrated Cyber Operations (ICO) Services Multiple Award Pillar contract by the Space and Naval Warfare Systems Center (SSC) Atlantic. The indefinite delivery, indefinite quantity contract has a potential value of $900 million over five years to all 13 awardees if all options are exercised

Allot Communications Receives Multimillion Dollar Order from Major U.S. Based Cloud Provider (MarketWatch) Allot Service Gateway to be used to Monitor and Guarantee SLAs for Cloud-Based Services

Experian To Acquire Device Identification Leader 41st Parameter (Dark Reading) 41st Parameter will strengthen Experian's global Web fraud detection and risk-based identity authentication capabilities

Cisco, Fortinet, Juniper lead explosive MidEast, Africa security market (FierceITSecurity) Regional security appliance market grows 13.8 percent in the second quarter

Cyber–security firm Mandiant opens Dublin office to target EMEA (Siliconrepublic.com) Mandiant founder and CEO Kevin Mandia pictured in Dublin today as the company officially opened its Dublin office. Image via Jason Clarke Photography

Cigital nets $50M investment from LLR Partners (Help Net Security) Cigital announced the completion of a $50M equity investment by LLR Partners that will support Cigital as it continues its growth in existing markets, penetrates new verticals and expands geographically. Cigital helps customers design, build and maintain secure software applications through a range of services and solutions, including consulting, training, security analysis products and cloud-based services. The company specializes in software security for financial services, insurance, technology, healthcare and telecom enterprises worldwide

Microsoft's Former Privacy Officer No Longer Trusts Microsoft (InfoSecurity Magazine) Speaking at a privacy conference in Lausanne, Switzerland, earlier this week, the privacy officer who left Microsoft two years ago says he no longer trusts the company

Research and Development

Verimatrix and Cryptography Research Highlight Benefits of Integrated Software and Hardware Security Cores to Address Shifting Video Piracy Threat (MarketWatch) Verimatrix, the specialist in securing and enhancing revenue for multi-network, multi-screen digital TV services around the globe, today announced the availability of a new white paper titled "Integrated Software and Hardware Security: The Next Step in Set-top Box Content and Revenue Protection." Written in conjunction with Cryptography Research, Inc. (CRI), a division of Rambus, a part of an ongoing series of white papers on cardless security for video service deployments, this paper focuses on the latest advancements of software security clients that are integrated with hardware security cores in set-top box (STB) chipsets

Security Patches, Mitigations, and Software Updates

IE zero–day attacks to ramp up: Metasploit releases module (Network World) Metasploit released a module for the IE zero-day vulnerability that has been exploited in the wild for the last three months, since at least July 1

Cyber Attacks, Threats, and Vulnerabilities

US worried about NKorea's cyber, missile threats (WISTV) South Korea's military needs to improve its missile defense and cyber capabilities to better defend against persistent threats from Pyongyang, the commander of U.S. forces in Korea said Tuesday. Gen. James Thurman, who will leave his command Wednesday and retire, offered a sobering assessment of North Korea's continued drive to become a nuclear power and expressed disappointment in its young leader, Kim Jong Un

Bugs Found in Canada's New Department of National Defense Headquarters (Softpedia) Electronic eavesdropping devices have been uncovered in the complex where Canada's Department of National Defense is planning to move its headquarters. The campus used to belong to Nortel, the major telecoms company that filed for bankruptcy in 2009

Company Hit by Massive 100 Gbps DDOS Attack, No Amplification Used (Softpedia) An unnamed company has been hit by a distributed denial–of–service (DDOS) attack that peaked at 100 Gbps. What's interesting about this attack is that the cybercriminals had the 100 Gb bandwidth at their disposal, so they didn't have to use any amplification techniques

Three New Attacks Using IE Zero–Day Exploit (Threatpost) Attackers are continuing to pile on a critical Internet Explorer zero day that remains unpatched two weeks after it was reported. During the last two weeks, it appears that at least three separate targeted attack campaigns have been using the same bug previously used by Operation Deputy Dog, a campaign that wound up compromising Japanese media outlets and tech systems in the middle of September

Simple CIL Opcode Execution in PowerShell using the DynamicMethod Class and Delegates (Exploit Monday) It is possible to assemble .NET methods with CIL opcodes (i.e. .NET bytecode) in PowerShell in only a few lines of code using dynamic methods and delegates

