The CyberWire Daily Briefing for 3.14.2013
Cyber attacks strike government sites in Israel, the Philippines, and the US. Among the US sites hit is NIST's National Vulnerability Database. "The Tunisian Cyber Army," a self-proclaimed al Qaida affiliate, boasts it's breached a large number of other US Government sites "with Chinese hacker help," but this big claim awaits confirmation. South Korea goes on high cyber alert as the North escalates peninsular tensions.
FinFisher lawful intercept tools track activists in Vietnam and Ethiopia. Avast finds mobile drive-by malware. Another Facebook authentication vulnerability is discovered. Skycure finds a vulnerability in iOS mobileconfig files. This week's Hotmail outage is traced to a failed firmware update.
Quartz puzzles over life as a Chinese government hacker and concludes that the PLA is more Dunder Mifflin than Her Majesty's Secret Service: the pay and hours are lousy and the boss is clueless. Security firms like Trend Micro and agencies like Britain's Home Office say the Russian mob is scarier than the PLA, and sector reports second the Home Office's warnings.
Kaspersky patches a firewall vulnerability.
In industry news, the American Gas Association mulls protection of natural gas infrastructure from cyber attack. Site Selection calls corporate attention to Maryland's cyber workforce opportunities.
A Japanese researcher offers VPN Gate to users wishing to escape censorship regimes like Iran's "halal Internet."
Congratulations to MIT's Shafi Goldwasser and Silvio Micali, who've won this year's Turing Award.
The US Government moves toward closer cyber cooperation with industry (but NSA's General Alexander suggests securing banks isn't a Government mission).
Today's issue includes events affecting China, Czech Republic, Ethiopia, Germany, India, Israel, Republic of Korea, People's Democratic Republic of Korea, New Zealand, Philippines, Romania, Russia, Thailand, Tunisia, Turkey, United Kingdom, United States, and and Vietnam..
Cyber Attacks, Threats, and Vulnerabilities
Israeli Government Websites Targeted in Watering Hole Attack (Threatpost) A new watering hole attack has been reported, this one targeting two government-related websites based in Israel that have been injected with malware exploiting a six-month-old vulnerability in Internet Explorer
South Korea Prepares for Potential Cyberattacks Launched by North Korea (Softpedia) Following the nuclear tests performed by North Korea and the threats made against South Korea for conducting military drills with the US, Seoul is keeping a close eye on its cyberspace in search for potential attacks. According to The Korea Times, South Korea has instated a level four alert (five is the most serious) and its closely monitoring state telecommunications networks. The Korea Communications Commission has revealed that international cooperation channels have been activated and all government systems have been inspected
PNoy website password cracked in 3 days: hacker (ABS CBN News) Local hackers took only 3 days to crack the encrypted password of the official website of the Office of the President, a member of Anonymous Philippines revealed Thursday. Local netizen #pR. is0n3r said members of Anonymous Philippines were able to detect a vulnerability in the President's website, which allowed them to get more technical information on the site including a username
NIST National Vulnerability Database Down, Malware Identified on Two Web Servers (Softpedia) The National Vulnerability Database (NVD) and several other websites operated by the National Institute of Standards and Technology (NIST) have been inaccessible for the past few days. It turns out that NIST's systems have been hacked. More precisely, the sites have been taken down after malware was identified on a couple of web servers
Alleged Al-Qaeda Group Claims To Have Penetrated Some U.S. Government Websites (Weasel Zippers) A group going by the name of the Tunisian Cyber Army, claims that they, in coordination with the Al-Qaida Electronic Army (AQEA), have hacked four U.S. government sites within the last few days. The sites allegedly hit included the U.S. State Department, the Army National Guard, the U.S. Customs and Border Protection (cbp. gov) and Office of Personnel Management
FinFisher spyware seen targeting victims in Vietnam, Ethiopia (CSO) New research finds the surveillance spyware is spreading but may be used to spy on activists. New research suggests a controversial spyware suite called FinFisher is being used to track activists in more countries than previously thought, including Vietnam and Ethiopia
Mobile Drive-By Malware example (Avast) Several days ago we received a complaint about javascrpt.ru. After a bit of research, we found that it tries to mimic ajax.google.com and jquery, but the code is an obfuscated/packed redirector. After removing two layers of obfuscation, we found a list of conditions checking visitors' user Agent. From these conditions we got a clue and focused on mobile devices
