The CyberWire Daily Briefing for 1.14.2013
Kaspersky reports detection of a cyber espionage campaign that's been quietly active for five years. "Rocra" (alternatively "Red October") infected systems in Eastern Europe and Central Asia, with a smaller number of attacks in Western Europe and North America. There's no attribution yet, but Rocra's Chinese and Russian malware and its diplomatic and research institute targets suggest state sponsorship.
Some security analysts see a distinction without a difference between state-sponsored and state-inspired attacks (a bit like thinking "officers" versus "agents" significant with respect to attribution). This of course refers to Izz ad-Din al-Qassam, whose denial-of-service attacks continue to dog US banks. The banks are asking US National Security Agency for help.
Oracle patched Java over the weekend as attacks targeting its vulnerabilities spread rapidly through exploit kits. (US-CERT was unusually quick and direct last week in its advice to disable Java immediately.) Firefox's Foxit PDF apparently has some security holes; a workaround is now available.
Sybase patched its Adaptive Server Enterprise product over the weekend. Microsoft announces it will issue an out-of-band patch for Internet Explorer later today.
Ireland is ambivalent about Huawei's new research center near Dublin: the jobs are welcome, the security reputation not so much. Malware's fast evolutionary cycles cause analysts to doubt the future value of signature-based defenses.
Australia, India, the Philippines, and Singapore tighten cyber crime prevention measures.
Reddit co-founder Aaron Schwartz's sad suicide Friday (he was facing US federal criminal charges for unauthorized downloading of JSTOR articles) has many calling him a free-speech martyr.
Notes.
Today's issue includes events affecting Algeria, Australia, Bosnia, Canada, China, Croatia, Egypt, Estonia, European Union, Herzegovina, India, Ireland, Republic of Korea, Lithuania, Macedonia, Malaysia, New Zealand, Russia, Philippines, Singapore, Thailand, United Arab Emirates, United Kingdom, and United States..
Cyber Attacks, Threats, and Vulnerabilities
Rocra Espionage Malware Campaign Uncovered After Five Years of Activity (Threatpost) For five years, it hid in the weeds of networks used by Eastern European diplomats, government employees and scientific research organizations, stealing data and infecting more machines in an espionage campaign rivaling Flame and others of its ilk. The campaign, called Rocra or Red October by researchers at Kaspersky Lab, focused not only on workstations, but mobile devices and networking gear to gain a foothold inside strategic organizations. Once inside, attackers pivoted internally and stole everything from files on desktops, smartphones and FTP servers, to email databases using exploits developed in China and Russian malware, Kaspersky researchers said
Iran May Not Be Behind Bank Cyberattacks, Experts Say (TechNewsDaily) There's really not much evidence that the government of Iran is behind the ongoing wave of cyberattacks on U.S. bank websites, say many security experts."I don't consider any attack I can do in my spare time as 'nation-state sponsored,'" said Robert David Graham, chief executive officer of Atlanta-based Errata Security."[It] could just as well be a loose group of those sympathetic to Iran and the Middle East and angry as hell at U.S. involvement there," said George Smith, a senior fellow at the Washington, D.C.-based think tank GlobalSecurity. org
Would U.S.-Iran Cyberwar be Fair Fight? - DDoS Assaults on Banks Seen as Retaliation for Stuxnet Attack (Bank Information Security) Reports that the self-claimed hacktivist group Izz ad-Din al-Qassam Cyber Fighters is a front for Iran's government, if true, raises the question: Is this U.S. at cyberwar with Iran? Izz ad-Din al-Qassam, in postings on the Internet, contends it's behind the series of distributed-denial-of-service attacks that have temporarily overloaded the online sites of several leading American banks, as my colleague Tracy Kitten has reported in a series of stories. Now, a new report, appearing in The New York Times, asserts Iran - using the cover of Izz ad-Din al-Qassam - has penetrated data centers to launch the DDoS attacks as retaliation for the United States allegedly infecting Iranian nuclear centrifuges with the Stuxnet computer worm
Mobile Attacks Pose Increasing Threat - Malware, Out-of-Band Compromises Get Banks' Attention (Bank Information Security) Malware attacks against mobile devices are on the rise. As a result, institutions offering mobile banking need to focus in the year ahead on implementing stronger authentication for transactions and users, better defenses to prevent out-of-band compromises and improved mobile malware detection. A recent study from software and security firm Trend Micro found that mobile malware attacks hit record numbers in the third quarter, with Android devices as the primary targets
