The CyberWire Daily Briefing for 10.24.2013
North Korea may be using free online games as malware vectors in its ongoing cyber campaign against the South.
The Syrian Electronic Army has expanded its target set (in, for example, defacing Qatari government sites) but observers think the SEA unlikely to move beyond hacktivist-like information operations to more destructive cyber operations.
The Mevade botnet is increasingly active in data theft, and analysts perceive a connection to August's spike in Tor usage. Zeus now goes after Dropbox users. Google blacklists php.net, and indeed there is evidence of compromise in the popular web server-side scripting language homepage. Avoid Skype smileys: they may be contaminated with dodgy software.
Warnings about Cryptolocker ransomware appear from Australia to the US. Internet users, back up your files.
Updates on the recent IAEA and Experian exploits describe creative approaches to hacking and social engineering.
Weak key generation in industrial automation control software renders systems vulnerable to wireless attack from miles away.
Surveillance tensions between the US and its allies grow, as Germany demands an explanation of allegations that NSA had accessed Chancellor Merkel's phone. France's President Hollande remains unsatisfied with the explanations he's received. US officials (and various analysts) note that all governments spy, but this tu quoque hasn't gained much traction abroad.
The EU moves to limit international data sharing (clearly directed at the US) and an Irish court case may provide further impetus for national data centers.
Despite this, US-Japanese cyber cooperation grows closer. NATO sorts out whether cyber attacks should trigger Article 5.
Today's issue includes events affecting Australia, Canada, China, Estonia, European Union, France, Germany, Iran, Ireland, Japan, Democratic People's Republic of Korea, Republic of Korea, Mexico, NATO, Qatar, Romania, Russia, Syria, United Kingdom, and United States..
Cyber Attacks, Threats, and Vulnerabilities
North Korea may have secretly engineered computer games to launch mass cyber attack (Washington Post) Some free-to-use computer games may secretly be North Korean plants, South Korea's national police agency warned Tuesday, according to South Korean media. The seemingly innocent games, designed to appeal to as many users as possible and thus to spread widely on computer networks, could carry malware code controlled from Pyongyang. The code, once activated, would take control of the host computers and allow North Korea to launch mass cyber attacks against major South Korean targets
Experts Assess Syrian Hackers' Capabilities (National Journal) A Syrian hacking group's reported defacing of Qatari government webpages over the weekend could signal a new direction for the organization that has infiltrated Western news websites and is loyal to Bashar Assad, the civil–war–torn country's embattled president. Still, U.S. cybersecurity experts said they don't expect the so–called Syrian Electronic Army to take steps as drastic as compromising U.S. nuclear facilities or crippling the critical infrastructure of a major world power through a cyber attack — at least not in the near future, and not without help from other countries
Mevade botnet infects hundreds of organisations in suspected data theft attack (ComputerWorld) Hundreds of global organisations have been infected by a Russian botnet as part of a cybercrime campaign that could be connected to the mysterious traffic spike that hit the Tor anonymity system in August, security firm Websense has suggested
Trojan Going After Dropbox (ISS Source) Dropbox users are getting faux password reset emails that can infect a victim's computer with Zeus malware. The new Zeus campaign, uncovered by cloud security provider Appriver, tries to stop users checking if their old password works by listing it as "dangerous"
Skype Smileys Application Comes with Shady Browser Extensions (Softpedia) If you're a Skype user and you want to change your dull smileys with something more interesting, there are a lot of applications to choose from. However, experts warn that some of them are bundled with all sorts of shady apps
Google blacklist blocking php.net (ZDNet) Claiming the well-known web software site is serving malware, Google's safe browsing API is marking php.net as malicious
BBB isues malware alert (Fox 30 News) The Northeast Florida Better Business bureau issued an alert to the media today, urging us to warn our viewers about a new malware called Cryptolocker
Security vendors issue warning about Cryptolocker ransomware (ComputerWorld) Australian security experts have advised people to be on alert for a ransomware variant called Cryptolocker that infects systems and encrypts files. It is spread via malicious links in spam emails which lead to pages that exploit system vulnerabilities. Affected users are asked to pay the cybercriminal with a ransom in order to unlock the system and get the files decrypted
How Box.com allowed a complete stranger to delete all my files (IT World) Six months ago the cloud storage service gave control over my account to someone else, who then nuked it. Fortunately, my data survived
Danger USB! Malware infects UN Nuclear Agency computers (Graham Cluley) An internal investigation has discovered that some of the computers at the International Atomic Energy Agency (IAEA) headquarters in Vienna have been infected for months with data-stealing malware