Expert Finds Way to Retrieve Facebook Authentication Token and Hack Any Account (Softpedia) Security researcher Nir Goldshlager has identified yet another Facebook OAuth vulnerability that can be exploited to hack any account. In the attack method he presented back in February, the expert used the app_id of the Facebook Messenger to gain full access to accounts. The social media company has addressed the issue by using regex protection, but Goldshlager has discovered another method to exploit the Facebook Messenger app_id
iPhone, iPad Configuration Files Security Hole Shown (InformationWeek) Mobile configuration files used by carriers could be repurposed to steal data and remotely control an iPhone or iPad, security firm warns. That warning comes via Israeli mobile security startup Skycure, which Tuesday published a proof-of-concept research on the company's blog, showing how iOS mobileconfig files, which are designed to configure devices to work with a carrier's cellular network, could be used instead to remotely control an iPhone or iPad and steal data
Failed Firmware Update Caused The 16-Hour Outlook, Hotmail Outage (TechCrunch) A routine sever firmware update resulted in an anything but routine outage for Microsoft's Outlook and Hotmail. On March 12, Outlook.com and Hotmail were unavailable to some users, and as Microsoft details in a blog post, a firmware update caused servers to overheat and go offline for 16 hours. Apparently similar firmware updates had been successfully deployed in the past but something went
Diary of a Chinese military hacker: More like 'The Office' than James Bond (Quartz) This great profile of a one-time Chinese military hacker in the Los Angeles Times makes one thing clear about China's military cyber hacking unit: It ain't exactly Mission: Impossible. Here's a rundown of the soul-crushing tedium--based in part on a blog written by a hacker named Wang--that any cubicle-dwelling worker drone would recognize
Tough talk with China over hacking, says Obama (FierceGovernmentIT) President Obama said the United States has engaged in "tough talk" over state-sponsored hacking with China and other countries but cautioned against portraying cyber espionage as war. "We've made it very clear to China and some other state actors that, you know, we expect them to follow international norms and abide by international rules," he told ABC News in an interview that aired March 13
U.S. Welcomes China Willingness To Discuss Cyber Threats (Reuters.com) The White House on Wednesday welcomed China's willingness to hold talks with Washington about cyber security threats, amid growing U.S. concerns about hacking attacks emanating from China
The Great Cyberscare (Foreign Policy) Why the Pentagon is razzmatazzing you about those big bad Chinese hackers. The White House likes a bit of threat. In his State of the Union address, Barack Obama wanted to nudge Congress yet again into passing meaningful legislation. The president emphasized that America's enemies are "seeking the ability to sabotage our power grid, our financial institutions, and our air traffic control systems." After two failed attempts to pass a cybersecurity act in the past two years, he added swiftly: "We cannot look back years from now and wonder why we did nothing in the face of real threats to our security and our economy." Fair enough. A bit of threat to prompt needed action is one thing. Fear-mongering is something else: counterproductive. Yet too many a participant in the cybersecurity debate reckons that puffery pays off
Top Credit Agencies Admit Celebrities' Data Stolen (Threatpost) The top credit bureaus have admitted someone accessed prominent Americans' private data by filling out bogus requests via a Web site used by millions of consumers to access free annual credit reports
Credit Reports Sold for Cheap in the Underweb (KrebsonSecurity) Following the online publication of Social Security numbers and other sensitive data on high-profile Americans, the three major credit reporting bureaus say theyve uncovered cases where hackers gained access to users information, Bloomberg reports. The disclosure, while probably discomforting for many, offers but a glimpse of the sensitive data available to denizens of the cybercrime underworld, which hosts several storefronts that sell cheap, illegal access to consumer credit reports. The acknowledgement by Experian, Equifax and Trans Union comes hours after hackers posted online Social Security numbers and other sensitive data on FBI Director Robert Muller, First Lady Michelle Obama, Paris Hilton and others
Wealth of data online likely made posting celebrity credit reports easy (CSO) Privacy experts say following hack that a savvy person could easily find enough data to obtain a credit report from Annualcreditreport.com. Given the wealth of personal information available online, it is not surprising that cybercriminals were able to gather enough data to obtain credit reports on a number of celebrities ranging from Michelle Obama to singers Beyonce and Jay-Z, experts say
Crimeware - Difference Engine: Hackers' paradise (The Economist) Chinese hackers may get all the notoriety, but their cyber-security exploits against American targets are not the only ones. Huge damage is also being done by organised crime. This past week, a large metropolitan utility in the United States announced it had suffered a massive distributed denial of service (DDoS) attack, knocking out its automated online- and telephone-payment systems and forcing 155,000 customers to pay their bills in person over the ensuing 48 hours