Banks seek NSA help amid attacks on their computer systems (Washington Post) Major U.S. banks have turned to the National Security Agency for help protecting their computer systems after a barrage of assaults that have disrupted their Web sites, according to industry officials. The attacks on the sites, which started about a year ago but intensified in September, have grown increasingly sophisticated, officials said. The NSA has been asked to provide technical assistance to help banks further assess their systems and to better understand the attackers tactics
Monitoring Bank DDoS Attacks Tough Task for Third Parties (Dark Reading) While data is not readily available on the attacks hitting financial institutions, defenders dealing with the incidents say that the attacks are effective and costly
Java Zero-Day Exploit In The Wild, Spreading Ransomware (Trend Micro) A new zero-day exploit in Java has been found in the wild. Currently, this exploit is being used by toolkits like the Blackhole Exploit Kit (BHEK) and the Cool
Java zero-day infections pick up steam (SC Magazine) An exploit that takes advantage of a gaping hole in Java has exploded across the globe, according to security firm Kaspersky Labs. Researcher Kurt Baumgartner said the cases at least number in the thousands, primarily in the United States, Russia and
Zero-day flaw prompts Apple to block Java 7 from OS X (Apple Insider) The newly discovered zero-day flaw in Java 7 is so serious that the U.S. Department of Homeland Security has warned users to disable or uninstall it. "We are currently unaware of a practical solution to this problem," the departments' Computer
Homeland Security warns to disable Java amid zero-day flaw (ZDNet) The U.S. Department of Homeland Security has warned users to disable or uninstall Java software on their computers, amid continuing fears
Incomplete Java Patch Paved Way for Latest Zero Day Mess (Threatpost) The exploit targeting the latest zero-day vulnerability in the Java platform is dropping ransomware, and has been found in another exploit kit. Security experts, including U.S.-CERT last night, advise users and IT managers to disable Java on endpoints and browsers. Meanwhile, Polish security researcher Adam Gowdiak of Security Explorations, said the attacks target a pair of vulnerabilities, one of which was reported to Oracle in September and patched, apparently incompletely, in October
Zero-Day paranoia and the reality of modern web browsing (ZDNet) Remote code execution is an end-user nightmare that can be stopped tomorrow, if we enact the appropriate technologies to prevent it. It's not often that my dad emails me with a frantic message about his computer. Apparently, he had read an article written by one of my colleagues, Zack Whittaker, regarding the Department of Homeland Defense Advisory about the recently publicised Java Zero-Day exploit. He wanted to tell me that he had disabled Java on all of his PCs and asked me what I thought
Vulnerability reported in Foxit PDF plugin for Firefox - how to mitigate it (Naked Security) Italian security researcher Andrea Micalizzi has recently reported a vulnerability in the latest Foxit PDF plugin for Firefox. Paul Ducklin examines the situation and gives a simple workaround
Attackers Using Fake Chrome Updates to Lure Victims (Threatpost) Fake Chrome updateGoogle patched nearly two dozen security vulnerabilities in Chrome on Thursday and a day later attackers have begun circulating fake Google Chrome updates that actually are part of a scam related to the Zeus botnet and is designed to steal online banking credentials, among other things
Federal government loses hard drive with information on more than half a million people (Canada.com) The federal government has called in the RCMP on what could be one of the largest privacy breaches in Canadian history, after losing an unencrypted external hard drive containing the personal information of 583,000 Canada Student Loans borrowers
Govt sites hacked on eve of [Philippine] Supreme Court cybercrime hearing (GMA News) On the eve of the Supreme Court's hearing on the Anti-Cybercrime Act of 2012, hackers opposing the law defaced several government websites early Monday
Lithuanian Online Game Website Miestukarai Hacked, Details of 24,000 Users Leaked (Softpedia) A hacker called AnonVoldemort claims to have gained access to the databases of Miestukarai. lt, a Lithuanian online game that appears to have almost 35,000 players. In the tweet announcing the hack, AnonVoldemort revealed that he had leaked over 24,000 accounts, both free and premium
Krasnoyarsk man accused of cyber attack on Russian president's web site (Focus News) Authorities in the eastern Siberian region of Krasnoyarsk have sent to court their case against a local man they accuse of staging a cyber-attack last spring against the Russian president's Web site, the local branch of the Federal Security
Hackers Targeted Rothschild and Bumis Tan, Reports Say (Jakarta Globe) Bumi Plc chairman Samin Tan and Nathaniel Rothschild, a co-founder of the Indonesian coal venture, have both been targeted by hackers, according to separate reports from security firms seen by Bloomberg. Tans e-mail account was specifically targeted in a sophisticated and persistent attack to compromise his computer and retrieve information in July, according to the report by Context Information Security. Rothschild said on Friday that he had no knowledge of the hacking, and that his own computers had been the subject of repeated attempts of unauthorized access
