The CyberWire Daily Briefing for 2.21.2013
The US Administration is not backing down from serious talk about retaliation for Chinese cyber espionage—trade sanctions are mooted in the White House (with substantial Congressional support) and stalking horses like Michael Hayden use very strong language indeed about China.
The Chinese government continues to deny any involvement in recent exploits. Press outlet Xinhuanet advances one creative theory: maybe the People's Liberation Army was the victim of a botnet that just happened to be around Shanghai. After all, Mandiant's attribution was "circumstantial," and, hey, it could happen.
Iran's press sympathizes with China, saying the US has declared cyber war against China, Russia, and Iran. The Anonymous connection to Mandiant's investigation becomes clearer today—notorious snitch Sabu may have been a source. Mississippi State students hone cyber skills by reverse engineering Chinese malware.
The waterholing attack Apple disclosed this week may (or may already have) spread beyond Apple via mobile developer site iPhoneDevSDK.
Adobe's Acrobat Reader patch is out.
Electrical utilities in Florida and New York recover from breaches of email and billing systems. Industry analysts think Facebook's recent security problems endanger its business model.
US Federal budget sequestration will hit in a week, with effects expected to reach the UK and NATO as well. The Defense Department and the Intelligence Community (accused by Republicans of firemen-first brinksmanship) prepare for employee furloughs that may cause a cyber-talent hemorrhage.
The US Department of Energy sponsors smart grid security R&D; the Pentagon will impose security standards on the utilities it uses.
Today's issue includes events affecting Canada, China, Finland, Iran, Israel, NATO, Russia, United Kingdom, and United States..
Cyber Attacks, Threats, and Vulnerabilities
Hack findings highlight China, U.S. in game of spy vs. spy (CSO) A large-scale cyberespionage operation recently linked to China's military is unlikely to change the longstanding game of spy vs. spy with the U.S., experts say. Security company Mandiant said in a report released Tuesday that a group of cyberspies it had watched for sometime was similar in mission, capabilities and resources to a secretive group called PLA Unit 61398, which is run by China's People's Liberation Army. The evidence collected by Mandiant indicates the two groups are the same
Cyber Attack Retaliation Plans Expected From White House (Fast Company) The counter-espionage measures are seen as a response to what the New York Times has said is a persistent and aggressive cyber attack led by the Chinese military with the goal of stealing U.S. corporate and governmental secrets. The New York Times
US officials addressing cyber threat at 'highest levels' with China, on heels of hacker report (FOXNews) Obama administration officials said Tuesday they have "serious concern" with China's alleged cyber-snooping and are raising the issue "at the highest levels" in Beijing, on the heels of a report that claimed China's People's Liberation Army had stolen data from 115 U.S. companies over a seven-year period. U.S. officials would not comment directly on the report. But they said the U.S. is bulking up its cyber-defenses while stressing a new -- albeit controversial -- White House executive order aimed at helping protect computer networks of crucial American industries from cyber attack
China Has Hacked Most Of Washington, Experts Say (Washington Post) Start asking security experts which powerful Washington institutions have been penetrated by Chinese cyberspies, and this is the usual answer: almost all of them
China Says Army Is Not Behind Attacks In Report (New York Times) A day after a United States security company accused a Peoples Liberation Army unit in Shanghai of engaging in cyberwarfare against American corporations, organizations and government agencies, Chinas defense ministry issued a strong denial and insisted that the report was flawed
Commentary: Hacking allegations against China both baseless and revealing (Xinhuanet) U.S. cybersecurity firm Mandiant on Monday claimed in a report that hackers related to the Chinese military attacked some U.S. websites, once again stirring up the "Chinese hackers threat."Mandiant put forward as its main evidence a claim that many of the cyber attacks were launched from IP addresses registered in the Chinese metropolis of Shanghai. However, one does not need to be a cybersecurity expert to know that professional hackers usually exploit what is called the botnet in other parts of the world as proxies for attacks, not their own computers
Critical system vulnerabilities exist at Los Alamos (FierceGovernmentIT) Critical and high-risk weaknesses exist in the national security systems and applications of Los Alamos National Laboratory says the Energy Department's office of inspector general. In a Feb. 11 report auditors say they found five critical and 15 high-risk weaknesses on Los Alamos national security systems, "including vulnerabilities that were not remediated even though patches had been available since 2008."
Anonymous Thrown Into China-US Cyberwar Scandal (Eurasia Review) Members of the Anonymous movement including alleged ringleader-turned-informant Hector Sabu Monsegur may have played a crucial role in helping cybersecurity experts narrow in on the Chinese hackers profiled in a highly touted report released this week. In a report published Tuesday by Northern Virginia information security company Mandiant, an elusive cybersquadron of hackers hired by Chinas Peoples Liberation Army are linked to compromising as many as 141 companies across 20 major industries in recent years, including a corporation with access to Canadas oil pipelines and entities of the United States government
Expert: US in cyberwar arms race with China, Russia (NBC) The United States is locked in a tight race with China and Russia to build destructive cyberweapons capable of seriously damaging other nations' critical infrastructure, according to a leading expert on hostilities waged via the Internet. Scott Borg, CEO of the U.S. Cyber Consequences Unit, a nonprofit institute that advises the U.S. government and businesses on cybersecurity, said all three nations have built arsenals of sophisticated computer viruses, worms, Trojan horses and other tools that place them atop the rest of the world in the ability to inflict serious damage on one another, or lesser powers
US launches cyber war against Iran, Russia and China: Expert (Press TV) An expert has revealed that the United States has launched a widespread hostile cyber warfare against Iran, Russia and China. The United States, Russia and China are in a race to build the worlds most formidable armory of computer viruses, worms, Trojan horses and other tools in order to engage in cyberwarfare between themselves and lesser-developed nations, said Scott Borg, CEO of US Cyber Consequences Unit and an advisor to the US government, NBC News reported on Wednesday. Borg said the US considers both Russia and China as a threat in the cyber world, taking into consideration Russia is best at military espionage and operationsand China's main focus is stealing technology.