Cyber-attack in the Czech Republic - Thieves in the night (The Economist) A mysterious wave of cyber-attacks in the Czech Republicthe most extensive in the country's historyon March 11th briefly disabled the web site for Unicredit, a bank. Other targets have included media, banks, mobile phone operators, the stock exchange and even the Czech National Bank. All but the Unicredit attack were so-called DDoS (distributed denial of service) attacks
Trend Micro chief warns Russian cyber mobsters pose bigger threat than Chinese snoops (V3) Trend Micro chief technology officer Raimund Genes has warned that businesses' concern about state-sponsored attacks is blinding them to the larger threat posed by Russian cyber crooks. Genes told V3 that the tit-for-tat accusations between nations about who hacked who is hampering security vendors' ability to help combat cyber crime
Criminals can buy cyber hacking kits (The Sun) Criminals are buying off the shelf software to hack into Brits computers and bank accounts, the Home Office reveals today. Expert cyber crooks sell the programs to ordinary villains who then find it easier than ever to bypass online security measures. Security Minister James Brokenshire will warn of the new black market today
Security Patches, Mitigations, and Software Updates
IPv6 Focus Month: Kaspersky Firewall IPv6 Vulnerability (Internet Storm Center) Kasperksy today released an update to its personal firewall product for Windows. The patched vulnerability fits very nicely into our current focus on IPv6. A packet with a large "Destination Header" caused the firewall to crash and drop all traffic. IPv6 uses a very minimal IP header. Instead of providing space for options or fragmentation fields, many of these features are now fulfilled by extension headers. As a rule of thumb, most of your packets passing a firewall will not use extension headers. But extension headers do pose a challenge to firewalls
Microsoft beefs up app security, while Android users continue to be exposed (FierceMobileIT) Microsoft (NASDAQ: MSFT) is beefing up the security updating process for apps on its Windows Store, the app marketplace for tablets and computers running Windows 8 and Windows RT. "Our goal is to have a quick, transparent and painless security update process. With this in mind, we will deliver high quality security updates for Windows Store apps as they become available," wrote Mike Reavy, senior director of Microsoft's Security Response Team
Microsoft's latest patches squash potential USB hijack (CSO) Microsoft's Patch Tuesday fixes four sets of critical vulnerabilities, including many found in Internet Explorer. As part of its monthly issue of software patches, Microsoft has fixed a Windows vulnerability that would have allowed someone to subvert a computer's security using only a USB thumb drive and some attack code
Adobe patches Flash, but doesn't get around to Pwn2Own bug (CSO) Fifth update this year for the popular media player, but this one was on the calendar
Cybercriminals target retail industry (Inside Retail Asia) Through its report "2013 Trustwave Global Security Report", Trustwave disclosed that cyber attacks on retailers have increased 45 per cent while e-commerce
Malware: Emerging Trends (GovInfoSecurity) Expert: Social Networks Targeted for Drive-By Exploits. Malware was spread in unique ways in 2012, particularly through drive-by exploits. In 2013, organizations can expect more exploits targeting social networks, says Adam Kujawa of anti-malware vendor Malwarebytes
Defeating Cyber Threats Requires a Wider Net (Data Center Knowledge) As more organizations and users utilize the Internet, there will be more data, more management needs, and a lot of worries around security. The big push around cloud and the modern cloud-ready data center really revolves around IT consumerization and newly available resources. Just like any infrastructure, the bigger and more popular it gets - the bigger the target
99 Percent Of Tested Applications Are Vulnerable To Attacks (Dark Reading) Cenzic Trends Report for 2012 also includes a study of mobile security threats. Cenzic Inc., the leading provider of application security intelligence to reduce security risks, today released the Cenzic Trends Report for 2012. The report demonstrates that the overwhelming presence of web application vulnerabilities remains a constant problem, with an astounding 99% of applications tested revealing security risks, while additionally shedding light on pressing vulnerabilities within mobile application security
Latest Wisegate Research Reveals CSOs Must Adopt New Risk Management Trends (Dark Reading) Report shows senior management and C-level executives need to think about risk strategically
Who pays the bill for a cyber war? (Marketplace) The growing threat of cyber attacks has put business on the front lines of national security. Today, President Obama met CEOs of American defense and technology companies -- in the Situation Room, no less -- to discuss how companies and the government can work together to bolster digital defense. The meeting followed warnings from intelligence, defense and counter-terrorism officials that cyber security could pose as big a threat as terrorism