Warning after theatre site hack (Stuff) International hackers have increasingly begun targeting New Zealand business websites, with even the Auckland Theatre Company subject to virtual hostage-taking. Sunday Star-Times understands that overseas hackers took over the ATC website
Anonymous Appears To Have Hacked MIT Website, Leaves Swartz Tribute (TechCrunch) Hacktivist organization, Anonymous, appears to have hacked MIT's website and left a tribute page to the late Internet activist, Aaron Swartz. "We tender apologies to the administrators at MIT for this temporary use of their websites," writes a postscript to a memorial note posted by Anonymous on a subdomain of the official MIT.edu website. "We do not consign blame or responsibility upon
Security Patches, Mitigations, and Software Updates
Sybase Fixes Nine ASE Flaws (Threatpost) Enterprise software and services company Sybase has again patched holes in its Adaptive Server Enterprise (ASE) product, fixing a handful of database vulnerabilities that could have allowed a hacker to execute code and bypass security parameters on the company's main database server product.
Oracle patches multiple Java zero-day holes, increases default security (ZDNet) Oracle has delivered on its promise to quickly make available a patch for the zero-day vulnerability discovered last week, but its patch doesn't just close off that hole, it closes off another that may have been lurking around for much longer
Oracle patches widespread Java zero-day bug in just three (days, that is) (Ars Technica) Earlier this week, a security hole in the latest version of Java was being "massively exploited in the wild." Hackers were turning compromised websites into platforms for installing silent keyloggers or other malicious software. And at the time news
Microsoft pre-announces IE zero-day patch - get ready for it (Naked Security) Microsoft will be releasing an out-of-band patch tomorrow (Monday 14 January 2013 in the USA) for the recently-disclosed zero-day hole in Internet Explorer. → The adjective out-of-band in this context is a bit of a metaphorical stretch, but it's what
Cyber Trends
How Cybercriminals Choose Their Targets And Tactics (Dark Reading) Targeted attacks are becoming pervasive. Here's a look at how those targets are chosen -- and how your organization might avoid being one of them
Cost-saving potential of health IT remains untapped, researchers say (Fierce Government IT) The original promise of health IT can still be met if systems are redesigned to become more standardized, easier to use, interoperable, and open and available to patients, Rand analysts say. But even if all that happens, the potential of health IT will remain untapped unless care providers rethink how they deliver IT-enabled care, "in the context of redesigned payment models that favor value over volume," they say
Banking sector is the most targeted sector for cybercrime in the UAE, 999 Magazine report shows (AMEInfo) A report published in the January issue of 999 Magazine - the official English monthly of the Ministry of Interior - reveals that cyber-attacks have mostly targeted the banking sector, including both the ATM and Internet banking applications, in the UAE. The banking sector topped the list of the most eyed target (35%) while the remaining 65% attacks were launched against the government's e-services, telecommunication systems, and educational institutions' systems, according to Lieutenant Colonel Yasser Mohamed Al Wahabi, E-Infrastructure Director, General Directorate of E-Services and Telecom, UAE Ministry of Interior. To address this problem, most of police general headquarters in the UAE have established cybercrime and organisational security units
Africa as Safe Haven for Cyber-Criminals (PC Mag: Security Watch) While the global nature of cyber-crime means the criminals can be anywhere, we tend to think of Eastern Europe and Russia as the hotbed of criminal activity. Trend Micro believes criminals will increasingly shift their operations over to Africa in 2013
Protecting against social engineering as important as ever (Fierce CIO: TechWatch) A report on Ars Technica about scammers masquerading as support folks underscores the effectiveness of social engineering in breaking into computer systems. You can read more about what took place here, though what struck me was the totally brazen manner in which the lies were made by the scammer
Ovum: Mobile operators should slow down rollout of VoLTE (Fierce Mobile IT) Ovum analyst Jeremy Green is advising mobile operators to slow down on the rollout of mobile VoIP over 4G LTE networks because there are still service and supply issues to work out, and no compelling services or revenue opportunities
Number of mobile banking users to exceed 1 billion by 2017, predicts Juniper (Fierce Mobile IT) The number of mobile banking users will exceed one billion by 2017, up from 590 million in 2013, predicts a new Juniper Research report. Large banks are deploying two or more mobile banking offerings, such as messaging, mobile browsers and app-based services, noted the report, "Mobile Banking: Handset & Tablet Market Strategies 2013-2017"