"microsoft support" calls – now with ransomware (Internet Storm Center) Most of us are familiar with the "microsoft support" call. A phone call is received, the person states they are from "microsoft support" and they have been alerted that your machine is infected. The person will assist you by having you install a remote desktop tool such as teamviewer or similar (we have seen many different versions)

'T–Mobile MMS message has arrived' themed emails lead to malware (Webroot Threat Blog) A circulating malicious spam campaign attempts to trick T–Mobile customers into thinking that they've received a password-protected MMS. However, once gullible and socially engineered users execute the malicious attachment, they automatically compromise the confidentiality and integrity of their PCs, allowing the cybercriminals behind the campaign to gain complete control of their PCs

Facebook's new Graph Search features create phishing wonderland (CIO) Feature's search results now incorporate wealth of extra information

R.T. Jones Capital Equities Management Admits Security Breach (eSecurity Planet) Clients' names, Social Security numbers, e-mail addresses, account numbers and birthdates may have been accessed

Government Can Shut Down, But Cyber–Attackers Won't (ThreatTrack Security) By now you've heard that the federal government shut down at midnight, Oct. 1, because of a budget stalemate in Congress, marking the first time the federal government has shut down in nearly 18 years. Politics aside, the closure could have repercussions not only for the 800,000 federal employees temporarily out of work, but also for any business, organization or agency with a cybersecurity structure

Your Digital Trail, And How It Can Be Used Against You (NPR) While the collection of private information by the National Security Agency is under scrutiny worldwide, a remarkable amount of your digital trail is also available to local law enforcement officers, IRS investigators, the FBI and private attorneys. And in some cases, it can be used against you

Academia

Researchers from Singapore help fortify iOS platform (ComputerWorld) Researchers from Singapore identified three security vulnerabilities in Apple's iOS platform between June to October last year which were then fixed by the computing giant in the latest version of its operating system, the iOS 7. Singapore Management University's (SMU) School of Information Systems and the Infocomm Security Department at Institute for Infocomm Research (I2R), a unit of the Singapore government A*STAR, said their researchers unveiled a generic attack vector that enables third-party applications to launch attacks on non-jailbroken iOS devices

Savvy Cyber Kids Receives Boots–on–the-Ground Cyber Security Education Support in Local Communities Through Booz Allen Hamilton Partnership (CSR Wire) Children today are exposed to connected technology, such as iPhones, Android tablets, and other computing technology, before they can walk. Savvy Cyber Kids, a nonprofit dedicated to teaching our youngest learners Internet safety before they go online, today announced a partnership with Booz Allen Hamilton to provide cyber security awareness programs to pre-k through lower elementary school students in communities across the United States

Litigation, Investigation, and Enforcement

How a Purse Snatching Led to the Legal Justification for NSA Domestic Spying (Wired) It began as an ordinary purse snatching. The court wrangling that followed set the binding precedent for what we now call metadata surveillance. In particular, it's the keystone of the National Security Agency's bulk collection of U.S. telephone data, in

Yahoo concerned that release of redacted FISA papers may mislead (PC World) Yahoo has asked that it be allowed to review declassified documents of a secret court about a dispute over data collection between the Internet company and the government, as the release of the redacted documents could mislead the public

NSA snooping scorecard: Nacchio, Mainway and Microsoft (FierceITSecurity) It certainly has been an interesting few weeks when it comes to National Security Agency snooping news. Perhaps the most surprising was an allegation by ex-con and ex-Qwest CEO Joseph Nacchio that the U.S. government put him behind bars, not for insider trading, but because he refused to turnover customer phone records to the NSA

Operation Tuleta: Ex–Sun reporter first to be charged in computer hacker inquiry (Naked Security) Ben Ashford, former journalist at Rupert Murdoch's The Sun newspaper is the first person to be charged under Operation Tuleta, a Metropolitan Police investigation that is being run alongside inquiries into alleged corrupt payments to public officials, computer hacking and other privacy breaches

Canada: Search For Solutions To Cyber-Bullying Continues (Mondaq) Cyber-bullying grabbed headlines across Canada again this year, triggering Nova Scotia to pass a special law aimed at stamping it out in schools. As schools and school boards prep for the coming school year, this article cites resources you can look to for guidance when dealing with this issue and also lets you know about one town in the US which passed a bylaw making parents liable for children's bullying