Check Point 2013 Security Report Released (CheckPoint) Based on research of nearly 900 companies and 120,000 hours of monitored traffic, the 2013 Check Point Security Report reveals major security risks organizations are exposed to on a daily basis. Most importantly, the report provides security recommendations on how to protect against these threats
GreenSQL February Survey Finds that Complexity is the Number One Obstacle in Implementing Database Security (GreenSQL) GreenSQLs February survey of IT professionals worldwide concluded that 31. 4% of security professionals believe that database security implementation is too complex, making it their number one obstacle. Almost 20 percent think that lack of dedicated personnel or special expertise is yet another hurdle in putting database security in place
Mandiant Releases Annual Threat Report on Advanced Targeted Attacks (Fort Mill Times) M-Trends 2013 details evolving trends, case studies and best practices from Mandiant's experiences combating targeted attacks over the last year
Don't Fear Cyber Crime: Profit From It (Seeking Alpha) Cybercrime is back on center stage and will continue to occupy the nation's attention for the foreseeable future. Pentagon generals, the country's top spies, and the White House were quoted yesterday (Wednesday) as telling a Senate hearing and the country that "the nation is vulnerable to cyberespionage, cybercrime and outright destruction of computer networks, both from sophisticated government-sponsored assault as well as criminal hacker groups and cyberterrorists
U.S. Budget Deal In Doubt; Obama's Trip To Hill Reveals Split (New York Times) President Obamas meeting with a restive and resistant House Republican majority on Wednesday underscored their deep divisions over fiscal policy as both sides acknowledged that an overarching budget compromise was in doubt despite a new push by the White House
Senate Democrats' Budget Would Halve $500B DoD Sequestration Cuts (Defense News) A U.S. Senate Democratic budget blueprint would get rid of about half the Pentagon budget cuts mandated under sequestration, but congressional Republicans have bristled at the way it would do so
Natural gas utilities: Protecting infrastructure from emerging threats (American Gas Association) While the U.S. House and Senate hold hearings on cybersecurity, the American Gas Association (AGA) Cybersecurity Strategy Task Force (CSTF) met in Albuquerque, NM continuing its work to help minimize cyber vulnerabilities or potential cyber-related disruptions of the safe and reliable delivery of natural gas to customers. Americas natural gas utilities are actively protecting the more than 2. 4 million miles of pipelines that carry this clean energy source to homes and business throughout the United States, said Dave McCurdy, President and CEO of AGA
General Dynamics Building DHS Cyber Protection Tools (GovConWire) General Dynamics (NYSE: GD) has won 12-month task order from the U.S. Department of Homeland Security to build and deploy cybersecurity for defending federal civilian networks from intrusion
focusIT Chooses Security-as-a-Service for AWS by Bitdefender (MarketWire) Bitdefender Enterprise, a provider of innovative security solutions, today announced that focusIT, a specialist in software-as-a-service (SaaS) solutions for the mortgage, financial services and professional services industries, has chosen Security-as-a-Service for AWS by Bitdefender
Security Firm Endgame Lands $23 Million from Paladin Capital (All Things Digital) Today it seems like there are so many cyber attacks taking place that there's no…Today one new firm, Endgame Systems, announced that it has landed a $23 million
Randy Fuerst Promoted, Jeff Harman Named Defense Lead At Oceus (GovConWire) Randy Fuerst, chief operating officer at Oceus Networks, has been promoted to president and will continue as COO at the Reston, VaDepartment of Veterans Affairs.-based broadband networking firm. Jeff Harman, a former senior vice president and operating group manager for CACI International (NYSE: CACI), has joined the company as SVP and general manager
Cyber Security Challenge 'is not only about recruiting talent', claims CEO (Computing) The Cyber Security Challenge (CSC) is not only about recruiting talent, but is aimed at raising awareness and widening the IT security talent pool, according to the competition's CEO, Stephanie Daman. Daman was responding to Computing's coverage of the challenge yesterday, which questioned whether the competition was a worthy programme or a waste of time after its latest winner, 28-year-old Stephen Miller (pictured), said he had no plans to switch from his current role at GlaxoSmithKline (GSK) to a cyber security position
Intelligence [squared] (Site Selection) Maryland's infrastructure of educated people, data pipelines and cyber-expertise translates into brain-powered projects. [Note--when the digital issue opens, view it "from the last page viewed."
