The CyberWire Daily Briefing for 4.3.2013
Israeli authorities continue to prepare for Sunday's threatened "OpIsrael" attacks by Anonymous, and security experts offer security measures users can take themselves.
North Korea engages in more brinksmanship; the South prepares for cyber (and kinetic) war. US Forces Korea experienced a website outage whose cause remains undetermined (technical problems are as likely as cyber attack). And Anonymous resurfaces on the peninsula with denial-of-service attacks on North Korean networks—the hacktivist collective tells the Hermit Kingdom's inmates the "Anons are here to set you free." It's unclear whether this intervention will be helpful.
The denial-of-service attack on Spamhaus was as big as initially reported, but also less significant to the Internet as a whole than smaller targeted attacks. More lessons about DNS security are drawn from the incident.
Recently discovered malware adds mouse-click tracking to its obfuscation features.
Last week's renewed denial-of-service campaign on US banks by the Izz ad-Din al-Qassam Cyber Fighters appears to have been well funded. One apparent victim, however, JPMorgan Chase, in fact suffered a bug, not an attack.
China's Global Times responds to US anti-cyber espionage measures with a tu quoque—the Americans are worse than we are. Meanwhile, the Chinese government upgrades its malware arsenal for use against Tibetan activists.
Firefox issues an update to good Sophos security reviews: "no known vices."
The US FTC announces the winners of its anti-robocall challenge.
Australian, Canadian, and British media worry about the adequacy of their respective nations' cyber policies: do they go far enough for public safety?
Notes.
Today's issue includes events affecting Australia, China, Canada, Egypt, European Union, Iran, Israel, Republic of Korea, People's Democratic Republic of Korea, Malysia, NATO, Netherlands, United Kingdom, and United States..
Cyber Attacks, Threats, and Vulnerabilities
Hackers Threatening Organized Cyber Attack (The Jewish Press) Anti-Semitic hackers are threatening to "Erase Israel from the Internet" on Sunday, April 7 in an organized campaign to take down Israeli web sites. Israel is a favorite cyber target of hackers and anti-Semites worldwide, and Israel, for the most part
How To Protect Your Computers, Networks From Anonymous Israel Cyber Attack (Israel News Agency) Threats have been made against the people of Israel for thousands of years. The latest threat now
US Forces Korea website down for hours (Fox News) A senior Defense Department official told Fox News the military is not currently blaming a cyber attack for the failure, but that scenario has not been ruled out either. Pentagon spokesman George Little later said there are no indications at the moment
Anonymous Hits North Korea Via DDoS (InformationWeek) Hacktivists disrupt government and airline websites after North Korean government threatens to restart nuclear reactor, invade South Kore
North Korea cyber warfare unit 3,000 elite hackers (Cyberwarzone) South Korea's defense ministry had earlier said it plans to gradually increase the size of Cyber Command to over 1,000 people. The South Korean military launched the Cyber Command in early 2010 to handle cyber security issues along with different military and intelligence organizations, but there is no control tower to integrate the policies and strategies that defend military networks
Anonymous to North Koreans: 'Anons Are Here To Set You Free' (Cyberwarzone) Hackers aligned with Anonymous claim to be carrying out numerous cyberattacks against North Korean websites, urging North Korean citizens to rise up against their "oppressive" government
The role of hacktivism in cyber warfare scenario between 2 Koreas (Security Affairs) It's not a surprise South Korean security experts suggest that the North Korea military is training an elite force of "cyber warriors" to involve in cyber attacks against South institutions and companies
Malware Arsenal Targets Tibetan Activists (Threatpost) Tibetan activists in China as well as those living in exile around the world are being targeted by dangerous malware that not only steals data from infected computers, but also has graduated to reporting location data from mobile devices for surveillance purposes
Security Experts Confirm One Of The Largest Cyber Attacks In History (Social Barrel) Experts have confirmed the Internet is in the midst of the biggest Distributed Denial of Service (DDoS) attacks in cyber history. These recent cyber attacks affect key parts of the Internet's infrastructure and messes up Internet speeds in several European countries
The 'Biggest Cyberattack In History' Was Nothing Compared To A Targeted Attack (Business Insider) It turns out the biggest cyberattack in history is strategically irrelevant. Recently we reported on a Distributed Denial of Service (D/DOS) attack on web company Spamhaus that clocked in at a staggering 300 gigabits per second