A Wolf in Sheep's Clothing: Hacker Poses as Private Investigator to Access Credit Bureau Data (McAfee Blog) One of the top three credit bureaus in the country has been unknowingly providing personal data to an underground cybercriminal group since March 2012. Experian, a company that provides credit reports, credit monitoring, and "identity theft protection" to consumers was found to have been sharing information to the creator of Superget.info, an underground black market website that sells "fullz"—the "full" package of personally identifiable information (PII) on US citizens. This is particularly concerning as Experian operates such a large and otherwise trusted database of personal information
Weak Key Generation Plagues Wireless Industrial Automation Software (Threatpost) Industrial automation software used worldwide to create and configure wireless radios that connect devices in environments such as oil and gas is vulnerable to attack by a hacker armed with an antenna from as far as 30 miles away
Hack turns Belkin baby monitor into iPhone–controlled bugging device (Ars Technica) The "Internet of things" may make life richer, but it can also allow new attacks
Some DPS Students Medical Records In Hands Of Thief (CBS Denver) A thief stole a suitcase from a school nurse which also contained some valuable information about some Denver Public School students
Yes, Cheney's pacemaker cyber attack fears were credible (DotMed Daily News) Former vice president Dick Cheney made headlines this week after admitting in a 60 Minutes interview that he disabled his pacemaker's Wi–Fi in 2007 to thwart terrorists who might try to hack into it and kill him. Though this scenario sounds like something out of a science fiction movie (an episode of Showtime series "Homeland" features a similar plot line), it turns out these fears aren't unfounded
Apple's iCloud iConundrum — does convenience mean insecurity? (Naked Security) Researcher Vladimir Katalov explained how documents and backups stored in Apple's iCloud can be accessed bypassing Apple's two-factor authentication, even when enabled, last week at the Hack in the Box conference in Malaysia
Security 101: Watering Hole Attacks (Fortinet Blog) In nature, predators on the hunt for food often wait by small ponds and marshes for their prey. The reason? Animals of all kinds will inevitably flock to a watering hole out of necessity in order to survive — including vulnerable prey. When that occurs, the predator only has to pounce in order to fulfill its objectives
Security Patches, Mitigations, and Software Updates
Adobe Flash Player now sandboxed on OS X Safari (ZDNet) When run on OS X 10.9 Mavericks, Adobe Flash Player will run in a sandbox, with limited capacity for mischief if compromised
OS X Mavericks — optional OS upgrade or critical security fix? (Naked Security) Apple's OS X 10.9, better known as Mavericks, is officially out. The burning question for OS X fans everywhere, of course, is, "Should I or shouldn't I?"
One sector especially at risk for cyber attacks, new report says (Insurance Business) The increasing importance of cyber risk insurance has been well-documented, but new information suggests one industry is more at risk of cyber attacks than any other. According to data from the Department of Homeland Security (DHS), more than 50% of investigated cyber incidents from October 2012 to May 2013 occurred within the energy sector
Bank survey finds many tech companies preparing for cyber attacks (ABA Banking Journal) Silicon Valley Bank clients prepare for when, not if, cyber attacks will occur
Cyber attacks targeting the energy sector on the rise (Help Net Security) Alert Logic examined the rise of cyber attacks targeting the energy sector--an industry thought to be particularly at risk due to the highly confidential and proprietary information they possess, as well as the prevalence of BYOD and contractor access
Banks Lack Ammo to Fight Cyberthreats, Says Report (TMCnet) Evolving security threats, technology limitations and simple lack of awareness make cyberrisk a daunting hurdle for today's banks. A recent survey by Longitude Research, Cyberrisk in Banking, cites lost customer trust as the most significant impact from cyberattacks - nearly double that of monetary losses
We need a new approach to cybersecurity (Tennessean) Cybersecurity is a term that is appearing with increasing regularity in the news — and not in a good way. Unfortunately, problems with cybersecurity seem to be getting worse. Turning this around is going to require a complete change in mindset around information security
Attackers use smaller botnets to launch high-bandwidth attacks (Help Net Security) DDoS perpetrators changed tactics in Q3 2013 to boost attack sizes and hide their identities, according to Prolexic
Different adversary classes within security (Help Net Security) Akamai Director of Security Intelligence, Josh Corman, gives an overview different adversary classes and their motivations
Targeted attacks pose greatest risk to Middle East, says Trend Micro (CNME Online) The biggest cyber-threats facing Middle Eastern businesses today come in the form of targeted attacks, Trend Micro's Vice President for the Mediterranean, Middle East and Africa regions said today
The new Web tracking: You never see it coming (InfoWorld) Web tracking is far more pervasive and invisible than ever, thanks to browser fingerprinting and third-party aggregation
Cloud: Security the priority (Busienss Technology) Security is still a major worry for companies looking to adopt cloud technology into their IT strategy, and major firms are reluctant to use it for highly sensitive business-critical information. But companies are not alienating the cloud altogether - rather, they are adopting a hybrid approach to using it, and it remains popular for less business-critical services
SQL Injection and Cross-site Scripting Attacks Surge in Q3 (Infosecurity Magazine) Cross-site scripting (XSS) and SQL injection activity is up 32% in the third quarter, as those with malicious intent look to specifically target web-facing and cloud applications carrying sensitive information about organizations and their customers