Marketplace
GAO: Army network strategy poses significant risks, challenges that need oversight (Fierce Government IT) As the Army begins to spend billions of dollars integrating dozens of disparate systems into a single tactical network, the service's strategy presents significant risks and challenges requiring high-level oversight attention by both the Army and the Defense Department, according to a Jan. 10 report from the Government Accountability Office.The integration is one of the service's most costly investments, with more than $3 billion needed annually on an indefinite basis
Sequestration cutbacks could impact Fort Meade, Naval Academy (Capital Gazette) Leaders at Fort George G. Meade and the U.S. Naval Academy must present plans for slashing jobs and budgets by Feb. 1 to the Pentagon as it prepares for budget cuts if Congress fails to pass a new budget. Top Pentagon leadership ordered military
CSC shoulders NHS loss by moving jobs offshore (ComputerWeekly) But it was also where CSC had suffered a knock on its reputation through work in the defence sector that had linked it to the US Central Intelligence
Can we ignore concerns that made Huawei a pariah? (Independent) HUAWEI'S decision to set up a new research and development centre split between Dublin and Cork and creating 50 jobs will be welcome news. However, it is a sign of where we are as a country and where the world economy is now that we are relying on investment from a firm that is not looked on very favourably in the west
Newswatch: Baltimore among leaders in cybersecurity jobs (Gazette.Net) Charm City might be gaining a new moniker: Cyber City. A new study, the Cyber Jobs Report, says that Baltimore is the nation's third hottest city for cybersecurity jobs, ranking behind only Palo Alto, Calif., and San Francisco
Report: Baltimore area has thousands of cybersecurity job openings (Baltimore Sun) Report, funded by Abell Foundation, quantifies the industry. Baltimore is a hotbed of cybersecurity jobs, with more than 13,000 job postings last October alone, according to a report funded by the Abell Foundation
Boeing Subsidiary Wins $46M to Build Navy Intell Systems (The New New Internet) Boeing Co.'s subsidiary, Argon ST, has been awarded a $46 million contract option by the U.S. Navy to facilitate increased data collection and to better identify potential threats with the delivery of situational awareness systems
DHS Picks 29 for $3B IT Products Contract (Govconwire) The U.S. Department of Homeland Security has awarded 29 small businesses positions on a potential $3 billion information technology products contract, according to a FedBizOpps notice. DHS made 36 awards on the FirstSource II vehicle and several companies won in more than one category, organized by different types of small businesses. The department divided awards
Northrop Wins $95M for Navy Data Link Software, Hardware (Govconwire) Northrop Grumman (NYSE: NOC) has won a potential $95 million U.S. Navy contract to develop software and hardware for a command and control processor and data link, the Defense Department said Wednesday. According to the company, the Next Generation Command and Control Processor is designed to provide ship-based warfighters information on friendly and enemy activity
Intelligent Decisions Names 12-Year Vet Rhett Butler Civilian Sales Lead (Govconwire) Intelligent Decisions has appointed 12-year company veteran Rhett Butler director of civilian sales, the company said Thursday. He will be responsible for business development and will lead a team of account executives that work with federal civilian customers. Harry Martin, president and CEO, said Butler will also be responsible for helping the company achieve its
Security Researcher Moxie Marlinspike Leaves Twitter (Softpedia) Yesterday, the famous security researcher known as Moxie Marlinspike announced that he was parting ways with Twitters security team. Today is my last day working at Twitter. I've learned a lot here over the past year, and have worked with some great people
Could ad-jacking software save Kim Dotcom? (Sydney Morning Herald) Kim Dotcom's new Mega file-sharing service could cannibalise the revenues of other online businesses by substituting advertisements on websites with ads served up by Mega. The embattled online entrepreneur is expected to unveil file-locker service Mega and sister service Megabox at his Auckland mansion on January 20 - the anniversary of his arrest on copyright and "racketeering" charges. Megabox will be designed to let musicians and other artists cut out traditional intermediaries such as record labels and instead get paid to provide their wares through his website
Products, Services, and Solutions
Lockheed, AT&T to Offer Pentagon Cyber-Threat Service (Bloomberg) Lockheed Martin Corp. (LMT), AT&T Inc., and CenturyLink Inc. (CTL), are the first companies to sign up for a U.S. program giving them classified information on cyber threats that they can package as security services for sale to other companies
5 Reasons I Want An Ubuntu Phone (InformationWeek) Love your carrier --and your huge monthly bill? Then read no further. But if you'd jump at a better deal, Ubuntu might just fit the bill.