Spamhaus DDoS Spotlights DNS Server Security Challenge (Dark Reading) Spamhaus DDoS attack puts renews talk of DNS server security. When the Spamhaus Project was recently hit with a tsunami of distributed denial-of-service attack traffic, the impact of the incident caused a stir in the world of network security
The cyber-fighters of Izz ad-Din al-Qassam well-funded (Cyberwarzone) Operation Ababil from Izz ad-Din al-Qassam a large targeted DDoS attacks during working hours on last Tuesday, Wednesday and Thursday on U. S Banks. Among the targets were the websites of Bank of America, Capital One, Citibank, PNC Bank, Union Bank and Wells Fargo, as well as that of American Express. In a statement, an American Express spokesperson said, "Our site experienced a distributed-denial-of-service (DDoS) attack for about two hours on Thursday afternoon
JPMorgan Chase website outage linked to server, not cyber attack (Los Angeles Times) American Banker reported that American Express was hit Thursday by a cyber attack that left some customers unable to access their accounts. The trade newspaper said TD Bank as well as Wells Fargo Bank suffered similar attacks in the last two weeks
How anyone can be a bank-robbing hacker (ZDNet) Hackers have claimed to have broken into the Commonwealth Bank of Australia's UK site, but with the bank denying any attack, is this just another case of putting one and one together and getting three? There's an old adage that on the internet, nobody knows you're a dog. It's been previously used to demonstrate that it's hard, if not impossible at times, to determine whether someone really is who they say they are -- be it man, woman, or dog -- but it equally applies to hackers
United HomeCare Admits Security Breach (eSecurity Planet) Florida's United HomeCare (UHC) recently notified its clients that the theft of an employee's laptop on January 8, 2013 may have resulted in the exposure of clients' personal health information, including names, Social Security numbers, birthdates, home addresses, service dates, health plan numbers, services received, and/or health status
University's email blacklisted after spammers hijack student accounts (TechWorld) The University of Illinois has had its email domain blacklisted after phishing scammers managed to compromise the email accounts of a many dozens of students and staff in a short period of time, the institution has said. According to a warning posted to the Campus Information Technologies and Educational Services (CITES) website, the initial assessment was that the accounts of at least 36 people had been hacked during the attacks but that the true number was probably much higher. The phishers used the common tactic of warning users that they should enter their account details on a bogus site to avoid having email blocked, snaring many unwary users
CNN: Computer hackers, LulzSec, attack 'the Sun' (National Cyber Security) The hacker group LulzSec says it hacked the website of the Sun, another Murdoch newspaper
Spammers dodge junk filters with Google Translate (CSO) Spammers are using Google's good reputation to dodge mail filters deliver their irritable spew to inboxes across the Internet. The junkster tactic was discovered by Barracuda Labs after examining the messages from a variety of large-volume spam campaigns showing up in the company's honeypots
New APT malware monitors mouse clicks to evade detection, researchers say (Computerworld) The malicious document downloads and executes a component that attempts to determine if the operating environment is a virtualized one, like an antivirus sandbox or an automated malware analysis system, by waiting to see if there's any mouse activity
Facebook users warned over fake security page phishing scam (V3) Cyber criminals are targeting Facebook users with a malicious, fake security check page, according to Trend Micro
Aggressive Android adware and malware on the rise (Help Net Security) With adware gleaning more user data from people devices than they would normally need too and developers bundle more than one adware framework into their apps, user privacy is increasingly taking a backseat to profit for developers and advertisers. More and more unknown third parties now have access to user browsing history, phone numbers, email address and everything they need to compile comprehensive and personalized user profiles
Card skimmers targeting more than ATMs, says EU (The Register) Crooks are branching out beyond bank ATMs by installing card skimming devices on a payment terminals ranging from train ticket kiosks to parking meters, according to European anti-fraud experts
Most browsers running old, vulnerable versions of Java (FierceCIO: TechWatch) Security vendor Websense believes it has uncovered the core problem behind the recent spate of high-profile attacks that exploited Java within browsers. To better understand what users have installed on their machines, the company recently added Java version detection capability into its threat engine