The Staggering Cost of Economic Espionage Against the US (Epoch Times) The United States has known for sometime that it has been victimized by economic espionage mounted by other countries, especially China and Russia. According to a counterintelligence expert hired by companies to help them counter this threat, the toll for these crimes is far, far higher than what has been officially reported
Huawei confident it can find skilled UK staff to fill R&D centre (V3) The forthcoming UK Huawei research and development centre will hire 75 percent of its staff from the area in which it is set up, the firm has confirmed. Plans to open a new R&D centre were announced last week following chancellor George Osborne's visit to the firm's headquarters in Shenzhen, China
Malwarebytes Growth Validates Need For Zero-Day Protection (Dark Reading) It has been one year since Malwarebytes, the leader in advanced anti-malware protection and remediation, announced the launch of Malwarebytes Enterprise Edition (MEE). Since the launch, Malwarebytes has experienced strong business results with 52% growth year-over-year and continues to make strategic investments in the enterprise. Most recently, Malwarebytes released an updated version of MEE that provides an assortment of new features and enhancements for enterprise customers
Army looks to blend cyber, electronic warfare capabilities on the battlefield (US Army) As new technologies emerge and new cyber and electronic warfare threats plague Soldiers in the field, U.S. Army scientists and engineers continue to define next-generation protocols and system architectures to help develop technology capabilities to combat these threats in an integrated and expedited fashion
Sally Sullivan Joins CSC as North American Public Sector Business Development VP (GovConWire) Sally Sullivan, formerly an executive vice president at ManTech International (NASDAQ: MANT), has joined Computer Sciences Corp. (NYSE: CSC) as vice president of business development for the North American public sector, GovCon Wire has learned
Products, Services, and Solutions
Malicious Mobile Tracking Made Easy (Dark Reading) Exploits and hacking tools in the mobile space will get ample airtime at next month's first Black Hat Regional Summit in Brazil. Among the presenters: a researcher who developed an affordable, distributed mobile tracking network that could take advantage of weaknesses in the way mobile devices probe for Wi-Fi signals to keep tabs on users' physical and digital movements and intercept data from their devices
Greenbone and OpenVAS Scanner (Internet Storm Center) This virtual machine comes to you care of $DayJob frustrations and the need to generate logs. This month we are covering log entries and in my lab at work there was a need to trigger some alarms. So I set out to build an OpenVAS  suite in order to trigger several different detection systems
Lockheed Martin Donates Search Engine That Facilitates Intelligence Interoperability For DoD (Wall Street Journal) The software search engine that facilitates intelligence interoperability throughout the Department of Defense has been contributed to the open source community by Lockheed Martin (NYSE: LMT). The Corporation has donated all copyright for the Distributed Data Framework (DDF) source code to the Codice Foundation, a nonprofit organization established to support government-based open source projects
DB Networks Introduces Industry's First Behavioral Analysis–Based Core IDS to Detect Advanced and Zero–Day SQL Injection Attacks (BWW) DB Networks, an innovator of behavioral analysis in database security, today introduced the IDS-6300 intelligent security appliance, the industry's first next-generation Core Intrusion Detection System (IDS). The IDS-6300 leverages patented behavioral analysis technology for comprehensive SQL injection intrusion detection and defense uniquely addressing SQL injection issues that have plagued the industry for more than 15 years. DB Networks' intelligent security appliance delivers advanced and Zero-Day SQL injection attack detection with the industry's first Core IDS that combines behavioral analysis and advanced continuous database monitoring, addressing specific compliance requirements within regulations such as PCI DSS, HIPAA, GLBA, and NIST spec 800-53
iPhone secure messaging with self–destruct mechanism via Wickr app (Help Net Security) Wickr was one of the most interesting companies I was introduced to at this year's RSA Conference in San Francisco. The company was one of the finalists of the Innovation Sandbox, a program that encourages out of the box ideas and the exploration of new technologies that have the potential to transform the information security industry. Wickr is a free app designed to provide private communication over a range of devices running Android and iOS
Apple iCloud Keychain in OS X Mavericks gets mixed reviews (CSO) Keychain stores all website usernames and passwords, credit card numbers, and Wi-Fi network information
New Bitdefender Service Connects Elite Engineers to Customers for One–on–One Problem–Solving (Sacramento Bee) Bitdefender's new Tech Assist service fixes, cleans and optimizes PCs through personal intervention
Thinking Outside of the Sandbox: McAfee Advanced Threat Defense Unveiled (McAfee Blog) It's always a great day when you can share something so innovative that it will surely change the game in the industry. Today, at the McAfee FOCUS 2013 conference, McAfee and my team announced the development and launch of McAfee Advanced Threat Defense - the newest addition to our Security Connected portfolio. If you read my post entitled, "Developing the Ultimate Defense against Advanced Malware," I gave you a preview of what to expect in the hopes of piquing interest and raising awareness without giving away the big reveal