Enterprise DIY data erasure (Help Net Security) Kroll Ontrack launched Ontrack Eraser 4.0, an enterprise data eraser solution, complete with expanded drive wiping capacity, VMware eraser capabilities and new reporting and security management functionality
Jailbreak tool for Windows RT unlocks it in 20 seconds (Fierce CIO: TechWatch) Earlier this week, we reported on how a hacker has succeeded in cracking Microsoft's (NASDAQ: MSFT) security system of locking down Windows RT tablets to prevent unauthorized desktop software from running. Well, it appears that another hacker has now packaged the exploit into a jailbreak tool that will unlock a Windows RT tablet within 20 seconds
Samsung to offer more features in SAFE enterprise security product (Fierce Mobile IT) Samsung plans to offer additional features in its SAFE enterprise security product this year, said Tim Wagner, vice president and general manager of business-to-business sales at Samsung. Wagner announced the plan to an audience at the Mobility Awards held Wednesday in conjunction with the Consumer Electronics Show
Technologies, Techniques, and Standards
As Malware Evolves, Are AV Signatures Still Relevant? (eSecurity Planet) As malware becomes more sophisticated, so too must the enterprise's defensive perimeter. In the beginning of the virus era, computer users were introduced to the concept of signature-based anti-virus scanners. It's an idea whose time may well have come and gone. "Since the 1990s people have
You encrypt your laptops, but what about portable media? (Internet Storm Center) As a data loss control many organisations now ensure that laptops are mitigated by installing full disk encryption or by having a partition / area of disk which is encrypted. However, laptops are not the only way to pick up and carry out of your organisation the data which you are meant to be protecting. Various products also address this space of the toolset to mitigate data loss risk. Walter has e-mailed in with the heads up that various Canadian news media are highlighting a report that a portable disk containing 583,000 Canadians who were clients of the Canada Student Loans program from 2000 to 2006 has been lost. If you were lucky enough to borrow money through this program but you were from Quebec, Nunavut and the Northwest you were lucky this time
Automotive black box protects cyber data (Help Net Security) The U.S. government rulemaking proposal seeks to mandate an automotive black box / Event Data Recorder (EDR) that you cannot turn-off, disable, or remove. You vehicle may already have one
IEEE approves WiGig (Fierce CIO TechWatch) The WiGig (802.11ad) wireless standard has moved one step closer to reality after getting the ok from the IEEE standards association. The WiGig standard operates over the 60GHz frequency, allowing it to operate at speeds of up to 7Gbps versus current generation 802.11n Wi-Fi, which offers up to 450Mbps--based on current devices
Eye vein biometrics provides missing link in BYOD security, says EyeVerify CEO (Fierce Mobile IT) EyeVerify, a supplier of smartphone-based eye vein biometrics, is working with Android smartphone makers to offer its authentication product as a way to strengthen BYOD security, Toby Rush, the group's chief executive officer, told FierceMobileIT here in Las Vegas on Wednesday
Design and Innovation
Canadian Coders Solve Mystery of Open Source Government (Wired) When you think of hotbeds of open source innovation, Canada's Treasury Board typically doesn't make the cut. But over the past three years, coders at this slightly obscure Canadian government agency have produced something that's pretty rare in government: a hit open source project. We're not talking about the next Linux here, but this summer, the Treasury Board of Canada — which oversees Canada's federal civil service — hosted a CodeFest to invite hackers — mostly government staffers — to hack its Web Experience Toolkit, or WET — a set of open-source tools that the Treasury Board uses for building websites
Research and Development
'Mass Equals Time' Redefines Weight Standards (IEEE Spectrum) New measurements of the matter-wave Compton frequency presage a quantum-mechanical definition of mass
IBM tops U.S. patent list for 2012 (Help Net Security) IBM received a record 6,478 patents in 2012 for inventions that will enable fundamental advancements across key domains including analytics, Big Data, cybersecurity, cloud, mobile, social networking
Academia
UNT gets $1M NSF grant for cyber security program (Dallas Business Journal) UNT also has been designated as a National Center of Academic Excellence in Information Assurance Education. Institutions with these designations are
Germanna Center for Workforce launches Homeland Security Program, providing training for private- and public-sector jobs (Germanna News) The future is not as glamorous as the past. But it's smarter. So when David A. Broadhurst taught people to be spies, it wasn't the macho, cloak- and- dagger, martini-drinking, shaken-not-stirred, Bond…James Bond…type