Cyber witch hunt ignores mote in West's own eye (Global Times) Recently, a report by Mandiant, an US cyber security firm, stirred up a lot of China-bashing brouhaha. Mandiant's far-fetched accusations were not only denied by the Chinese government, but also challenged by many US cyber security experts. While the dust was settling down, Reuters suddenly jumped into the muddy pond by publishing an article entitled "Top China college in focus with ties to army's cyber-spying unit" by Melanie Lee, a Reuters tech correspondent based in Shanghai
Security Patches, Mitigations, and Software Updates
Firefox 20 arrives - new version, some security improvements, no known vices (Naked Security) Firefox 20.0 was released today. The buglist page enumerates 3054 official changes, with eleven patched vulnerabilities, three at "Critical" level. Paul Ducklin takes a quick look
Cyber Trends
The Driving Forces in Cyberspace are Changing the Reality of Security (infosec island) We are already living in an interconnected "online world", where we - as individuals, society, the military, and the global economy - rely on both the functionality and security of this "World of Bytes". Every second the cyber domain expands and becomes more complex. This means that there is an incredible scope of possibilities and the means develop new things. The integration of the online world with the physical world brings a new dimension to human life. It is vital to understand that cyberspace should not be treated as a separate domain but as one that is entwined with the physical space
Security incident response below par at most firms, says Guidance Software (ComputerWeekly) Most firms are not as prepared as they should be for responding to cyber attacks, says e-discovery firm Guidance Software. But with sensible reviews of processes and communications strategies, up to 70% of firms could put themselves on a much better footing, said Nick Pollard, the firm's senior director of professional services
BYOD practices by healthcare workers pose security risks (FierceMobileHealthCare) Nearly 89 percent of U.S. healthcare workers use their personal smartphones for work purposes, finds a Cisco partner network study. However, when it comes to security, the study found that 41 percent of healthcare employees' personal devices are not password protected, and that 53 percent of healthcare employees access unsecured WiFi networks with their smartphones
Marketplace
Pentagon Awards Surge 71% In March As Congress Eases Budget Blow (Bloomberg Government) The U.S. Department of Defense announced contracts valued at as much as $39.4 billion in March, 71 percent more than the prior month, even as automatic federal budget cuts took effect
Smartronix to Continue Hosting Treasury Cloud (The New New Internet) Smartronix has won a contract from a blanket purchase agreement and an initial task order to continue providing web hosting services to the U.S. Treasury Department for a cloud computing environment
Gary Slack Promoted to QinetiQ NA President, COO (GovConWire) Gary Slack, formerly executive vice president and chief financial officer for QinetiQ North America, has been promoted to president and chief operating officer at the Reston, VaDepartment of Veterans Affairs.-based defense technology maker. Slack's promotion is effective April 2013, according to his biography on QNA's website, which also says he currently holds the interim CFO
Products, Services, and Solutions
Mako Networks Expands Security Offering Into Nordics With Securecom AB (Dark Reading) Securecom will promote, support, and supply Mako's network security solutions to resellers and service providers
NASA's ex-CTO built a cloud in a box and he wants you to buy it (Ars Technica) Nebula's OpenStack-based hardware turns servers into an Amazon-like cloud
Guidance Software, Inc. : New Version of EnCase eDiscovery Boosts Control, Performance and Security (4-Traders) Version 5.2 Streamlines Legal Hold, Supports "Military-Grade" Encryption and Provides Faster Transfer to SaaS Review Platform
Technologies, Techniques, and Standards
Taming Bad Inputs Means Taking Aim At 'Weird Machines' (Dark Reading) Overly accommodating platforms and protocols allow attackers to use inputs like code, essentially allowing attackers to program an unintentional virtual machine
Identifying And Remediating Security Vulnerabilities In The Cloud (Dark Reading) Cloud computing can lead to security risks. Here are some insights on tracking them down
How To Improve DBA And Security Team Relations (Dark Reading) Building consensus between database administrators and security professionals can go a long way toward improving data security