Design and Innovation

What enterprise vendors can learn from BlackBerry (FierceCIO: TechWatch) The Globe on Friday published an investigative report titled "Inside the fall of BlackBerry: How the smartphone inventor failed to adapt." The in-depth article pulls no punches, yet does a fair job of chronicling the various missteps made by the company as it sought to reinvent itself. In a nutshell: BlackBerry wasn't blind to the threat posed by the iPhone, but it struggled to adapt quickly enough to compete with the iOS and the Android platforms

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

Information Security Conference (Charleston, West Virginia, USA, October 2, 2013) On October 2, the WVOT Office of Information Security and Controls, will be sponsoring a no-charge information and cyber security awareness event at the Charleston Civic Center. The agenda will offer an energizing morning of highly informative sessions. Free posters, calendars, bookmarks, and other security-themed items will be available. The event is open to the public, however registration priority will be given to public sector officials and employees.

NSU Hosts FBI Presentation on National Cyber Security Awareness (Fort Lauderdale, Florida, USA, October 3, 2013) GSCIS Hosts the Federal Bureau of Investigation (FBI) Special Agents special presentation on "National Cyber Security Awareness." RSVP at the link.

The Monktoberfest (Portland, Maine, USA, October 4, 2013) Our speakers will explore how social trends can change the way we build and use technology, and how technology in turn can change the way we socialize.

Suits and Spooks NYC 2013 (New York, New York, October 5, 2013) Since the landscape is foggy, the threat actors numerous and hard to identify, and the attacks proliferating on a daily basis, the focus of the next Suits and Spooks conference will be to identify non-state aggressors in cyberspace. About twenty speakers will present briefings over two days on hackers, citizen militias, and other non-state entities operating in the Middle East, China, Russia, Pakistan, India, Iran, Africa, South America, the United States (yes - we have non-gov threat actors domestically), and other parts of the world. One of our panel moderators will be Joel Brenner (former National Counterintelligence Executive at the Office of the Director of National Intelligence and former Senior Counsel at the NSA).

Forensics and Incident Response Summit EU (Prague, Czech Republic, October 6 - 13, 2013) The Summit will focus on high quality and extremely relevant content as well as panel discussions in Digital Forensics and Incident Response. In addition, we encourage you to take every opportunity to make the most of this event from attending the Summit to registering for one or more of the post-summit training classes taught by SANS' top-rated instructors and course authors. Additional events such as DFIR Netwars, evening talks and the SANS Community Night will be taking place during that week too. This event promises to bring together the leading minds in digital forensics and incident response in the EU, as well as many other practitioners from a wide cross section of industries and company sizes. You will be able to share with all of them your challenges and find out new solutions that work, techniques and approaches you didn't even know existed.

CyberMaryland 2013 (Baltimore, Maryland, USA, October 8 - 9, 2013) Join cybersecurity leaders, luminaries and rising stars at CyberMaryland 2013. This two-day event at the epicenter of the nation's cybersecurity innovation and education, will create opportunities for networking and idea sharing amongst the many cyber leaders and professionals across the country, including: federal, state and local government agencies, academic institutions, cybersecurity entrepreneurs, and industry leaders of research and development. CyberMaryland 2013 will address the biggest challenges facing America, including future innovation to meet the security challenges facing our country; collaboration across industry, government and educational institutions; and the development of a generation of cyber-warriors. Surrounding all of these issues is a constantly evolving business framework to provide efficient and effective solutions in a time frame that anticipates and mitigates current and future threats.

2013 Maryland Cyber Challenge (Baltimore, Maryland, USA, October 8 - 9, 2013) Held in conjunction with Cyber Maryland and intended to let students and young professionals showcase their cybersecurity skills, Maryland Cyber Challenge offers competition in three divisions: high school, college, and professional. Orientation sessions for teams in each of three divisions -- high school, collegiate and industry and government professionals -- will be held at UMBC in July and August. Two qualifying rounds will be conducted online using SAIC's Cyber Network Exercise System.

AFCEA Hill AFB Technology & Cyber Security Expo (Ogden, Utah, USA, October 9, 2013) The purpose of this first-time event is to allow base personnel the opportunity to learn about the latest computer security trends, network with peers, share remediation strategies and to view and demo some of the latest cyber security and information technology products/services available today..