Cisco beefs up enterprise collaboration tools (NetworkWorld) New products address areas like communications security, third-party participants and IT management
Technologies, Techniques, and Standards
Decrypting GSM phone calls (SRL Labs) Motivation. GSM telephony is the world's most popular communication technology spanning most countries and connecting over four billion devices. The security standards for voice and text messaging date back to 1990 and have never been overhauled. Our GSM Security Project creates tools to test and document vulnerabilities in GSM networks around the world so to ignite the discussion over whether GSM calls can and should be secured
Catching Mobile Malware In The Corporate Network (Dark Reading) As more malicious mobile apps arrive, security firms roll out different methods of detecting the malware inside business networks. To developers, advertising frameworks may just be another way to make money from their free application, but in at least one case--dubbed "Vulna" by security firm FireEye--the library has functionality that allows attackers to steal private data from a targeted phone and opens up vulnerabilities that could be exploited by hackers
Improving Hadoop Security with Host Intrusion Detection (Part 1) (TrenLas Security Intelligence Blog) Over the years, the Hadoop development community has steadily added facilities to Hadoop and HBase that improve operational security. These features include Kerberos user authentication, encrypted data transfer between nodes in a cluster, and HDFS file encryption. Trend Micro has contributed several security features that were incorporated into the public Hadoop ecosystem
Lessons Learned from the Cyber Security Front Lines (LinkedIn) As a global security and aerospace company, Lockheed Martin is a target for a wide range of cyber attacks. And we're not alone. Firms across several industries, including finance, energy, infrastructure, healthcare, and telecommunications, are facing the same threats. No matter what business you're in, cyber threats are a real and growing concern
Safeguarding information in the digital age (DVIDS Hub) In an age where vast amounts of information are easily accessible by anyone with an Internet connection, safeguarding sensitive information is essential
Security begins at home — how to do a "back to basics" security overhaul on your family network (Naked Security) Sophos security expert John Shier explains how he carried out a "back to basics" security overhaul on his family network. He wrote it up as a handy checklist for anyone else acting as in-house IT support
Collisions likely over PCI 3.0 (CSO) New standards are meant to 'help' merchants, but experts say they are more about protecting credit card companies
4 ways metrics can improve security awareness programs (CSO) Looking for ways to prove the value of security awareness efforts in your organization? Ira Winkler and Samantha Manke break down four ways to use metrics as a way to measure your program's effectiveness
Microsoft and Symantec push to combat key, code-signed malware (ComputerWorld) An alarming growth in malware signed with fraudulently obtained keys and code-signing certificates in order to trick users to download harmful code is prompting Microsoft and Symantec to push for tighter controls in the way the world's certificate authorities issue these keys used in code-signing
How threat intelligence can give enterprise security the upper hand (Search Security) To the surprise of no one that follows the information security market, threats and attackers are advancing at such a rapid pace that most enterprises have been unable to match it. New, sophisticated zero-day vulnerabilities are constantly being discovered and exploited to gain access to corporate systems; sophisticated attackers can then hide for months and even years while siphoning valuable data
Research and Development
How Quantum Encryption Can Keep The NSA From Spying On You (Business Insider) The nature of communication is changing. Edward Snowden brought the NSA's domestic spying program to center attention and now plenty of casual Internet users care about security. This has spurred the development of some novel technologies to facilitate secure communication online. Quantum cryptography is probably the most promising of these. It relies on the underlying principles of quantum physics to carry a message from A to B without any third parties interfering
Trine Announces Cybersecurity Major (Inside Indiana Business) With more Americans using the Internet and online risks increasing, Trine University is helping to tackle this growing crisis with the introduction of a major in cybersecurity. The announcement comes during National Cyber Security Awareness Month
UAB's Gary Warner Receives M3AAWG J.D. Falk Award for Developing Collaborative Cybersecurity Education Program (MENAFN) One person's passion, insight andbehind-the-scenes resolve has given rise to a new approach totraining 21st century "digital detectives" who can better identifycybercrime and protect end-users. Gary Warner has developed theUniversity of Alabama's Center for Information Assurance and JointForensics Research into a multi-dimensional educational program thathas successfully collaborated with law enforcement and the industryin fighting real-world email and Internet threats. Recognizing hisaccomplishments, the Messaging, Malware and Mobile Anti-Abuse WorkingGroup today presented Warner its annual J.D. Falk Award forinnovative work contributing to the good of the online community
Legislation, Policy, and Regulation