Apple confirms being hit in recent watering hole attack (Help Net Security) Apple has become the latest big company to confirm they've been affected by the watering hole attacks that resulted in the compromise of Twitter and Facebook networks, Reuters reported
Mobile dev site: We never knew about Facebook, Apple hacks (The Register) Mobile developer website iPhoneDevSDK says it was completely unaware of its own involvement in a recent online attack that compromised Macs at Facebook, Apple, and other companies that is, not until its admins read about it in the tech press on Wednesday morning. "As the most widely read dedicated iOS developer forum, we're targeted for attacks frequently," iPhoneDevSDK administrator Ian Sefferman wrote in a blog post on Wednesday. Despite knowing this, however and despite the fact that the security world has been abuzz about the attack on Facebook and others since February 15 Sefferman says he first learned about iPhoneDevSDK's involvement in the incident from an article at AllThingsD that morning
Many companies likely affected by compromise of popular iOS developer forum (Computer World) The administrators of a popular iOS developer Web forum called iPhoneDevSDK confirmed Wednesday that it had been compromised by hackers who used it to launch attacks against its users. Security experts believe the site served as a gateway for the recent attacks against Twitter, Facebook and Apple employees and that many other companies might be affected as well. At the beginning of February, Twitter announced that it had been the target of an attack and that hackers might have accessed authentication data on 250,000 users."This attack was not the work of amateurs, and we do not believe it was an isolated incident," Twitter said at the time
PayPal Credentials For Sale, Access Offered Via Proxy Server (Threatpost) n enterprising cybercriminal has opened an underground shop that peddles access to American PayPal accounts which are then accessible through an anonymous proxy service. Webroots Dancho Danchev claims that the shop currently has access to 1,543 accounts along with an additional 14 sets of PayPal credentials belonging to British citizens. The prices vary from $20 for an account with a balance of $300 or so, to a static charge of $3 for accounts with no balance at all
Iran Cyber-War on the Opposition (Cyberwarzone) Members of Cyber-Army of the Islamic regime are Omni-present on the social media networks. Facebook, Twitter, YouTube and the opposition websites on the internet are their hunting ground. The CyberArmy has different methods of infiltration into websites, users accounts and initiates an effort to identify and control them
Israel's infrastructure exposed to cyber-risk (Cyberwarzone) Israelis are with good reason concerned about the possibility that Iran will attain nuclear weapons. But perhaps they should be more worried that Iran will be able to take over the countrys basic infrastructure, wreaking havoc with the gas, water, and electricity systems, as well as the banking system. If nuclear weapons were the judgment day weapon of the 20th century, computer infrastructure hacking is the 21st century equivalent, said Tal Pavel, an expert on Internet usage and crimes in the Middle East
Rustle League Hackers Take Over Anonymous Twitter Account (Softpedia) Hackers of the Rustle League group have hijacked Anon_CentralNF, an Anonymous Operations Twitter account that has over 160,000 followers. The account was hacked around 5 hours ago and it's still controlled by Rustle League, a collective which seems to be anti-Anonymous. Some members of the Anonymous movement appear to be planning to retaliate, but it remains to be seen if anything materializes
JEA computers back to normal after cyber-attack (Florida Times-Union) JEA's computer system was back to operating normally Wednesday after days of mischief by a denial-of-service attack. The city-owned utility's website and online payment systems had been crippled since Sunday by an overwhelming amount of data directed
CYBER ATTACK UPDATE: Central Hudson: Free year of credit checks (Poughkeepsie Journal) Central Hudson Gas & Electric Corp. has determined that about 110,000 customers may have been affected by a weekend cyber security attack, but there's still not evidence that customer information was downloaded or misused, the company stated in a
Facebook's Security Breach: Reputation On The Line Now More Than Ever (CSO) One thing from this breach is very clear: Facebook's reputation and business model are on the line now more than ever before. Consumer trust is one thing the social network can't afford to lose
Security Patches, Mitigations, and Software Updates
That was quick! Adobe's emergency patch for Reader and Acrobat is here (Naked Security) Adobe has released the emergency update for Reader and Acrobat that it promised late last week. You may as well take advantage of Adobe's new-found velocity and get busy patching
Attribution Delivers Questionable Security Value (Dark Reading) Sure, politicians have some fodder for their diplomatic cannons, but do companies gain much from identifying their attackers? Experts debate the merits of attribution
Security vendors slow to react to spear phishing like that used in China hack (CSO) Today's tools and technology are 'severely inadequate' or 'very underutilized,' researcher and analyst say
What's The Worst That Can Happen? (ID Experts) I was talking to a news reporter a few days ago about the risks of a breach of patient medical records and she asked: "What's the worst thing that can happen???? My response was to tell her about the potential for medical identity theft and medical fraud
Study Shows One in Four Who Receive Data Breach Letter Become Fraud Victims (Threatpost) A study released Wednesday shows one in four consumers who receive a data breach letter become the victim of identity fraud. That statistic represented 12.6 million victims last year -- one million more than the year before, according to the 2013 Identity Fraud Report released by Javelin Strategy & Research