Legislation, Policy, and Regulation
ASIO wants to hack third-party computers to get to their targets (IT Wire) According to today's report, the Attorney General's Department is seeking enhanced powers for ASIO (Australian Security Intelligence Organisation) - Australia's domestic spying organisation - to be able to hack both the computers of suspected terrorists AND those of connected third parties. These third parties may be in such a position as to be a conduit for targeted malware to be delivered to the suspects' computers. Despite the appearance of immediacy in the linked News Ltd report, this is based entirely on a response by the Attorney General's Department to questions raised during submissions to The House of Representative Committee overseeing "Inquiry into potential reforms of National Security Legislation" which seems to have been lodged in August or September of 2012
Spy agency ASIO wants powers to hack into personal computers (News Limited) "SPY agency ASIO wants to hack into Australians' personal computers and commandeer their smartphones to transmit viruses to terrorists. The Attorney-General's Department is pushing for new powers for the Australian Security Intelligence Organisation to hijack the computers of suspected terrorists. But privacy groups are attacking the "police state" plan as "extraordinarily broad and intrusive"
The battle against cybercrime is too important to be undone by Eurosceptics (Guardian) Ukip and large parts of the Conservative party must have been unnerved by the inauguration last week of Europol's Cybercrime Centre, dubbed EC3. While EC3 is not able to open investigations into cybercriminal activity across Europe, it comes as close to a pan-European police force as anything we have yet seen. As outlined by its director, Troels Oehting, when fully operative in two years' time EC3 will have an unrivalled forensic capacity on which all EU police forces will depend
India's tough hacker crackdown: IT security leaflets with every device (The Register) India has reportedly concocted a plan to cut down on IT security problems: forcing hardware vendors to include a security awareness brochure with all desktop PCs, mobile phones and USB modems. The plans were dreamt up to improve the countrys cyber security preparedness, in response to the increasing volume of online threats facing users, according to the Economic Times. However, technology execs are apparently lobbying the government to modify its proposals, which were due to be rolled out at the beginning of the year
Singapore beefs up cybersecurity law to allow preemptive measures (ZDNet) Parliament passes amendment to Computer Misuse Act to allow for government to order preemptive measures against cyberattacks, and makes non-compliance an offense with jail term of up to 10 years and fine of S$50,000. Singapore's Parliament has passed the amended Computer Misuse Act, which enables the government to thwart potential cyberattacks on critical infrastructure. According to a statement by The Ministry of Home Affairs (MHA) on Monday, the government organization is now allowed to order a person or organization to act against any cyberattack before it has begun
SEC Rules for Cyber Security Disclosure (Princeton Corporate Solutions) In May 2011, Senator Jay Rockfeller requested to the Securities and Exchange Commission that it should advice public companies on the time when disclosure of cybersecurity risk to investors is compulsory. On October 13th, the Division of Corporate Finance at the SEC issued a Disclosure Guidance that for the first time advises registrants to evaluate their cybersecurity risks and if found necessary these risks should be disclosed to investors. The companies which ignore the suggestion of Division of corporate finance and fail to disclose important cybersecurity risks do so at their own risk and are liable to regulatory and legal action
Litigation, Investigation, and Law Enforcement
South Korea's 'Best of the Best' tackle cyber crime (CNN) Picture the scene: dozens of computer hackers poring over their keyboards in a room filled with powerful computers, feverishly typing in code most of us could never comprehend. Their mission? To "break in" to virtual servers in a simulated world
Legal Case Strained Troubled Web Activist (Wall Street Journal) Just days before he hanged himself, Internet activist Aaron Swartz's hopes for a deal with federal prosecutors fell apart. Two years ago, the advocate for free information online, who was known to have suffered from depression, allegedly used the computer network at the Massachusetts Institute of Technology to download nearly five million articles from a fee-charging database of academic journals. To some in the Internet community, it was a Robin Hood-like stunt