EU Parliament urges suspending data deal with US (Boston Herald) European lawmakers on Wednesday called for the suspension of an agreement that grants U.S. authorities access to bank data for terror-related investigations, marking a sharp official rebuke of Washington's surveillance programs
EU Parliament committee approves data sharing restrictions bill (FierceGovIT) A European Parliament committee approved earlier this week a data protection measure that would restrict the transfer of individuals' data for law enforcement or intelligence purposes outside of the European Union
Germany: The US may have monitored German chancellor's phone (The Verge) A spokesman for the German government tells Reuters they have evidence that the United States may have monitored the mobile phone of German chancellor Angela Merkel. The newswire reports that Chancellor Merkel spoke with President Obama earlier today, and asked for "immediate and comprehensive clarification." The reports are consistent with earlier revelations that the NSA had hacked into Mexican president Felipe Calderon's email, establishing a pattern of US surveillance on allied governments
German Chancellor Merkel Less Than Pleased That U.S. Likely Tapped Her Phone, Calls Pres. Obama In Protest (TehcCrunch) Earlier today the German publication Der Spiegel reported that that country's Chancellor, Angela Merkel, likely had her cell phone tapped by the United States intelligence apparatus. Germany is a key ally of the United States, both economically and politically
US ambassador to Germany summoned in Merkel mobile row (BBC) Germany has summoned the US ambassador in Berlin over claims that the US monitored German Chancellor Angela Merkel's mobile phone
Merkel Calls Obama to Complain About Surveillance (ABC News) German Chancellor Angela Merkel complained to President Barack Obama on Wednesday after learning that U.S. intelligence may have targeted her mobile phone, saying that would be "a serious breach of trust" if confirmed
Obama says NSA not spying on Merkel's cellphone (USA TODAY) The Obama administration denied a report that the National Security Agency tapped the mobile phone of German Chancellor Angela Merkel. President Obama assured Merkel during a phone conversation Wednesday that the United States is not monitoring the chancellor's communication, White House spokesman Jay Carney said
Obama–Hollande readouts are quite different (USA TODAY) When President Obama calls a foreign leader, the White House and the other country often release readouts of the conversation — and sometimes they are very different. Take Monday's call between Obama and French President Francois Hollande about news reports that the National Security Agency has conducted intelligence gathering in France
National Intelligence Director Denies Allegations of Phone–Tapping in France (TIME) The director of national intelligence dismissed accusations Tuesday night that the National Security Agency listened in on 70 million French phone calls in a 30-day period
James Clapper, on top of the secret empire (Washington Post) Rather than look over the shoulders of his 16 client agencies, as previous DNIs tended to do, Clapper has instead pushed more collaboration -- something that's easy to talk about but hard to do in an intelligence culture that rewards protection of secrets
Anger growing among allies over U.S. surveillance (New York Times) Leaders and citizens in Germany, one of America's closest allies, simmered with barely contained fury on Thursday over reports that America intelligence had tapped into Chancellor Angela Merkel's cellphone, the latest diplomatic fallout from the documents harvested by the former National Security Agency contractor Edward J. Snowden
Europe Anger at U.S. Spying Ignores Fact Everyone Does It (Bloomberg) European anger at reports that the U.S. has conducted surveillance of allies' telephone calls and e-mails glosses over a basic truth, former intelligence officials say: everyone does it. "All governments collect information on nearly all governments," said John McLaughlin, a former acting director of the U.S. Central Intelligence Agency, said in a phone interview. "The posture of most governments is, 'We want to collect as much info as we can, so we can be as fluent as we can when we make decisions.' It's just what governments do"
Why the NSA spies on France and Germany (The Week) "Ever since the Church Committee hearings, we have been at bat with a one-ball, two-strike count on us, you know. We aren't taking close pitches." So said National Security Agency Director Michael Hayden in 2001, when Vice President Cheney's staff asked the NSA to significantly expand the ambit of the agency's domestic collection using the president's inherent authorities, or duties, to protect the nation, which are spelled out in Article II of the Constitution
I Spy, No Lie (Armed with Science) What comes to mind when you see the acronym NSA? Do you think spies? Protectors of secrets? Information collectors? Privacy violators? You can rarely open up a news website these days without seeing that three letter acronym splashed up somewhere
The End of Hypocrisy: American Foreign Policy in the Age of Leaks (Foreign Affairs) The U.S. government seems outraged that people are leaking classified materials about its less attractive behavior. It certainly acts that way: three years ago, after Chelsea Manning, an army private then known as Bradley Manning, turned over hundreds of thousands of classified cables to the anti-secrecy group WikiLeaks, U.S. authorities imprisoned the soldier under conditions that the UN special rapporteur on torture deemed cruel and inhumane. The Senate's top Republican, Mitch McConnell, appearing on Meet the Press shortly thereafter, called WikiLeaks' founder, Julian Assange, "a high-tech terrorist."