SANS SCADA Summit at Orlando - Bigger problems and so far from getting them solved (Internet Storm Center) 7 days ago finished the eight version of the SANS SCADA Summit at Orlando. Conferences were really great and it was a great opportunity to see that I am not the only CISO that is having trouble developing and implementing an information security program to the ICS world of the company. The most important conclusions obtained back there are
McAfee finds sophisticated attacks targeting other 'critical sectors' of the economy (ZDNet) Cyber criminals are moving beyond financial services with an increasing number of attacks on other economic and governmental segments, according to McAfee. Financial services has been a favorite target for sophisticated attacks in the last few years, but cyber criminals are moving on to other "critical sectors of the economy," according to McAfee. In the security giant's fourth quarter threats report, researchers highlighted some of the new schemes being used in this regard and other high-profile attacks, including advanced persistent threats (APTs) such as Operation High Roller and Project Blitzkrieg
$400 million risk lurking inside global enterprises (Help Net Security) Ponemon Institute and Venafi announced a new report provides an extensive examination of how failure to control trust in the face of new and evolving security threats places every global enterprise at
China biggest, but not the only country engaged in cyberespionage (Computerworld) Sensitive U.S. data and technologies are targets for state-sponsored entities around the world. China is by far the most aggressive, but not the only, country attempting the sort of extensive cyberespionage described in security firm Mandiant's dramatic report, released this week. Several other countries, most notably Russia, are involved in similar campaigns against U.S. companies from a wide range of industries, security experts said
Commercial Cyberspying Offers Rich Payoff (ABC News) For state-backed cyberspies such as a Chinese military unit implicated by a U.S. security firm in a computer crime wave, hacking foreign companies can produce high-value secrets ranging from details on oil fields to advanced manufacturing technology
Brands Do Double-Time to Repair Cyber Attack Damage (Brand Channel) More than 40 companies including Apple, Facebook and Twitter have been targeted in malware attacks linked to an Eastern European gang of hackers using an iPhone-developer website, iPhoneDevSDK
NATO Readiness May Be Hurt By U.S. Cuts, Official Says (Bloomberg.com) Automatic U.S. budget cuts set to go into effect March 1 are likely to affect the Pentagons ability to train alongside its NATO allies, undermining the alliances readiness, Pentagon spokesman George Little said
Congressman Urges 'Aggressive Oversight' Of DoD Budget Threats (DefenseNews.com) A pro-military U.S. House Republican wants lawmakers to examine whether Pentagon officials, while warning about dire consequences of pending spending cuts, will undermine military operations and training to protect underperforming, unnecessary programs.
A Better Republican Sequester Strategy (Wall Street Journal) Congressional Republicans are simultaneously united, divided and confused about the $85 billion of cuts in defense and domestic discretionary spending that begin on March 1 when the budget sequester takes effect
Comptroller Finds Himself At The Center Of Defense Budget Storm (Washington Post) Pentagon comptroller Robert F. Hale is overseeing the Defense Department's plans to furlough most of its 800,000 civilian workers, but he insists that he still meets with friendly faces as he strides down the building's corridors
Panetta Notifies Congress Of Pentagon Plan To Furlough Civilians (Reuters) Defense Secretary Leon Panetta formally notified Congress on Wednesday that the Pentagon plans to put civilian defense employees on unpaid leave this year if $46 billion in across-the-board U.S. government spending cuts take effect on March 1
Agencies Prepare To Force Unpaid Furloughs On Workers That Could Cut Salaries By 20 Percent (Washington Post) Those workers must be asking themselves what would happen if they missed such an important deadline, for the second time in as many months. They know what would happen, but the staff can't punish Congress, no matter how much that might be warranted
Pentagon Industrial Base Chief Wrestles With Budget Cuts (Aerospace Daily & Defense Report) The Pentagon spent years studying how to navigate the effects of budget cuts on its industrial base. Now, cuts are likely to be imposed on the Defense Department, which will have little ability to manage them, officials fear
Thousands Of BAE Jobs At Risk As It Feels Force Of US Navy Cutbacks (London Times) BAE Systems has issued a surprise warning to staff that thousands could lose their jobs because of the latest military spending cuts in America
GSA to privatize 3PAO accreditation process in FedRAMP (FierceGovernmentIT) The General Services Administration says it will turn over to the private sector the process of certifying new organizations that certify private sector cloud computer offerings for federal use
Need For Cyber Protection Generates New Jobs In Maryland (CBS Baltimore) Plundering secrets for profits and hard targets. Experts say going from cyber espionage to cyber war is only a few clicks away. Alex DeMetrick reports that risk is also generating opportunities in Maryland
Navy raises CoSC ceiling; will possibly extend contract by 5 months (FierceGovernentIT) The Navy said Feb. 20 it will increase the maximum value of its Continuity-of-Service Contract with HP Enterprise Services for the management of its shoreside network by another $1.2 billion and possibly extend the contract's length through September 2014. The action, announced through a special notice on FedBizOps, brings the maximum value of the CoSC contract to $6.1 billion