NSU's Raising Savvy Cyber Kids with Ben Halpert (Fort Lauderdale, Florida, USA, October 10, 2013) Ben Halpert is an award-winning author of several books for diverse audiences. The Savvy Cyber Kids At Home: The Family Gets A Computer (October, 2010) is a picture book that teaches the concepts of online safety and privacy to preschool children. The Savvy Cyber Kids At Home: The Defeat of the Cyber Bully (October, 2011) teaches children how to appropriately respond to a cyber bully before playing in the virtual world. All Savvy Cyber Kids books are available in English, Spanish, German, and French. For those in the business field, Ben has published Auditing Cloud Computing: A Security and Privacy Guide (July 2011) through John Wiley & Sons. RSVP at the link.

International Conference on Cyber–Enabled Distributed Computing and Knowledge Discovery (Shanghai, China, October 10 - 12, 2013) International Conference on Cyber-enabled distributed computing and knowledge discovery -promotes research and development of the cyber-related technology. It is unique and significant that spans through cyber-enabled data mining and knowledge discovery, distributed and parallel computing, cyber security, cloud computing, pervasive computing, mobile computing, Internet, wireless networks, cognitive systems, cyber information process, information discovery, e-health via cyber network, e-science, web technology, and network performance and tools. The research and development in these areas have received extensive attention in both the academia and industry to provide ubiquitous services for users. Various hardware and software designs, algorithms, protocols, simulations, and test-bed, and implementations are developed for distributed computing in an interconnected and distributed network environment. The purpose of CyberC is to provide a forum for presentation and discussion of innovative ideas, research results, applications and experience from around the world as well as highlight activities in the related areas.

VizSec 2013 (Atlanta, Georgia, USA, October 14, 2013) VizSec brings together researchers and practitioners in information visualization and security to address the specific needs of the cyber security community through new and insightful visualization techniques.

Hack-in-the-Box Security Conference 2013 (Kuala Lumpur, Malaysia, October 14 - 17, 2013) The 11th annual HITB Security Conference (16th/17th October) will be a triple track offering featuring keynotes by Andy Ellis, Chief Security Officer at Akamai and Joe Sullivan, Chief Security Officer at Facebook. This year's event also features all new 2-day training courses (14th/15th October) on a wide variety of topics including Android exploitation, extreme web hacking, infrastructure security, exploiting injection flaws and a special iOS security course by the world famous Evad3rs team. The full speaker list and conference agenda will be released after the Call for Papers closes on the 25th of July.

USDA Cyber Security Symposium and Expo 2013 (Washington, DC, USA, October 15, 2013) The Cybersecurity Expo, running in conjunction with the Summit, will allow exhibitors the opportunity to provide live demos and share information with government personnel and industry partners. Summit topics will focus on today's vulnerabilities, incidents, security lifecycle, risks and mitigations; it will also identify ways to work together and build a solid security foundation program to meet future challenges and trends in cyber security..

SNW Fall 2013 (Long Beach, California, USA, October 15 - 17, 2013) SNW is the world's largest independently produced conference series focused on the evolution of architecture for a new world of mobility, Big Data and business agility. Produced by Computerworld -- and co-owned by Computerworld and the Storage Networking Industry Association (SNIA) -- SNW remains unbiased and vendor agnostic. Unlike events focused on a specific vendor agenda and product portfolio, SNW provides a forum of open thought leadership and practical education that defines the spectrum of storage, data and infrastructure solutions available to a highly qualified audience of enterprise technology decision-makers.

Hexis Exchange (Athens, Greece, October 16 - 17, 2013) Attendees will have the opportunity to participate in a knowledge exchange of the latest enterprise security topics through expert led business and technology forums, hands-on sessions, and training. Such topics will include: emerging cybersecurity threats, big data management, advanced analytics, government regulation & compliance, and data retention challenges & solutions.

Cybersecurity Symposium: "Protect. Defend. Educate." (Linthicum, Maryland, USA, October 16 - 17, 2013) The Cybersecurity Symposium being held October 16-17, 2013, will deliver first-class training for government and industry security professionals while simultaneously offering high-level keynote speakers, essential networking opportunities, and an informative technology exposition. The Symposium sessions will have a special emphasis on security challenges facing today's security professionals and cyber awareness training for security professionals responsible for protecting sensitive and classified information from the ever increasing threats of mobile devices, espionage, terrorism, and cyber-attacks to ensure our national security. Register by August 31 to ensure the reduced early bird registration fee. This event is free for government employees and active-duty military personnel. Exhibit space and sponsorship opportunities are also available.