Sensenbrenner concerned about security agency data collection (Watertown Daily Times) Although U.S. Rep. Jim Sensenbrenner, R-Wis., was not deeply involved with the budget negotiations in recent weeks, he has been busy with one of his key issues, reining in the collection of data by the National Security Agency
Thousands Expected At Rally Against Mass NSA Surveillance (Huffington Post) The National Security Agency's opponents are moving out of the courts and onto the streets in a demonstration against mass surveillance on Saturday. A coalition of groups called StopWatching.Us, which includes the American Civil Liberties Union and the Libertarian Party, is planning a rally for thousands in Washington to continue pressuring Congress to respond to the revelations of NSA leaker Edward Snowden. Snowden, a former NSA employee, leaked thousands of documents about the agency's surveillance operations to journalists
Spymaster: U.S. Business Needs More Protection From Chinese Hackers (US News and World Report) To protect American business secrets from being plundered by Chinese government hackers, the U.S. government may have to punish China's economy, says Michael Hayden, former director of both the Central Intelligence Agency and the National Security Agency
A Missed Chance for NATO's Cybersecurity Future (Defense One) After a meeting of NATO defense ministers in Brussels this week, questions loom large for the alliance's cyber strategy. Defense Secretary Chuck Hagel said the ministers "agreed that the alliance must do more to deal with cyber threats," but they did not take the opportunity to elaborate on its cybersecurity role and potential responses in case of cyber warfare
Rob Sheldon: Advancing U.S.–Japan Collective Cyber Capabilities (Part II: Practical Steps) (Council on Foreign Relations) Washington and Tokyo are clearly interested in continuing to increase cyber cooperation--potentially in the context of collective defense. Given the nature of the alliance, "collective cyber" should be more than just policy commitment; it should be undergirded by collective capabilities. Unfortunately for planners on both sides, there is little precedent from which to draw on building international-level interoperability in the cyber domain. In September 2011, the United States and Australia formally recognized their need to incorporate cyber in the Australia, New Zeleand, United States (ANZUS) treaty. The countries have also, along with the UK, established a Defense Cyber Contact Group for gaming and planning. (However, that this sort of cooperation has not yet extended to the other Five Eyes--the UK, United States, Canada, Australia, and New Zealand--with whom the United States has existing mechanisms to share classified information, illustrates the extent of the challenges ahead.) And finally, the United States reportedly worked in tandem with Israel to create and propagate Stuxnet, the computer worm that targeted control systems at Iranian nuclear facilities
U.S. agencies moving slowly to tighten data security, despite major leaks (Chicago Tribune) Despite saying they suffered major damage from classified documents made public by an Army soldier and a National Security Agency contractor, U.S. government agencies have fallen behind in installing computer software to stop such leaks, U.S. officials say
Army cyber chief says force size needs biennial review (Federal Times) To keep pace with rapid changes in the cyber domain, the Army should re-evaluate the size of its cyber force at least every two years and adopt more agile processes for hiring and procuring security capabilities, the head of U.S. Army Cyber Command said Wednesday
Army CyberCom meets challenge of recruiting cyber warriors (Federal News Radio) The U.S. Cyber Command has put together about 133 types of teams to protect the Department of Defense's network from cyber attacks. Command Sgt. Maj. Rodney Harris, who became the senior enlisted advisor at Army Cyber Command in August, said the Army's share of that defense — about 41 teams — is doing a good job at finding the right soldiers to do this type of work
Stabilizing DHS Cybersecurity Leadership (Bank Info Security) Stabilizing cybersecurity leadership at the Department of Homeland Security - which has experienced significant turnover this past year - should be a priority for Jeh (pronounced Jay) Johnson if the U.S. Senate confirms him as the next DHS secretary, government IT security experts say
Affordable Care Act–related sites need an online seal program (Trend Micro Simply Security) This week there's a lot of talk about a "tech surge" to address issues with the healthcare.gov website. While that is to address issues specific to that site only, this focus on improvements around the Affordable Care Act's (ACA) online experience is a good time to consider an important and necessary change to fundamentally improve the overall security of the experience. Put simply, there needs to be a verifiable online "seal" or label program for official ACA-related websites
Jeff Zients to head Obama's 'tech surge' team fixing HealthCare.gov (FierceHealthIT) Jeff Zients, a former corporate executive and one of President Barack Obama's economic advisers, will lead the "tech surge" team focused on fixing the flawed HealthCare.gov website, CBS News reports
Obamacare hearings begin, contractors grilled on the Hill (Politico) Republican lawmakers opened the first hearing into Obamacare today saying the Obama administration and the website contractors misled them about their readiness for the law's Oct. 1 launch, while Democrats tried to downplay the initial problems and stress the health care benefits for Americans
Damage control and political fire–fanning over healthcare.gov (FierceGovIT) Damage control and political fire-fanning dominate the fourth week of healthcare.gov's existence, making the federal healthcare insurance website for the 36 states that refused to build their own insurance exchange the locus for partisan divide and continuing criticism of federal information technology management
Leading Economist Predicts a Bitcoin Backlash (MIT Technology Review) Economist Simon Johnson says governments will feel the urge to suppress the crypto-currency Bitcoin
Litigation, Investigation, and Law Enforcement
Russians deny US spying allegations in Washington (The Guardian) Russian embassy says spy claims are 'echoes of cold war' as FBI reportedly investigates cultural exchange boss Yury Zaitsev
It's criminal: Why data sharing lags among law enforcement agencies (ComputerWorld) Only 23% of law enforcement agencies participate in a national data warehouse — but observers remain hopeful
Irish High Court to review Facebook Prism complaint (ComputerWorld) If the complaint is successful, Facebook could eventually be forced keep Europeans' data within the EU, said the plaintiffs
Judge Orders Self–Described Hacker's Computer Seized Without Warning (CIO) In a rare move, a federal court in Idaho recently ordered a software developer's computer seized and its contents copied without prior notice because the developer described himself as a 'hacker' on his website
Warrantless GPS tracking of vehicles is unconstitutional, US court rules (Naked Security) Slapping a tracker on a car without having established probable cause goes against the Fourth Amendment, the US Court of Appeals has ruled
Cyber cops probe the deep web (The Guardian) In the past few weeks, the glare of news-media scrutiny has shone on the murky, mysterious world of the darknet, that online territory estimated to be many times bigger than the ordinary internet most of us access daily from the comfort of our computers and smartphones using web browsers such as Google, Yahoo! and Safari
Top U.S. cities for online fraud origination (Help Net Security) ThreatMetrix announced data ranking the top U.S. cities for the origination of online fraud. The data reveals that Santa Clara, CA, is the nation's top spot for online fraudsters, followed by San Jose, CA, Chesterfield, MO, New York, NY and Atlanta, GA rounding out the top five
@NatSecWonk Was Poised for a Leading Pentagon Job (Foreign Policy) The anonymous, acerbic tweeter who went by the handle @NatSecWonk was a White House staffer on the verge of being named to a leading Pentagon position before he was fired last week for his nasty, sneering online identity. Now, onetime National Security Council (NSC) staffer Jofi Joseph is under investigation by the Justice Department for his alleged social media activities -- both as @NatSecWonk and also possibly as @DCHobbyist, a Twitter account devoted largely to the exploits of North American escorts
Pittsburgh Couple Sentenced for Hacking Law Firm (eSecurity Planet) Jonathan and Alyson Cunningham were sentenced to 3 years probation and 300 hours of community service, plus payments of $2,445.96 in restitution
For a complete running list of events, please visit the Event Tracker.