Jacobs-Led Team Wins Potential $2B For NASA Engineering, Tech Services (GovConWire) A Jacobs Engineering Group-led team has won a potential $1.93 billion contract to provide NASANational Aeronautics and Space Administration engineering, technology and science services at the Johnson Space Center in Houston. The cost-plus-award-fee services contract starts May 1 and contains five base years and two two-year options, Jacobs said Tuesday. Team members for the JSC
Steven Picot Named Vion Federal Sales VP (GovConWire) Steven Picot, an eight year Cisco (NASDAQ: CSCO) veteran and its former operations director, has joined Vion Corp. as vice president of federal sales. The former U.S. Marine Corps captain will lead all federal sales activities for the Herndon, VaDepartment of Veterans Affairs.-based storage and server provider, Vion said Wednesday
Rodney Martin Named TWD Corporate Development SVP, New Tech Units Formed (GovConWire) Rodney Martin, a former business unit vice president and division executive director at TWD & Associates, has been promoted to senior VP of corporate development in a realignment of the company's technology groups. The Arlington, VaDepartment of Veterans Affairs.-based communications services provider also promoted seven employees to the VP ranks and they will lead the
Unisys Wins Potential $650M IRS Enterprise Computer Support IDIQ (GovConWire) Unisys (NYSE: UIS) has won a potential $650 million contract to help the Internal Revenue Service operate computers used to process tax returns and maintain taxpayer records. The single-award indefinite-delivery/indefinite-quantity contract contains one base year and nine option years and the company will perform work under task orders, Unisys said Tuesday
Brian McHugh Named ManTech Program Development VP (GovConWire) Brian McHugh, a 28-year intelligence community veteran and former FBI and CIA official, has joined ManTech International (NASDAQ: MANT) as vice president of program development and risk management. He will be responsible for developing and implementing national security programs and support homeland security programs, ManTech said Wednesday. McHugh will also advise the company's board of
CACI appoints former Lockheed executive as CEO (Reuters) CACI Chairman Jack London told Reuters the company's board decided to ... areas such as cyber security, health care information technology and intelligence
Rene LaVigne Wins Wash Biz Journal 'Minority Business Leader' Award (GovConExecutive) Rene LaVigne, president and CEO of Iron Bow Technologies, has been selected to receive a Washington Business Journal award for business leadership, success and community involvement. LaVigne will receive the Minority Business Leader award March 21 at the Business Journal's sixth annual awards ceremony in Washington along with 24 other awardees, the company said Wednesday
Trustwave Security Expert to Keynote at RSA Conference (Geeks World) Trustwave Senior Vice President Nicholas J. Percoco and U.S. Secret Service Special Agent Erik Rasmussen will lead a keynote address on Thursday, February 28, at the 2013 RSA Conference in San Francisco. In "The Lifecycle of Cybercrime," they will highlight cybercrime trends from forensic investigations compiled in the 2013 Trustwave Global Security Report. Percoco and Rasmussen will uncover the lifecycle of attacks including criminal motivations behind attacks, techniques used to infiltrate organizations, data aggregation methods, data exfiltration techniques and financial impact
Qualys CEO to address security in a hyperconnected world at RSA Conference 2013 (Help Net Security) Qualys Chairman and CEO Philippe Courtot will examine the evolution of security in a hyperconnected world in his keynote at RSA Conference 2013
Apple without Jobs is 'weird,' says chairman, but it's not in trouble (Ars Technica) Running Apple's board of directors without Steve Jobs around has been "weird" for its chairman, Arthur Levinson, according to an interview he gave at the Stanford Graduate School of Business Tuesday reported by CNN. Levinson stated that the Jobs the public knew was "not, for the most part, the Steve Jobs that I knew," and that he feels Apple's short-term earnings are not cause for concern
Dell: We can beat Cisco in enterprise and cloud security (CSO) Dell can trump Cisco in the information-technology security market, say Dell's executives in describing how the company with its multifaceted approach will hold an edge against some powerful rivals that also include HP and IBM
Toronto-based SaaS Enterprise Safety Company Field ID Acquired By Security Hardware Maker Master Lock (TechCrunch) Master Lock has acquired Toronto-based software-as-a-service enterprise security solution provider Field ID in a deal the terms of which weren't disclosed. We've heard the deal involving the five year-old startup was in the tens of millions, however, and that the company's angel investors were very pleased with the arrangement. The purchase nets Master Lock an entry into the software market
Security Startup Stormpath Gets $8.2 Million (eSecurity Planet) The funding came from New Enterprise Associates, Pelion Venture Partners and Flybridge Capital Partners
Products, Services, and Solutions
Password Manager On USB Key Launches On Kickstarter (Dark Reading) Arkami, Inc. today launched myIDKey on Kickstarter, looking for $150,000 of funding and to gauge interest. The device is not yet available for purchase and pricing has not been decided
NetIQ 'bring your own identity' appliance beats identity bloat (TechWorld) NetIQ has announced a new virtual appliance that enables bring your own identity website access via not only Facebook, Google and Twitter but any SAML2 or OpenID Connect compatible source. For many organisations, SocialAccess 1. 0 will simply be a convenient way of letting employees and customers log into e-commerce, Intranet or governmental sites without having to ask them to create unique identities that then become expensive to manage