Products, Services, and Solutions
Metasploit supports Kali Linux free security auditing toolkit (Help Net Security) Rapid7 is working with Offensive Security to provide official Metasploit support for Kali Linux, the enterprise-ready evolution of BackTrack Linux
Raytheon releases SureView 6.7 to help federal agencies comply with insider threat detection standards (Sacramento Bee) Presidential memorandum outlines new national policy and minimum standards for insider threat programs. Raytheon (NYSE: RTN) today announced the release of SureView Version 6.7 to aid federal agencies in complying with President Barack Obama's memorandum in November aimed at implementing an insider threat detection program to address national security threats while protecting privacy rights
OneBeacon Announces Details Of New Network Security And Privacy Liability Policy (Dark Reading) Policy includes certain data breach services from Equifax if a covered breach event occurs. OneBeacon Professional Insurance (OBPI), a member of OneBeacon Insurance Group, Ltd. (NYSE: OB), today announced details of its Network Security and Privacy Liability Policy, which include certain data breach services from Equifax if a covered breach event occurs. Equifax, a global leader in consumer, commercial and workforce information solutions, has developed an industry standard for breach services via their turnkey program
Adblock Plus Releases New Chrome Version That Catches Pop-Up Ads (Dark Reading) Adblock Plus, the #1 most downloaded browser add-on in the world, today announced an update of its add-on for Chrome which blocks a new variant of stealthy pop-up advertisements that sneak past most existing blockers
Users flock to Japan student's firewall-busting thesis project (IT World) 'VPN Gate,' designed by PhD student Daiyuu Nobori to circumvent government firewalls, has drawn 77,000 users in less than a week. If you're not sure about the purpose behind Daiyuu Nobori's online thesis project, perhaps the large picture of the collapse of the Berlin Wall will help. Nobori created VPN Gate to help individuals in countries that restrict Internet use to beat government firewalls. The service encourages members of the public to set up VPN (virtual private network) servers and offer free connections to individual users, aiming to make the technology more accessible
Google yanks ad-blocker apps from Google Play (CNet) Users in search of ad-blocking apps on Google Play won't have any luck as of today. Google has reportedly launched a campaign to remove apps that interfere with advertising from its app store. Several app developers for apps such as AdBlock, AdAway, and AdFree received notices from Google today saying that their apps had been taken down, according to Phandroid
Bromium launches security-through-virtualisation tech in the UK - Xen dads' spookware uses VM swarms to isolate foulness (The Register) Bromium has arrived as a sales force in the UK market with its strategy for making desktop computers secure using virtualisation technology. The firm, which already employs a R&D/engineering team in Cambridge, has now added sales and support operations for the UK and wider European market. It's also looking to recruit channel partners in a bid to ramp up sales
Google Glass: Banned in corporate America? (FiercMobileIT) Not only will Google Glass not join its Android cousins in flooding the enterprises, it will likely be banned from many workplaces over legal liabilities and security concerns
Technologies, Techniques, and Standards
Tips for removing data from mobile devices (Help Net Security) AVG released tips on how consumers can remove their personal data before they recycle or throw away their old smartphones. In an era of frequent and seamless device upgrades, it's easy to ditch a
Google's Chris Evans on Chrome, malware, and building a zero-day free browser (Geek) While some browsers fell fast at CanSecWest's hacking competition, Google's Chrome fared pretty well. In fact, it has yet to have a zero day exploit emerge in the wild during its four years on the market. No doubt this invincibility comes from the
Defending Local Admin Against Physical Attacks (Dark Reading) Physical access usually spells GAME OVER but protections can be put in place to help defend against local boot attacks. In my last blog entry, I wrote about some of the issues with having a shared password for the local Administrator account on Windows desktops. This is a common problem that we encounter during penetration tests, and one that often leads to easy lateral movement throughout the organization and privilege escalation up to a Domain Administrator account
Prevent Cross-Site Scripting in ASP.NET Web Apps (Dr. Dobbs) Cross-site scripting threats can be greatly minimized by proper encoding. On ASP.NET apps, the Microsoft AntiXSS Library is one of the easiest ways to do the encoding correctly. Cross-Site Scripting (XSS) is the most pervasive vulnerability present in Web applications today. That being said, it is possible to build Web apps that are impervious to XSS by arming yourself with an understanding of the threat and a basic toolbox of encoding functions
ICS-CERT, SCADA Patching Under The Microscope (Dark Reading) Existing process of vulnerability reporting, patching doesn't go far enough in improving the overall security of critical infrastructure systems, SCADA experts say
Constructive Security Training For Application Developers That Works (Dark Reading) Talk to developers in their language-code-and make security ramifications visibile so they have a reason to improve their habits. Don't believe the lie that developers don't care if their application code causes expensive vulnerabilities for their organizations. If the dev team is apathetic, chances are that the security team and IT leadership aren't giving them a reason or the means to care, application security pundits say