Hack.lu 2013 (Luxembourg, Oct 22 - 24, 2013) Hack.lu is an open convention/conference where people can discuss about computer security, privacy, information technology and its cultural/technical implication on society.
NSU's 12 Simple Cybersecurity Rules For Your Small Business (Fort Lauderdale, Florida, USA, Oct 24, 2013) In this presentation twelve simple and inexpensive techniques for protecting small businesses from cyber threats will be discussed. While complex and expensive solutions exist to improve the security of information technology most of these products are not designed for the specific needs of small businesses. The techniques that will be discussed in the presentation are designed to address the most common threats encountered by small businesses without requiring significant expertise and expense. RSVP at the link.
BREAKPOINT 2013 (Melbourne, Australia, Oct 24 - 25, 2013) Over two days, 14 world-renowned speakers front Breakpoint to share their knowledge on a full range of security issues, from unpublished research to the latest trends in information security.
Ruxcon (Melbourne, Australia, Oct 26 - 27, 2013) Ruxcon is a computer security conference that aims to bring together the best and the brightest security talent within the Aus-Pacific region. The conference is a mixture of live presentations, activities and demonstrations presented by security experts from the Aus-Pacific region and invited guests from around the world. Ruxcon is widely regarded as a leading computer security conference within Australia attracting all facets of the security landscape from industry, academics, to enthusiasts.
2013 ACT–IAC Executive Leadership Conference (Williamsburg, Virginia, USA, Oct 27 - 29, 2013) Advances in technology and massive increases in data available can both challenge and transform Government mission performance. ELC-2013 focuses on how to make this transformation a reality, in and for agencies. We will hear from nationally prominent speakers and work across government and industry to learn new ideas and techniques. Four mission-oriented tracks will focus on initiatives for driving results using data and the "Innovate, Deliver, Protect and Analyze" paradigm that is at the heart of the Government's strategic vision.
FIRST Energy Symposium (Leesburg, Virginia, USA, Oct 28 - 29, 2013) Recent reports have shown that the Energy Sector has seen a large increase in the reported number of cyber attacks. The need to protect against threats and improve upon incident management has never been greater. Many control systems are already networked and are target of sophisticated attacks. Organizations will benefit from having a specialized team to work on detection and handling of cyber attacks, analyzing incidents and sharing information with other security organizations. The FIRST Symposium will focus on lessons learned from attacks and technology and sector specific security aspects. Strong emphasis will be given to organizational issues like creation and operation of incident response teams.
SAP NS2: National Security Solutions Summit (Falls Church, Virginia, USA, Oct 29, 2013) Join us for a day of learning and networking focused on how to advance U.S. national security and homeland security through I.T. innovation. Top-notch speakers will address the new challenges facing U.S. national security and critical infrastructure -- as well as powerful, affordable technologies that are available today to tackle those challenges while saving money and simplifying operations. Learn how your organization can run faster, smarter, leaner in the most secure environments -- with world-class, breakthrough solutions that are bold alternatives to business as usual.
RSA Conference Europe (Amsterdam, the Netherlands, Oct 29 - 31, 2013) Information security today isn't optional. It's business-critical. Over three days, RSA® Conference Europe 2013 imparts the must-know actions to manage growing cyber threats. With over 60 sessions spanning 10 hours, attend the educational and networking event that builds your knowledge and furthers your career.
Regional Cyber Security Forum & IT Day (CSFI) — Hawaii (Honolulu, Hawai'i, USA, Oct 30, 2013) 2013 marks the 10th anniversary of National Cyber Security Awareness Month and FBC will host the 1st Annual Cyber Security Forum & IT Day (CSFI) at Fort Shafter - Club Hale Ikena to coinside with the anniversary, and activities surrounding this month. The goal of CSFI is to raise cyber security awareness, and to promote best practices in cyber while allowing DoD personnel and industry partners the opportunity to share the most up to date remediation strategies. The event will feature four educational cyber sessions to go along with an exhibit hall..