Deconstructing Defensible - Defensible is not the Same as Secure (infosec island) In my previous post, The Castle has no Walls, I introduced the concept of 'defensible' as a goal for enterprises to replace the notion of secure which I fully believe is an outdated and broken descriptor for anything in today's hyper-connected, modern world. This post and the few that follow go through the five basic ideas behind defensibility and why defensible is a state we should be striving for as enterprise security professionals
Why SIEM alone is not enough (Tripwire) Studies have been cited in attempts to claim that SIEM is deadthe same claims made a few years ago about some other controls, yet these security tools too are alive and well. Although many organizations are still purchasing SIEM solutions, they tend to be hard to deploy, complex to manage over time, and limited in their ability to detect security events. The best solution is to combine SIEM information with data derived from other controls in order to add context to the suspicious activity detected, and allow for achieving a more complete state of security
How to stop your friends' Facebook apps from accessing YOUR private information (Naked Security) Many internet users are wary of sharing their personal information willy-nilly with the world, but did you know that sometimes it's your Facebook friends who might be unwittingly passing your private details on
Design and Innovation
FTC Announces Winners of Death-to-Robocalls Challenge (Wired Threat Level) The Federal Trade Commission gets about 200,000 calls monthly from consumers complaining about robocalls, those illegal prerecorded messages hawking everything from timeshares in the Bahamas to free money. Because the commission's "do-not-call" registry was simply not able to handle the
Still Nobody Knows Who Created Bitcoin - But There Are A Few Big Theories (Business Insider) Until his disappearance from the Web, around the spring of 2012, Nakamoto was a visible participant on cryptography forums, where he discussed Bitcoin freely, and published a nine-page paper outlining the details of the project. These posts reveal that
Research and Development
Quantum encryption keys obtained from a moving plane (Ars Technica) A technical demonstration shows that an exchange with satellites is possible
Fujitsu addresses big data from a different angle (Fierce Big Data) While each week brings a new startup in the big data arena, some larger, long-time players in networking have been quietly working on their big data strategies. Fujitsu Laboratories is one of them. This week, Fujitsu introduced advancements in high-speed data processing, which it says increase its capacity by a factor of five
Beware of hidden biases (Fierce Big Data) Is there a danger that minus some disciplines, the embrace of big data and acceptance of its hype will lead to a data fundamentalism where the ideas that correlate always indicate causation, and massive data sets and predictive analytics always reflect the truth and go unquestioned? Kate Crawford is a principal researcher at Microsoft (NASDAQ: MSFT) Research and a visiting professor at the MIT Center for Civic Media, and she thinks there is one
Academia
Wrestling for success (University of Delaware) The second installment of the President's Leadership Series featuring David G. DeWalt, chairman and CEO of FireEye, was held March 21 at the Roselle Center for the Arts. DeWalt, who graduated from UD in 1986 with a bachelor's degree in computer science, is a leading expert in the fields of technology, cyber security and mergers and acquisitions. In his lecture, titled "Numbers: Transformational Stories of Success and Failure from the East Coast to the Silicon Valley," DeWalt used numbers to illustrate the important life lessons he was able to cull from his greatest achievements and most trying losses
Legislation, Policy, and Regulation
California Considers Pushing Data Disclosure Envelope Again (Threatpost) California, which set the standard for data breach notifications nationwide, is again seeking to set a precedent by becoming the first state in the nation to require companies upon request disclose to California consumers the data they've collected and to whom it was shared during the past year. They would be required to respond within 30 days and provide the report for free
Recalibrate U.S. Cyber Efforts to Better Meet the High-end Threat From Nation-states (Huffington Post) In the discussions about cyber threats that continue and expand daily, there is a tendency to lump together all types of threat regardless of where they fall on the spectrum. This lack of precision entails consequences, one of which is that it prevents us from focusing on the highest-end threats that should command our greatest attention. To move forward smartly, the United States needs a way of thinking about the various threat actors that parses and differentiates between and among them, according to the significant ways in which they may differ. Such a typology would help U.S. policy-makers better rack and stack the threat, and respond accordingly. Keep in mind that not all hacks or hackers, nor all actors, are the same