Tablet wars, IT security dominate at HIMSS13 (FierceHealthIT) While interoperability was one of the more dominant themes at the Healthcare Information and Management Systems Society's annual conference in New Orleans last week, it was far from the only topic of discussion…Data security also was a big theme at the conference. For example, officials from the U.S. Department of Health & Human Services Office for Civil Rights spoke in detail about the updates to both the HIPAA Privacy and Security Rules and the HITECH Breach Notification Rule, according to Health IT Security. The presentation, according to the article, sought to "hammer home" the point of getting healthcare organizations to boost data prevention efforts
Businesses prepare for cyberattacks, in secret (CSO) A group of NZ organisations have established voluntary standards to guard against digital attacks. A group of New Zealand organisations responsible for critical infrastructure have established voluntary standards for the security of such systems against digital attack. The New Zealand Cyber Security Voluntary Standards for Industrial Control Systems were devised with the support of the National Cyber Security Centre (NCSC). Their originators are keeping quiet about the detail of the standards and the identity of members of the group, because it might set them up as a target for attackers
Design and Innovation
Kleiner Perkins' Bing Gordon On How Entrepreneurs Can Keep Creativity Alive (TechCrunch) Bing Gordon has become known in recent years for his role as a partner at venerated Silicon Valley venture capital firm Kleiner Perkins Caufield and Byers, but anyone who knows him will tell you that he isn't your typical finance head. As someone whose career has spanned not just technology and VC but also gaming, literature, and entertainment, he has a very well-honed creative side
Hacked Russian Car that can be driven via #iPad [Video Included] (Hack Read) A group of Russian motorists from Tula Oblast have modified an old Opel Vectra into a remotely controlled automobile that can be driven through iPad. The modifiers call it James Bond Car, which recently passed its first test few days ago in snow filled area of Russian city of Tula Oblast. The video of test drive after modification can be watched below, showing how and what were the changes and addition that made the car one of its kind
Research and Development
Cryptography scientists win 2012 Turing Award (CNET) Two cryptography scientists from the Massachusetts Institute of Technology have won the 2012 Turing Award for pioneering ways to make online transactions secure, the Association for Computing Machinery announced today. Scientists Shafi Goldwasser
What you 'Like' in Facebook can come back to haunt you (CSO) Researchers find correlation between 'likes' and sexual preference, drug use and race. Be careful what you "like" on Facebook. It can tell people a lot more than you'd like them to know
Microsoft Kinect Learns to Read Hand Gestures, Minority Report-Style Interface Now Possible (IEEE Spectrum) Not only is the Microsoft Research Cambridge team finally releasing their 3D modeling API Kinect Fusion, they're bringing you gesture control--with mouse clicks and multi-touch, pinch-to-zoom interactions
Apple patent targets social network stalkers and spammers (CSO) U.S. Patent Office awards IP for data management in social networking context. The U.S. Patent and Trademark Office has awarded Apple a patent for a social network designed to fight stalking and spamming of its members.The patent governs a method for ensuring consistency in a "friend service database" -- also known as a social network. The integrity of records within the system would be maintained by comparing three databases -- one for people within the network, one for people outside the network and one used to resolve conflicts between the other two
Inside the Cyber Range: an Interactive Cyber Attack Exercise (Asia-Pacific Future Gov) FutureGov visits the new Cyber Wargame Centre at Singapore Polytechnic (SP) to observe how real-world cyber-warfare simulations are conducted and speaks to information security students and to the Course Manager for the Diploma in Infocomm Security Management, Liew Chin Chuan
Idaho State University's Corey Schou elected to board of (ISC)2, world's largest non-profit computer security certifying organization (ISU Headlines) Idaho State University's Corey Schou has been elected to the board of (ISC)2, the International Information Systems Security Certification Consortium, Inc., which is the largest not-for-profit global leader in educating and certifying information security professionals throughout their careers
Legislation, Policy, and Regulation
DDoS: Not Gov't's Role to Defend Banks (BankInfoSecurity.com) The U.S. military's Cyber Command commander, Army Gen. Keith Alexander, says it's vital that Congress enact a law giving the owners of the nation's critical infrastructure, especially Internet service providers, liability protection so they can share
Financial, energy sectors call for cyber information-sharing legislation (The Hill) House Intelligence Committee leaders Reps. Mike Rogers (R-Mich.) and Dutch Ruppersberger (D-Md.) introduced a bill that would, in part, provide liability protection to companies who share cyber threat data with the Department of Homeland Security and
Lawmakers: Tougher computer hacking laws may be needed (Computer World) The U.S. Congress may need to create stiffer penalties for criminal computer hacking to deter the growing number of attacks on U.S. government agencies and businesses, some lawmakers said Wednesday. Congress may revisit the Computer Fraud and Abuse Act (CFAA), the oft-amended law first passed in 1984, in an effort to counter widespread cyberattacks on U.S. computers, said Representative Jim Sensenbrenner, a Wisconsin Republican and chairman of the House of Representatives Judiciary Committee's crime subcommittee. Congress needs to respond to the recent reports of attacks from China and other countries, Sensenbrenner said during a subcommittee hearing