NSU Healthcare Cyber Security Summit (Fort Lauderdale, Florida, USA, October 17, 2013) In today's modern healthcare systems, data is everywhere, including sensitive patient data that needs to be secured and monitored. Join top healthcare security professionals from Nova Southeastern University, AccessData, and RSA to hear about current regulations that affect healthcare companies of all sizes, ways to protect sensitive data, and learn techniques to monitor access for suspicious activity. If you are responsible for the privacy or security of your company's healthcare data, you will benefit from presentations from these leading experts in the field. NSU's Chief Information Security and HIPAA Security Officer, John Christly, will examine the threats to the privacy and security of todays' modern healthcare operations. You will also hear from experts from AccessData and RSA on how to detect and prevent data breaches. RSVP at the link.

Nuclear Regulatory Commission Cyber Security Conference & Expo (Rockville, Maryland, USA, October 17, 2013) This one-day conference will consist of cyber sessions in the NRC Auditorium given by government and industry speakers. Exhibit tables will be set-up just outside the Auditorium and companies will have the opportunity to demo their latest technologies to NRC's IT personnel.

Securing the Internet of Things Summit (San Francisco, California, USA, October 21, 2013) The Internet of Things is still in its infancy and the security community has a chance to build in new approaches to security if we get started now. More secure embedded operating systems and applications, more scalable approaches to continuous monitoring and threat mitigation and new ways of detecting and blocking active threats are evolving and can be tremendously effective. SANS is looking to bring together community talent and ideas to develop new solutions, demonstrate security technology that already works and to provide a force multiplier to making the Internet of Things be more secure than the first phases of Internet evolution.

13th Industrial Control Systems Cyber Security Conference (Atlanta, Georgia, USA, October 21 - 22, 2013) Industrial Control Systems (ICS) operate the infrastructures of electric power, water, chemicals, manufacturing, transportation, defense, etc. and link the digital and physical worlds. Their cyber security presents challenges that are distinct from securing traditional IT systems. The conference is attended by control & operations engineers and their IT counterparts from critical infrastructure industries, by ICS and security vendors, and by universities. Run under the Chatham House rules of confidentiality, the conference discusses ICS cyber incident case studies, provides regulatory updates, discusses solutions in the form of policies and procedures, presents demonstrations of hacking ICS and ICS protocols, and provides a status of ICS security solution field demonstrations.

Cloud Connect (Chicago, Illinois, USA, October 21 - 23, 2013) Cloud Connect returns to Chicago October 21-23, 2013 with an all new program built around the leading cloud platforms. Cloud Connect provides the independent guidance IT professionals need to successfully build, operate and manage the cloud, and the tools to measure application performance and business metrics.

cybergmut Technical Tuesday: Cyber Security Strategy — Why We're Losing and What's Needed to Win (Columbia, Maryland, USA, October 22, 2013) CrowdStrike's Steve Chabinsky of CrowdStrike explains the situation. Everybody seems to be spending more on cybersecurity, but with questionable return on investment. In fact, the problem clearly is getting worse, and current strategies show no indication of reversing that trend. This non-technical presentation explores the typical cyber risk environment, considers the proper balance and likely effectiveness of threat deterrence, vulnerability mitigation, and consequence management to reduce cyber risk, and examines the current and evolving roles of government agencies and the private sector in addressing the problem. Backed by powerful, real-world examples of threat actor tactics, this presentation will help managers develop a better understanding of how their current security approach is most likely to succeed or fail over time, and what strategies are the most likely to shift the advantage to the good guys. cybergamut is co-hosting this event with the Maryland Chapter of InfraGard.

Cyber Security Seminar and IT Expo at Peterson AFB (Colorado Springs, Colorado, USA, October 22, 2013) The Cyber Security Seminar and IT Expo is a one-day event held on-site where industry vendors will have the opportunity to display their products to personnel attending briefings concerning the latest updates in Cyber Security Awareness. This is an excellent and unique opportunity to meet IT personnel from USNORTHCOM, NORAD, Army Space Command, USSPACECOM, and the 21st Space Wing all in one day.