Alert Logic releases new log manager (Help Net Security) Alert Logic announced a new release of Log Manager which enables real-time security monitoring of critical security logs. By combining correlation with on-the-fly parsing of logs, Log Manager can alert
SmishGuru simulated attack service launches (Help Net Security) Wombat released SmishGuru, a simulated attack service for security officers to train employees how to recognize and avoid the most subtle yet potentially harmful smishing attacks. While the mobile
SAIC Introduces Cloud-Based Big Data Ingestion Platform (Sacramento Bee) DigitalEdge enables rapid big data ingest, analytics and alerts to empower organizations with actionable intelligence in real-time
Salient Federal Solutions and CloudShield Deliver Solution to Address Unmonitored and Unprotected IPv6 Vulnerabilities (PR Newswire) Companies to Debut a Joint Solution featuring Salient Assure6(TM) on the CloudShield CS-4000 Trusted Cyber Platform for Comprehensive, Next-Generation IPv6 Security at 2013 RSA Conference
Northrop Grumman to Feature 'Family of Systems' Mission Concepts in AFA Air Warfare Symposium Display (MarketWatch) Visitors to Northrop Grumman Corporation's NOC -0.24% exhibit this week at the Air Force Association's (AFA's) Air Warfare Symposium will get a fresh, interactive glimpse of how future wars could be fought
Qosmos Collaborates with Wind River for Network Intelligence and Deep Packet Inspection (PRWeb) Qosmos strengthens Wind River Intelligent Network Platform with additional DPI technologies for accelerated traffic flow classification, to give equipment providers instant application- and user-level awareness
SSH Communications Security Momentum Builds on Strength of Information Assurance Platform (Virtual-Strategy Magazine) The company's newest additions to its Information Assurance Platform, Universal SSH Key Manager (UKM) and CryptoAuditor, were enthusiastically received by
CyberPoint's Jerry Caponera will speak about how the Prescient Program enhanced the security of a Chinese-made VTC system (Digital Journal) During next week's RSA conference, Jerry Caponera will discuss how CyberPoint's Prescient Program enhanced the security of a Chinese-made VTC. Since its inception in 2011, the Prescient Program has developed solutions to ease heightened US security concerns over Chinese and other foreign-made technology products. The Prescient Program recently helped Chinese technology giant ZTE enhance the security of a video teleconferencing system by adding US-built and installed security measures
Apple's iPhone 5 overtakes Samsung's Galaxy S3 as most popular smartphone (FierceMobileIT) Apple's (NASDAQ: AAPL) iPhone 5 beat out Samsung's Galaxy S3 as the most popular smartphone in the fourth quarter of 2012, according to the latest stats from Strategy Analytics
Microsoft: Outlook Making Progress Vs. Gmail (InformationWeek) With Outlook.com, Microsoft takes aim at Google's search and email dominance. Redmond already claims more than 60 million users, but will more Gmail users defect?
Yahoo! gets Marissa Mayer make-over (AFP) Yahoo! sported a new look on Wednesday in a make-over tailored by style savvy and engineering smart chief Marissa Mayer
New Enterprise Anti-Zero Day Software Launches (Fast Company) Trusteer, a security firm best known for creating anti-keylogging and anti-malware software add-ons for business banking customers, is launching a new enterprise application designed to prevent data theft through zero-day exploits. The new software
Barracuda Networks Launches Ultimate File Sharing, Sync And Storage Service Based On Secure Global Barracuda Cloud (Dark Reading) Copy allows users to securely access, share and sync files from anywhere, and from any device
nCircle IP360 Utilizes Customizable, Python-Based Vulnerability Rules (Dark Reading) nCircle, the leader in information risk and security performance management solutions, today announced that IP360&trade users can now create custom vulnerability detection rules using the well-known Python programming language. The new tools augment nCircle's existing Advance Security Programming Language (ASPL), making it possible to rapidly build targeted, tailored vulnerability assessments for specific business requirements
Technologies, Techniques, and Standards
Mozilla toughens up on CA certificate abuse (TechWorld) Mozilla is taking steps to limit the risk of powerful subordinate Certificate Authority (CA) certificates falling into the hands of attackers and potentially being used to issue rogue certificates for use in SSL snooping attacks. The browser maker updated its CA Certificate Policy with new requirements that will improve accountability for subordinate CA (sub-CA) certificates and will subject them to restrictions and independent audits
HoneyPoint Security Server ICS/SCADA Deployment Example (Stateofsecurity) Recently, there have been several questions about potential deployment scenarios for HoneyPoint Security Server in and around ICS and SCADA organizations. Here is a quick, high level view of what a sample deployment might look like in a utility or other ICS environment. Note that the sample environment has fully embraced enclaveing
Pentagon will require security standards for critical infrastructure networks (Nextgov) The first-ever cybersecurity certification requirements for private utilities and other vital infrastructure supporting the military are set to be released this fall and take effect within a year, Pentagon officials told Nextgov. The Defense Department rules had been in the works before President Obama on Tuesday issued an executive order calling for the government to consider mandating such standards in federal contracts. Increasingly, owners of so-called critical infrastructure are asking the government for guidelines to fend off cyberattacks, but many are averse to computer security regulations
Twitter entreats users to use better passwords (Help Net Security) Twitter is urging users once again to improve their passwords - both on Twitter and on other online services. Apart from the usual advice on using longer, more complex, and unique passwords for all