Obama Widens War On Hackers (Los Angeles Times) President Obama met with more than a dozen corporate chief executives to seek their support for stalled cyber-security legislation amid increasing evidence that government agencies, businesses and individuals are vulnerable to computer network break-ins
Cybersecurity in Obama's Situation Room (Marktetplace) President Obama is meeting at the White House this morning with corporate CEO's to talk about cybersecurity. The CEO's and the administration will discuss sharing information about potential computer vulnerabliess and specific threats. "There are sensitivities both ways because some of the information the government has comes from intelligence sources and that needs to be protected," said Andrew Kaiser, who works with the National Cyber Security Alliance representing big names from the digital world, including Google and Facebook. "Going the other way, industry wants to be sure that when they give information to the government, that somehow won't come back to haunt them"
US Sharing Classified Information With Firms to Prevent Hack Attacks (CNBC) The U.S. intelligence community is using classified information to protect a wider range of companies than ever before thanks to a new effort by the Department of Homeland Security. Under the new initiative, dubbed "Enhanced Cybersecurity Services," or ECS, the Department of Homeland Security is releasing cyberthreat information developed by the super-secret National Security Agency, the FBI and others to participating American "Commercial Service Providers" in the telecommunications business. Those companies, which the government said include the telecom carriers AT&T and CenturyLink, are in turn eligible to use that classified information to develop and sell a package of higher security protection to qualified companies that the government deems to be part of the nation's critical infrastructure
US ready to give spy agencies full access to financial records (Finextra) The US government is drawing up plans that would give the country's spy agencies full access to a database containing details on all suspicious customer activity reported by banks, according to Reuters. Under US law, banks that operate in the US have to file reports on suspicious activity on accounts, such as large money transfers to the Treasury's Financial Crimes Enforcement Network (FinCEN). The FBI already has full access to the database to help it fight things such as money laundering, organised crime and terrorist financing
Litigation, Investigation, and Law Enforcement
Little sympathy for merchants in disputes over PCI violations (CSO) Genesco files $13M suit, arguing penalties from banks processing credit-card payments occuring without evidence card data has been stolen. Retailers facing hefty penalties from banks for violations of credit-card security standards get little sympathy from experts, who say merchants are often lax when it comes to security
Aaron Swartz's lawyer accuses prosecutor of misconduct (Ars Technica) The lawyer who represented Aaron Swartz in his fight against computer fraud charges, has filed an official complaint against Stephen Heymann, the DOJ prosecutor who went after Swartz
Kim Dotcom: I Will Never be in a U.S. Prison (TorrentFreak) Kim Dotcom made a virtual appearance in the U.S. yesterday, at the SXSW festival in Austin. The Megaupload founder talked about the ongoing legal battle with the Government and is confident that he wont end up in jail. The flamboyant Internet entrepreneur further criticized a recent study which suggested that Megauploads shutdown positively impacted digital movie sales
PA health system reports 144-patient data, identity theft (Health IT Security) In what's turned out to be a multi-layered case, 144 patients of Community Hospital in Chester and Crozer-Chester Medical Center in Upland, PA had their names, dates of birth and Social Security numbers stolen in an IRS tax fraud sting from January 2008 to September 2011. Rafael Henriquez Polanco, 30, and wife, Yanira Lopez, 27, according to delcotimes. com, allegedly filed fraudulent tax returns with fake W2 forms
Indian Authorities Order Probe into Defense Organization Hack (Softpedia) India's Defence Ministry has ordered intelligence agencies to launch an investigation into a possible data breach that affected the computer systems of the Defence Research and Development Organisation (DRDO). According to DNA India, at the beginning of March, representatives of the National Technical Research Organisation (NTRO) in collaboration with experts from private security firms identified a malicious file in the hacked email accounts of senior DRDO officials. The malware spread throughout the organizations networks and started stealing sensitive files, including ones related to the cabinet committee on security, radar programs, and surface-to-air missile programs
For a complete running list of events, please visit the Event Tracker.
Infosecurity Europe (London, England, UK, Apr 23 - 25, 2013) Europe's number one Information Security event. Featuring over 350 exhibitors, the most diverse range of new products and services, an unrivalled education programme and over 12,000 visitors from every segment of the industry, it's the most important date in the calendar for Information Security professionals across Europe.
INSA Leadership Dinner Featuring Betty Sapp, Director, NRO (Reston, Virginia, USA, Apr 25, 2013) - This leadership dinner will feature a keynote address from Betty Sapp, Director of the National Reconnaissance Office highlighting her focus on innovation at the NRO and for the Intelligence Community. Registration will open on Thursday, March 14 and will close Thursday, April 18.