Hack.lu 2013 (Luxembourg, October 22 - 24, 2013) Hack.lu is an open convention/conference where people can discuss about computer security, privacy, information technology and its cultural/technical implication on society.

Joint Federal Cyber Summit 2013 (Washington, DC, USA, October 23 - 24, 2013) This collaborative government wide event is truly one of a kind, with speakers and attendees anticipated to represent more than 10 federal government agencies. Information sharing will be accomplished through keynote speakers on both days, along with numerous targeted breakout sessions (including a session with a federal CISSO panel), hands on live demonstrations, and industry exhibits.

NSU's 12 Simple Cybersecurity Rules For Your Small Business (Fort Lauderdale, Florida, USA, October 24, 2013) In this presentation twelve simple and inexpensive techniques for protecting small businesses from cyber threats will be discussed. While complex and expensive solutions exist to improve the security of information technology most of these products are not designed for the specific needs of small businesses. The techniques that will be discussed in the presentation are designed to address the most common threats encountered by small businesses without requiring significant expertise and expense. RSVP at the link.

BREAKPOINT 2013 (Melbourne, Australia, October 24 - 25, 2013) Over two days, 14 world-renowned speakers front Breakpoint to share their knowledge on a full range of security issues, from unpublished research to the latest trends in information security.

Ruxcon (Melbourne, Australia, October 26 - 27, 2013) Ruxcon is a computer security conference that aims to bring together the best and the brightest security talent within the Aus-Pacific region. The conference is a mixture of live presentations, activities and demonstrations presented by security experts from the Aus-Pacific region and invited guests from around the world. Ruxcon is widely regarded as a leading computer security conference within Australia attracting all facets of the security landscape from industry, academics, to enthusiasts.

2013 ACT–IAC Executive Leadership Conference (Williamsburg, Virginia, USA, October 27 - 29, 2013) Advances in technology and massive increases in data available can both challenge and transform Government mission performance. ELC-2013 focuses on how to make this transformation a reality, in and for agencies. We will hear from nationally prominent speakers and work across government and industry to learn new ideas and techniques. Four mission-oriented tracks will focus on initiatives for driving results using data and the "Innovate, Deliver, Protect and Analyze" paradigm that is at the heart of the Government's strategic vision.

SAP NS2: National Security Solutions Summit (Falls Church, Virginia, USA, October 29, 2013) Join us for a day of learning and networking focused on how to advance U.S. national security and homeland security through I.T. innovation. Top-notch speakers will address the new challenges facing U.S. national security and critical infrastructure -- as well as powerful, affordable technologies that are available today to tackle those challenges while saving money and simplifying operations. Learn how your organization can run faster, smarter, leaner in the most secure environments -- with world-class, breakthrough solutions that are bold alternatives to business as usual.

RSA Conference Europe (Amsterdam, the Netherlands, October 29 - 31, 2013) Information security today isn't optional. It's business-critical. Over three days, RSA® Conference Europe 2013 imparts the must-know actions to manage growing cyber threats. With over 60 sessions spanning 10 hours, attend the educational and networking event that builds your knowledge and furthers your career.

Regional Cyber Security Forum & IT Day (CSFI) — Hawaii (Honolulu, Hawai'i, USA, October 30, 2013) 2013 marks the 10th anniversary of National Cyber Security Awareness Month and FBC will host the 1st Annual Cyber Security Forum & IT Day (CSFI) at Fort Shafter - Club Hale Ikena to coinside with the anniversary, and activities surrounding this month. The goal of CSFI is to raise cyber security awareness, and to promote best practices in cyber while allowing DoD personnel and industry partners the opportunity to share the most up to date remediation strategies. The event will feature four educational cyber sessions to go along with an exhibit hall..

NSA Hawaii — Cyber Security, Intelligence & IT Day (Honolulu, Hawai'i, USA, October 30, 2013) Be a part of the 1st Annual Cyber Security, Intelligence and IT Day set to take place at the new National Security Agency (NSA) Hawaii Rochefort facility. The event will be hosted by NS/CCS Hawaii Technology Directorate and will focus on Cyber Security, Big Data and Cloud Computing. There are other areas of interest listed below as well. This is an extremely unique opportunity to network with NSA personnel in Hawaii at their location. Educational sessions will be provided to attendees to coincide with government and industry exhibits.

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.