NSTIC set for second round of pilots (FierceGovernmentIT) The National Institute of Standards and Technology announced earlier this year a new grants opportunity for identity solution pilots under the National Strategy for Trusted Identities in Cyberspace, or NSTIC
Design and Innovation
This New Apple Patent Could Be The Design For A Radical iWatch With A Wraparound Display (TechCrunch) Apple has a number of patents on wearable computing, but a new application spotted by AppleInsider blends some old and some new tech to provide a vision of what it might conceivably look like as a shipping product. The patent in question describes a wrist-mounted flexible display, built on a support structure that closely resembles the "slap bracelets" children of the nineties will likely recall
Research and Development
DOE Seeks Your Ideas for Better Grid and Smart Grid Security (Smart Grid Security) Thanks for to my colleagues JSK and SG for initially sending this my way and given the news lately, how timely it is! A new Department of Energy (DOE) funded project seeks: …applications to conduct research, development and demonstrations leading to next generation tools and technologies that will become widely adopted to enhance and accelerate deployment of cybersecurity capabilities for the U. S energy infrastructure, including cyber secure integration of smart grid technologies
Coursera Adds 29 Schools, 90 Courses And 4 New Languages To Its Online Learning Platform (TechCrunch) It's almost as if there's an arms race in online education. Which MOOC platform can expand the fastest? Place your bets now. On the heels of edX's announcement that it will be expanding internationally with the addition of six new schools (bringing its total to 12), Coursera is doing some addition of its own. Today, the massive online course platform announced that 29
US students get cracking on Chinese malware code (ComputerWorld) Students at Mississippi State University will analyze samples used in a wide-ranging, seven-year hacking campaign. Wesley McGrew, a research assistant at Mississippi State University, may be among the few people thrilled with the latest grim report into a years-long hacking campaign against dozens of U.S. companies and organizations
Legislation, Policy, and Regulation
EU Parliament makes more than 900 changes to data privacy law (CSO) The European Parliament's industry committee has approved more than 900 amendments to proposed new data protection laws. Civil liberties groups and consumer organizations were quick to accuse members of the Parliament (MEPs) of caving in to pressure from big business and the U.S."The Conservative and Liberal parties in the Parliament have voted against the interests of European consumers, who expect MEPs to ensure existing E.U. data protection standards are not diluted," said Monique Goyens, director general of the European consumer organization
Trade secret protection strategy emphasizes real-world measures over cyber response (FierceGovernmentIT) The White House released Wednesday a multi-pronged strategy to combat theft of U.S. trade secrets, but cautioned against treating the problem as one solely of cybersecurity. "These are understandably related issues, but separate," said White House spokesman Jay Carney shortly before the formal unveiling of the strategy
Former CIA Director: Cyber Attack Game-Changers Comparable to Hiroshima (US News) Michael Hayden says economic sanctions are only protection from online threats. Economic action against China is one of the only ways the United States can quell the growing rate of state-sponsored cyber attacks, America's former top spy says, adding that the private sector is largely alone in planning in planning its own defenses
Countering cyber threats (Los Angeles Times) Congress must provide the motivation for enhanced computer security that the market has not.In what has become a depressingly familiar ritual, computer security experts revealed this week that hackers with apparent ties to a foreign government -- in this case, the Chinese military -- had "systematically stolen hundreds of terabytes of data from at least 141 organizations" since 2006
White House Launches Effort To Deter Theft Of Trade Secrets (Washington Post) The Obama administration warned Wednesday that it will launch new efforts to persuade China and other countries to halt the theft of billions of dollars' worth of U.S. trade secrets
Canada expected to toughen stance on hacking (Ottawa Citizen) As the U.S. signalled Wednesday it will "take the gloves off" on international hacking, attention in Canada turned to the question of when the federal government will ditch its own woolly mittens
GAO: National strategy needed to counter increasing cyber threats (FierceGovernmentIT) Facing growing cyber threats to the nation's computer systems and critical infrastructure, federal agencies need a comprehensive national strategy that better defines roles, responsibilities and can be more effectively implemented, says a Feb. 14 Government Accountability Office report
Litigation, Investigation, and Law Enforcement
Aaron Swartz files reveal how FBI tracked internet activist (Cyberwarzone) Firedoglake blogger Daniel Wright publishes once-classified FBI documents that show extent of agency's investigation into Swartz Aaron Swartz. The FBI also collected information from his Facebook and Linkedin profiles. Photograph: Noah Berger/ReutersA blogger has published once-classified FBI files that show how the agency tracked and collected information on internet activist Aaron Swartz
House Committee: Chinese hackers continue to steal U.S. intellectual property (FierceGovernmentIT) China's economic cyber espionage is growing exponentially in volume as is the damage it does to America's economic future, according to a Feb. 14 House Select Intelligence Committee hearing on cyber threats to the United States
For a complete running list of events, please visit the Event Tracker.