Cyber security is a team sport (Sydney Morning Herald) Securing Australia's cyber space is a shared responsibility, argues Raymond Choo. Malicious cyber activities are no longer a matter of if but of when, and in our increasingly interconnected world, threats to our national sovereignty can come from unexpected sources and directions. It is an undeniable global, 360-degree challenge for both developed and developing countries. The difficult task of securing our cyber future is defined not only by the need for human, process and technical perfection but also by our ability to manage the imperfections
South Korea to set up cyberpolicy unit (ZDNet) New department will oversee cyberdeterrence policies and prepare information security measures, and its top priority will be developing cyberwarfare weapons to protect military networks. South Korea will establish a cyberpolicy department to oversee policies and prepare information security measures. The new unit's top priority is to develop defensive cyberwarfare weapons. This follows the launch of the country's cybercommand division in early 2010 to handle cybersecurity issues along with different military and intelligence organizations, said a report Tuesday by Yonhap news. It noted there was so far no control tower to integrate the policies and strategies to protect military networks
Cyberwars call for new rules of engagement (ZDNet) The specter of cyberwar is beginning to rear its head, so do the rules of engagement need updating? Cyberwar is beginning to take root. Even before nations go to war, the hackers are already at it. And even as nations are not at war, such as what happened in Malaysia's dealing with the Sulu incursions, the hackers are quick to begin attacking government assets
Cyberwar is here (Cyberwarzone) Last year, hackers hit Saudi Aramco, the world's largest oil producer. They erased data on 30,000 computers, jammed the company's email for months and plastered screens with a burning American flag. Security experts believe the attack was organized by Iran
Is the UK really prepared for cyber attack mitigation? (SC Magazine UK) The claims in the National Audit Office's (NAO) report are made in spite of recent action taken by the government to develop a robust cyber strategy - including GCHQ's formation of the UK's first academic research institute set up to arm the nation
Government could be handcuffed during cyber attack affecting private sector (Calgary Herald) "The framework will put forward, on a voluntary basis, the roles and responsibilities of all levels of government, critical infrastructure owners and operators, and other public and private sector partners in responding to a significant cyber attack
Litigation, Investigation, and Law Enforcement
Aaron Swartz's Prosecutors Were Threatened and Hacked, DOJ Says (Wired Threat Level) Massachusetts federal authorities involved in the prosecution of Aaron Swartz have received threatening e-mail and snail mail, the Justice Department said in a court filing, and the lead prosecutor in the case had his Facebook page hacked
Donald Trump is Suing a Brooklyn man for Cyber squatting (The Hacker News) J. Taikwok Yung is 33, lives with his mom in Brooklyn, and bought domain names that criticize billionaire Donald Trump and cybersquatting him. Cybersquatting is a legitimate crime that's defined by the Anticybersquatting Consumer Protection Act
Cyber Threats Concerns in State Intelligence Report To Texas (Cyberwarzone) While organized crime is seen as the most significant public safety threat in Texas, drunk driving, natural disasters, terrorism, industrial accidents and cyber security also are among the major threats that keep lawmakers up at night. The Department of Public Safety (DPS) recently released its 2013 Texas Public Safety Threat Overview, a state intelligence estimate that offers a review of current public safety threats to Texas
UK Police Charged with Inappropriately Accessing Data (eSecurity Planet) Nineteen members of the Derbyshire Police apparently violated data protection rules in the past three years. The Derby Telegraph reports that 19 staff members of the UK's Derbyshire Police have inappropriately accessed information in violation of data protection rules over the past three years
3 divers blamed for Egyptian submarine cable cut (FierceCIO: TechWatch) Three divers were caught by the Egyptian Coast Guard while attempting to cut through an important undersea fiber optic cable near the port at Alexandria. The link that the divers were allegedly severing is believed to be the 12,500 mile-long South East Asia-Middle East-West Europe 4 (SEA-ME-WE 4) cable that runs from France to Singapore
For a complete running list of events, please visit the Event Tracker.