7th Annual INSA IC Industry Day (Springfield, Virginia, USA, May 15, 2013) This annual event is held at the TS/SCI level in cooperation with ODNI as a comprehensive forum for IC leaders to relate their budget priorities to industry. The theme of this year's IC industry day is Intelligence Program Priorities in a Budget Constrained Environment and will feature keynote addresses from DNI James Clapper, Dr. Roger Mason, ODNI, and Letitia Long, Director, NGA. Registration opens Wednesday, March 27.
INSA Innovators' Showcase (Springfield, Virginia, USA, May 16, 2013) The INSA Innovators' Showcase is an opportunity for R&D focused companies to present innovative IRAD projects to a panel of government scientists selected by ODNI. Interested companies are asked to submit an unclassified abstract to INSA for consideration by Friday, March 29. While a select number of abstracts will be presented, all submitted abstracts will be compiled into a booklet and distributed to attending government scientists. Topics of interest are: Activity-Based Intelligence, Human Cognition & Judgment, Identity Intelligence, Location-Based Awareness, Mobile Security/Mobile Device Security, Novel High Performance Computing.
29th Annual INSA William Oliver Baker Award Dinner (Washington, DC, USA, Jun 7, 2013) his year's awardee is General Michael V. Hayden, former Director of the Central Intelligence Agency and the National Security Agency. Registration is now open and tables are available for purchase.
CTIN Digital Forensics Conference (Seattle, Washington, USA, Mar 13 - 15, 2013) Speakers include experts and published authors in the field of digital forensics and cybersecurity. Topics include; Mobile Device Forensics, Internet Forensics, Physical Memory Analysis, Open Source Tools, Data Carving, Registry Forensics, Placing the Suspect Behind the Keyboard, Triage and Live Forensics CDs, and more.
Google and University of Maryland Cybersecurity Seminar (College Park, Maryland, USA, Mar 14, 2013) Dr. Ari Juels, Chief Scientist of RSA, The Security Division of EMC, and Director of RSA Laboratories, will discuss "Aggregation and Distribution in Cloud Security." His talk will feature information on cloud computing and virtualization, a key supporting technology. Cloud computing offers flexibility and agility in the placement of resources. Certain risks, however, arise from cloud services' tendency to aggregate sensitive data and workloads. He will discuss side-channel attacks resulting from the co-location of disparate tenants' virtual machines (VMs) on hosts and the vulnerabilities posed by databases aggregating the authentication secrets, e.g., password hashes, of numerous users. Conversely, cloud computing offers new opportunities to distribute data. Dr. Juels will also describe a new, research-driven RSA product that splits sensitive data across systems or organizations, removing the single points of compromise that otherwise naturally arise in cloud services.
Department of Homeland Security 6th Annual Industry Day (Washington, DC, USA, Mar 18, 2013) The Department of Homeland Security (DHS) will be hosting its 6th Annual Industry Day to provide advanced acquisition planning information to industry. DHS Industry Day will consist of two sessions, the morning session will be procurement-centric with an emphasis on procurement issues, policies and programs. The afternoon session will be Chief Information Officer (CIO) IT-centric. Both sessions will provide acquisition information concerning specific program areas.
IT Security Entrepreneurs' Forum (ITSEF 2013) (Palo Alto, California, USA, Mar 19 - 20, 2013) Supported by the U.S. Department of Homeland Security, Office of Science and Technology, ITSEF 2013 aims to connect the ecosystem of the entrepreneur: industry, government, and academia. The conference will advance innovation, lead change and build trusted global collaboration models between the public and private sectors to defeat Cybersecurity threats.
The Future of Cyber Security 2013 (London, England, UK, Mar 21, 2013) Cyber Security and the Citizen 2013 is a one-day conference and exhibition for senior decision-makers of central and local government organisations, NGOs and major private sector enterprises.
SANS Cyber Threat Intelligence Summit (Washington, DC, USA, Mar 22, 2013) Conventional network defense tools such as intrusion detection systems and anti-virus focus on the vulnerability component of risk, and traditional incident response methodology presupposes a successful intrusio…Network defense techniques which leverage knowledge about these adversaries - known as cyber threat intelligence - can enable defenders to establish a state of information superiority which decreases the adversary's likelihood of success with each subsequent intrusion attempt…The goal of this summit will be to equip attendees with knowledge on the tools, methodologies and processes they need to move forward with cyber threat intelligence. The SANS What Works in Cyber Threat Intelligence Summit will bring attendees who are eager to hear this information and learn about tools, techniques, and solutions that can help address these needs.