#BSidesBOS (Cambridge, Massachusetts, USA, Feb 23, 2013) Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of space and time. It creates opportunities for individuals to both present and participate in an intimate atmosphere that encourages collaboration. It is an intense event with discussions, demos, and interaction from participants. It is where conversations for the next-big-thing are happening..
RSA USA 2013 (San Francisco, California, USA, Feb 25 - Mar 1, 2013) RSA Conference continually evolves program offerings to meet the ever-changing needs of our delegates in the dynamic infosec industry.
Nullcon Goa 2013 (Bogmallo Beach Resort, Goa, India, Feb 26 - Mar 2, 2013) An international information security conference that will feature speakers and training. Topics include security and politics, vulnerability elimination, Android hacking, SCADA and smart grid penetration testing, and more.
NRO Winter Way Forward Conference (Chantilly, Virginia, USA, Feb 28, 2013) This annual event will provide an increased awareness, understanding and support among the IT workforce by focusing on the NRO IT Way-Forward in terms of the NRO IT Sub-Portfolio Roadmaps. Exhibitors will gain valuable networking time with conference attendees and all NRO personnel.
TechMentor Orlando 2013 (Orland, Florida, USA, Mar 4 - 8, 2013) Celebrating 15 years of educational events for the IT community, TechMentor is returning to Orlando, Florida, March 4-8, for 5 days of information-packed sessions and workshops. Surrounded by your fellow IT professionals, you will receive immediately usable education that will keep you relevant in the workforce. TechMentor track topics include:Windows PowerShell and AutomationCisco and Networking Infrastructure Windows Server Management Windows Client Management Cloud and Virtualization Identity, Access Management and Security Performance Tuning and Troubleshooting Mobility and BYOD Messaging and Collaboration.
Business Insurance Risk Management Summit (New York City, New York, USA, Mar 5 - 6, 2013) The annual Risk Management Summit, now in it its fourth year, provides attendees with focused insight via specific, timely general sessions and strategic, thought-provoking discussions with peers and industry leaders.
CanSecWest 2013 (Vancouver, British Columbia, Canada, Mar 6 - 8, 2013) CanSecWest, the world's most advanced conference focusing on applied digital security, is about bringing the industry luminaries together in a relaxed environment which promotes collaboration and social networking. The conference lasts for three days and features a single track of thought provoking presentations, each prepared by an experienced professional and talented educator who is at the cutting edge of his or her field. We give preference to new and innovative material, highlighting important, emergent technologies, techniques, or best industry practices. It will feature a bigger, enhanced Pwn2own.
e-Crime Congress 2013 (London, England, Mar 12 - 13, 2013) The e-Crime Congress is designed to meet the needs of key stakeholders and decision makers who are responsible for designing and coordinating information security and risk management strategy, safeguarding digital assets and sensitive information, protecting customers, defending against internal or external threats and responding to incidents.
CTIN Digital Forensics Conference (Seattle, Washington, USA, Mar 13 - 15, 2013) Speakers include experts and published authors in the field of digital forensics and cybersecurity. Topics include; Mobile Device Forensics, Internet Forensics, Physical Memory Analysis, Open Source Tools, Data Carving, Registry Forensics, Placing the Suspect Behind the Keyboard, Triage and Live Forensics CDs, and more.
IT Security Entrepreneurs' Forum (ITSEF 2013) (Palo Alto, California, USA, Mar 19 - 20, 2013) Supported by the U.S. Department of Homeland Security, Office of Science and Technology, ITSEF 2013 aims to connect the ecosystem of the entrepreneur: industry, government, and academia. The conference will advance innovation, lead change and build trusted global collaboration models between the public and private sectors to defeat Cybersecurity threats.
The Future of Cyber Security 2013 (London, England, UK, Mar 21, 2013) Cyber Security and the Citizen 2013 is a one-day conference and exhibition for senior decision-makers of central and local government organisations, NGOs and major private sector enterprises.
SANS Cyber Threat Intelligence Summit (Washington, DC, USA, Mar 22, 2013) Conventional network defense tools such as intrusion detection systems and anti-virus focus on the vulnerability component of risk, and traditional incident response methodology presupposes a successful intrusio…Network defense techniques which leverage knowledge about these adversaries - known as cyber threat intelligence - can enable defenders to establish a state of information superiority which decreases the adversary's likelihood of success with each subsequent intrusion attempt…The goal of this summit will be to equip attendees with knowledge on the tools, methodologies and processes they need to move forward with cyber threat intelligence. The SANS What Works in Cyber Threat Intelligence Summit will bring attendees who are eager to hear this information and learn about tools, techniques, and solutions that can help address these needs.