Upcoming Events
An Evening in Cyberspace: Supporting Tomorrow's Cybersecurity Leaders (National Harbor, Maryland, USA, Apr 6, 2013) UMUC is pleased to present An Evening in Cyberspace: Supporting Tomorrow's Cybersecurity Leaders. Join us for this special black-tie event to support the next generation of cybersecurity students. The evening will feature a reception, dinner, keynote and entertainment.
CSO40 (Braselton, Georgia, USA, Apr 2 - 3, 2013) The CSO40 Security Confab + Awards will honor and share the critical viewpoints of today's leading CSOs, CISOs and security executives at the nation's leading CSO thought leadership conference.
Cloud Connect Silicon Valley (Santa Clara, California, USA, Apr 2 - 5, 2013) Cloud Connect returns to Silicon Valley, April 2-5, 2013, for four days of lectures, panels, tutorials and roundtable discussions on a comprehensive selection of cloud topics taught by leading industry experts.
An Evening in Cyberspace: Supporting Tomorrow's Cybersecurity Leaders (National Harbor, Maryland, USA, Apr 6, 2013) UMUC is pleased to present An Evening in Cyberspace: Supporting Tomorrow's Cybersecurity Leaders. Join us for this special black-tie event to support the next generation of cybersecurity students. The evening will feature a reception, dinner, keynote and entertainment.
Cyber 1.3 (, Jan 1, 1970) Maj. Gen. Suzanne Vautrinot, USAF, commander, 24th Air Force, and commander, Air Force Network Operations, will discuss the global strategic implications that relate to the cyber domain at the Space Foundation national conference Cyber 1.3, to be held Monday, April 8th, at The Broadmoor Hotel in Colorado Springs, Colorado. Cyber 1.3 is a full-day conference that takes place immediately before the official opening of the 29th National Space Symposium. The conference includes a networking breakfast, a luncheon and concludes with a networking reception, co-sponsored by General Dynamics Advanced Information Systems. Government Executive Media Group is a Cyber 1.3 media co-sponsor.
HITBSecConf2013 (Amsterdam, the Netherlands, Apr 8 - 11, 2013) HITB2013AMS will feature cutting edge attack and defense research including the a presentation on the inner workings of the iOS 6.1 Evasi0n jailbreak presented by members of the world famous Evad3rs Team, a brand new kernel level exploit affecting _all versions_ of Microsoft Windows up till Windows 8 and even a presentation on remotely hacking airplanes.
SANS Northern Virginia 2013 (Reston, Virginia, USA, Apr 8 - 13, 2013) This event features comprehensive hands-on technical training fand includes several courses that will prepare attendees for DoD 8570 and GIAC approved certification exams. Four of the courses can apply to a SANS Technology Institute's Master of Science Degree in Information Security Management or Master of Science Degree in Information Security Engineering.
INFILTRATE 2013 (Miami, Florida, USA, Apr 11 - 12, 2013) INFILTRATE is a deep technical conference that focuses entirely on offensive security issues. Researchers focused on the latest technical issues will demonstrate techniques that you cannot find elsewhere.
Software Engineering Institute Invitational Career Fair (Pittsburgh, Pennsylvania, USA, Apr 11 - 12, 2013) Attention software engineers and cyber security professionals, the Carnegie Mellon Software Engineering Institute needs your top notch skills to meet today's challenges. SEI staff will be interviewing on April 11 & 12 at their offices in Pittsburgh to fill immediate local positions. All candidates must be eligible to obtain a Security Clearance. Interviews are by appointment only. At the SEI you will have opportunities to make an impact on internet security and work with some of the most talented people in the field.