NSA Hawaii — Cyber Security, Intelligence & IT Day (Honolulu, Hawai'i, USA, Oct 30, 2013) Be a part of the 1st Annual Cyber Security, Intelligence and IT Day set to take place at the new National Security Agency (NSA) Hawaii Rochefort facility. The event will be hosted by NS/CCS Hawaii Technology Directorate and will focus on Cyber Security, Big Data and Cloud Computing. There are other areas of interest listed below as well. This is an extremely unique opportunity to network with NSA personnel in Hawaii at their location. Educational sessions will be provided to attendees to coincide with government and industry exhibits.
Ahead of the Threat: Driving Innovation for Cyber Security (Bethesda, Maryland, USA, Oct 30, 2013) Sponsored by the Tech Council of Maryland, this conference will feature a presentation by Sondra L. Barbour, Lockheed Martin Information Systems & Global Solutions (IS&GS) Executive Vice President, will discuss the importance of understanding the adversary and staying ahead of the threat. Moving beyond the government, the need for intelligence-driven defense is becoming more critical across commercial industries such as oil and gas, finance and healthcare. The escalating landscape of cyber-attacks is forcing companies to take a closer look at their security posture to protect their assets, intellectual property and their customers' personal information.
TrustED 2013 (Berlin, Germany, Nov 4, 2013) In this workshop we consider selected aspects of cyber physical systems and their environments. We aim at bringing together experts from academia, research institutes, industry and government for discussing and investigating problems, challenges and some recent scientific and technological developments in this field. In this context we particularly are interested in the participation of industry representatives.
OKTANE 1 (San Francisco, California, USA, Nov 3 - 5, 2013) OKTANE13 is an identity, security and mobility event. Whether you're just getting started with cloud applications, evaluating a mobile strategy, building a hybrid enterprise IT, or looking to make your employees more productive and secure, OKTANE13 will keep you up to date with the latest enterprise technology.
MIRcon 2013 (Washington, DC, USA, Nov 5 - 6, 2013) With targeted attacks becoming more prevalent, today's incident responders are faced with the tremendous challenge of accelerating their response times while capturing relevant data from attacks in progress. From analysts and innovators to managers and executives the Mandiant Incident Response Annual Conference® (MIRcon®) is an excellent investment in your business and your professional development where you will learn about new technologies, incident response best practices, and key strategies for managing network security.
KMWorld 2013 (, Jan 1, 1970) KMWorld 2013 is a must-attend event for those concerned with improving their organizations' bottom line, business processes, and productivity, as well as streamlining operations, and accelerating development and innovation in their evolving enterprises. It offers a wideranging program especially focused to meet the needs of executives, and strategic business and technology decision-makers. Attendees learn how to maximize their technology investments through practical information and case studies; build relationships with speakers and thought leaders from around the world; and create flexible, competitive enterprises.
cybergamut Technical Tuesday: Location Based, Context Aware Services for Mobile -- Today and Tomorrow by Guy Levy-Yurista, Ph.D. (available at various nodes, Nov 12, 2013) As we continue to grow our dependence on mobile devices in our daily routine from taking pictures to delivering corporate documents, the contexts in which these devices are acting becomes increasingly important. Mobility today does not only take into account who the user is but where they are, when they are there, why they go there, what they're interested in, and what they're going to do. As our smart phones evolve, they are growing into a contextual engine that will not be just our personal assistant, but also our best friend providing us with all our information needs at the right time and in the right place.
Cyber Education Symposium (Arlington, Virginia, USA, Nov 19 - 20, 2013) Both the public and the private sectors suffer from a lack of highly trained and effective cyber security leaders. In response, the government, businesses, and academic institutions are all exploring ways to retrain the existing workforce and develop a new pool of cybersecurity professionals capable of meeting the needs of tomorrow. The Cyber Education Symposium offers a rare opportunity for the brightest minds in government (.gov), the private sector (.com), and the educational community (.edu) to convene and discuss trends and challenges in cybersecurity education. The Symposium will provide a forum to identify new ways of thinking about the problem, exchange best practices, and forge a pathway forward that leverages the full resources of our nation's leadership.
APPSEC USA (New York, New York, USA, Nov 18 - 21, 2013) Welcome to Appsec USA 2013, New York - a world class software security conference for developers, auditors, risk managers, and entrepreneurs, bringing you the world's top speakers, the most relevant security topics and an unbeatable atmosphere. Hosted by OWASP.
IT Forum Expo/Black Hat Regional Summit (, Jan 1, 1970) Black Hat Regional Summit will introduce a mix of local in-region experts and researchers from around the globe, discussing the latest trends in information security with an audience of peers. The sessions will provide candid insight and education for IT security professionals.
2nd Annual East Africa IT and Cyber Security Convention 2013 (Nairobi, Kenya, Nov 28 - 29, 2013) The 2nd Annual East Africa IT and Cyber Security Convention 2013 will bring together leading Cyber and IT Security experts who will provide key insights into critical cybersecurity issues surrounding cyber networks, mobile, and IT infrastructures. Enhancing the security, resiliency, and reliability of the nation's cyber and communications infrastructure is a challenge that must be met, attend the East Africa Cyber Security and IT Security Convention 2013 that will equip you with a comprehensive range of clarifications and solutions.