AFCEA Belvoir Industry Days 2013 (National Harbor, Maryland, USA, Apr 2 - 3, 2013) The purpose of this event is to inform the IT community about the recent successes and the forward-thinking opportunities that the Department of Defense and the Department of the Army have developed.
CSO40 (Braselton, Georgia, USA, Apr 2 - 3, 2013) The CSO40 Security Confab + Awards will honor and share the critical viewpoints of today's leading CSOs, CISOs and security executives at the nation's leading CSO thought leadership conference.
Cloud Connect Silicon Valley (Santa Clara, California, USA, Apr 2 - 5, 2013) Cloud Connect returns to Silicon Valley, April 2-5, 2013, for four days of lectures, panels, tutorials and roundtable discussions on a comprehensive selection of cloud topics taught by leading industry experts.
An Evening in Cyberspace: Supporting Tomorrow's Cybersecurity Leaders (National Harbor, Maryland, USA, Apr 6, 2013) UMUC is pleased to present An Evening in Cyberspace: Supporting Tomorrow's Cybersecurity Leaders. Join us for this special black-tie event to support the next generation of cybersecurity students. The evening will feature a reception, dinner, keynote and entertainment.
Cyber 1.3 (, Jan 1, 1970) Maj. Gen. Suzanne Vautrinot, USAF, commander, 24th Air Force, and commander, Air Force Network Operations, will discuss the global strategic implications that relate to the cyber domain at the Space Foundation national conference Cyber 1.3, to be held Monday, April 8th, at The Broadmoor Hotel in Colorado Springs, Colorado. Cyber 1.3 is a full-day conference that takes place immediately before the official opening of the 29th National Space Symposium. The conference includes a networking breakfast, a luncheon and concludes with a networking reception, co-sponsored by General Dynamics Advanced Information Systems. Government Executive Media Group is a Cyber 1.3 media co-sponsor.
HITBSecConf2013 (Amsterdam, the Netherlands, Apr 8 - 11, 2013) HITB2013AMS will feature cutting edge attack and defense research including the a presentation on the inner workings of the iOS 6.1 Evasi0n jailbreak presented by members of the world famous Evad3rs Team, a brand new kernel level exploit affecting _all versions_ of Microsoft Windows up till Windows 8 and even a presentation on remotely hacking airplanes.
INFILTRATE 2013 (Miami, Florida, USA, Apr 11 - 12, 2013) INFILTRATE is a deep technical conference that focuses entirely on offensive security issues. Researchers focused on the latest technical issues will demonstrate techniques that you cannot find elsewhere.
Information Tech Expo Series - Hawaii (Oahu, Hawaii, USA, Apr 12 - 19, 2013) This 6-series showcase will feature stops at 5 DoD locations and 1 Intel Center on the island of Oahu. Celebrating 20 years of these expos is a true testament to the government and military's readiness to learn from and work with industry partners. .
InfoSec World Conference & Expo 2013 (Orlando, Florida, USA, Apr 15 - 17, 2013) With the primary objective of providing top-notch education to all levels of information security and IT auditing professionals, InfoSec World delivers practical sessions that give you the tools to strengthen your security without restricting your business.
Infosec Southwest 2013 (Austin, Texas, USA, Apr 19 - 21, 2013) InfoSec Southwest is intended to be a general security and hacking conference with no specific industry or topical focus. As such, nearly all topics (other than vendor pitches) are fair game and the attending audience is expected to span all demographics.
23rd Annual Government Procurement Conference (Washington, DC, USA, Apr 25, 2013) This unique one-day event attracts more than 3,000 participants representing government agencies, prime contractors and small businesses from around the country. Participating companies are able to network with procurement officials from federal, state and local government agencies under one roof.
Interop Las Vegas (Las Vegas, Nevada, USA, May 6 - 10, 2013) Attend Interop Las Vegas, May 6-10, and attend the most thorough training on Apple deployment at the NEW Mac & iOS IT Conference. Join us in Las Vegas for access to 125+ workshops and conference classes, 350+ exhibiting companies and the latest technology.
Consumerization of IT in the Enterprise Conference and Expo (San Francisco, California, USA, Jun 2 - 4, 2013) From smartphones to mobile apps, social software and 4G networks, the wave of innovation in the consumer space is transforming the way companies do business, both inside and outside of the enterprise. Over two and a half action packed days, CITE 2013 will bring together IT and business executives, venture capitalists and other practitioners to showcase leading efforts and teach others how to make the most of this transformation.
25th Annual FIRST Conference (Bangkok, Thailand, Jun 16 - 21, 2013) The annual FIRST conference provides a setting for conference participants to attend a wide range of presentations delivered by leading experts in both the CSIRT field and from the global security community.
SECRYPT 2013 (Reykjavik, Iceland, Jul 29 - 31, 2013) The 10th International Conference on Security and Cryptography (SECRYPT 2013) will take place from 29 to 31 July 2013 in Reykjavik, Iceland…The conference will focus on information systems and network security, including applications within the scope of knowledge society in general and information systems development in particular, especially in the context of e-business, internet and global enterprises. It will bring together researchers, mathematicians, engineers and practitioners interested in security aspects related to information and communication.