Information Tech Expo Series - Hawaii (Oahu, Hawaii, USA, Apr 12 - 19, 2013) This 6-series showcase will feature stops at 5 DoD locations and 1 Intel Center on the island of Oahu. Celebrating 20 years of these expos is a true testament to the government and military's readiness to learn from and work with industry partners. .
InfoSec World Conference & Expo 2013 (Orlando, Florida, USA, Apr 15 - 17, 2013) With the primary objective of providing top-notch education to all levels of information security and IT auditing professionals, InfoSec World delivers practical sessions that give you the tools to strengthen your security without restricting your business.
Cyber Guardian 2013 (Baltimore, Maryland, USA, Apr 15 - 20, 2013) Cyber Guardian is the SANS Institute's annual, interactive training session for cyber security professionals. All courses are associated with a GIAC Certification, and cover topics like intrusion detection, perimeter protection, hacker techniques, penetration testing, and advanced forensics. Cyber Guardian will feature the popular SANS NetWars Tournament on April 18-19, a hands-on, interactive training exercise.
A Dialogue on Cyber Warfare from Legal and Corporate Perspectives (New York, New York, USA, Apr 16, 2013) Conversation on Cyber Warfare and the LawThe Journal of Law & Cyber Warfare in partnership with the Columbia Society of International Law is honored to host this first cutting edge conference on the complex issues of cyber warfare.States are faced with the multi-faceted challenges of cyber warfare. No longer confined to the world of technology professionals and spies, these threats are a growing part of the daily lives of corporations and individuals. The constitution and legislation are both scarce and obsolete and the bench and the bar lack the resources and expertise to decide or advocate on these issues.
Infosec Southwest 2013 (Austin, Texas, USA, Apr 19 - 21, 2013) InfoSec Southwest is intended to be a general security and hacking conference with no specific industry or topical focus. As such, nearly all topics (other than vendor pitches) are fair game and the attending audience is expected to span all demographics.
Mobile Device Security for Defense and Government (Alexandria, Virginia, USA, Apr 23 - 24, 2013) This Defense Strategies Institute conference addresses the challenges of operating mobile devices in networks whose security is mission critical. The symposium's overall theme will focus on DOD's plan to maximize the potential uses of mobile devices. Within specific key areas: wireless infrastructure, mobile devices and mobile applications. The thought leadership and community goal of this event is to advance flexible and secure mobile devices to benefit the warfighter and keep pace with changing technology.
Infosecurity Europe (London, England, UK, Apr 23 - 25, 2013) Europe's number one Information Security event. Featuring over 350 exhibitors, the most diverse range of new products and services, an unrivalled education programme and over 12,000 visitors from every segment of the industry, it's the most important date in the calendar for Information Security professionals across Europe.
INSA Leadership Dinner Featuring Betty Sapp, Director, NRO (Reston, Virginia, USA, Apr 25, 2013) - This leadership dinner will feature a keynote address from Betty Sapp, Director of the National Reconnaissance Office highlighting her focus on innovation at the NRO and for the Intelligence Community. Registration will open on Thursday, March 14 and will close Thursday, April 18.
23rd Annual Government Procurement Conference (Washington, DC, USA, Apr 25, 2013) This unique one-day event attracts more than 3,000 participants representing government agencies, prime contractors and small businesses from around the country. Participating companies are able to network with procurement officials from federal, state and local government agencies under one roof.
TechExpo Cyber Security Hiring Event (Columbia, Maryland, USA, Apr 30, 2013) A hiring event for experienced cyber security professionals, with many leading companies in attendance and interviewing on-the-spot. Learn from the distinguished speakers' panel, details of which will be forthcoming on the event site. All job-seekers should be US citizens with cyber security or IT experience. A security clearance is not required, but preferred.