Why Aaron Swartz is becoming a martyr, and why you should care (Quartz) Martyrs tend to be made quickly, before the dust has settled on their lives, or their deaths. Such is the case with Aaron Swartz, a 26-year-old digital activist who apparently hanged himself at his home in New York City on Jan. 11. His family and friends say Swartz, who was prone to depression, felt hounded by prosecutors who were threatening him with up to 35 years in jail for computer hacking. Though Swartz was little known outside the circles of the geek world—and was hardly a celebrity even in internet terms, with a modest 7,000-odd followers on Twitter at the time of his death—there has been an outpouring of online tributes and media articles about him
Family blames US attorneys for death of Aaron Swartz (Ars Technica) After his untimely death, details of Aaron Swartz's criminal case are revealed. Coder and information activist Aaron Swartz took his life on Friday, and in the wake of his death the outpouring of grief from the tech community is palpable. While Swartz wrote publicly about depression, many have speculated that his legal troubles compounded the sense of hopelessness that drove him to take his life. On Saturday afternoon, Swartz's family and his partner released a statement corroborating that idea
MIT president calls for 'thorough analysis' of school's involvement with Swartz (Ars Technica) MIT's role in Swartz's JSTOR incident spurred a formal response today. Less than 48 hours after Aaron Swartz's tragic suicide, the institution involved in his high-profile JSTOR incident (that eventually lead to federal charges) has issued a statement. MIT President Rafael Reif e-mailed the members of the university community this morning to address the situation, despite Swartz never having a formal affiliation with the school. Reif emphasized he was compelled to comment not only because of MIT's role in the JSTOR incident, but also because Swartz was beloved by many within the MIT community. The president's tone was clear throughout: "It pains me to think that MIT played any role in a series of events that have ended in tragedy"
Online Gambling Site Bets On Bitcoin To Avoid U.S. Laws (Slashdot) Michael Hajduk had sunk one year and about $20,000 into developing his online poker site, Infiniti Poker, when the U.S. online gambling market imploded. On April 15, 2011, a day now known in the industry as Black Friday, the U.S. Department of Justice shut down the three biggest poker sites accessible to players in the U.S., indicting 11 people on charges of bank fraud, money laundering, and illegal gambling. Infiniti Poker…plans to accept Bitcoin when it launches later this month
Anonymous Says DDoS Attacks Like Free Speech (InformationWeek) Hacktivist collective Anonymous petitions the White House to make DDoS attacks part of First Amendment protections. Shutdown attacks are akin to Occupy protests, group argues. Can the Anonymous hacktivist collective hack the First Amendment? A petition filed this week with the White House seeks to decriminalize distributed denial-of-service (DDoS) attacks, making them a legal form of protesting. In other words, it would extend the First Amendment's protections to protect people's right to disrupt websites
The 'Hack Back' Offense - Legal Experts Weigh in on Hacking the Attackers (Bank Information Security) As distributed-denial-of-service attacks and other threats continue to hit organizations in 2013, many security leaders are beginning to consider the "hack back" strategy to repel attackers and mitigate any potential harm to the company. Attorney David Navetta, who co-chairs the American Bar Association's Information Security Committee, says the "hack back" strategy is a concept that's being discussed openly among legal professionals."Taking the DDoS-attack scenario, if you're an organization who has suffered an attack and you're able to pinpoint where it's coming [from], security professionals are exploring the idea of when it would be appropriate to hack the systems that are attacking you," Navetta says during a roundtable discussion with Information Security Media Group
Audits, Audits and More Audits: Life in the Healthcare Industry (Corruption Crime Compliance) Healthcare suppliers and service providers live in a regulated world. They are constantly under audit scrutiny. Sometimes federal agencies (i. e private contractors) conduct the audits; other times state agencies conduct the audits
For a complete running list of events, please visit the Event Tracker.
Upcoming Events
BWI Business Partnership Signature Breakfast (Hanover, Maryland, USA, Jan 16, 2013) Navy Rear Adm. Margaret Klein, Chief of Staff of the U.S. Cyber Command at Fort Meade, will headline the BWI Business Partnership's Signature Breakfast, Wednesday, Jan. 16, from 7:45 to 9:15 a.m., at the Hotel at Arundel Preserve, 7795 Arundel Mills Blvd., in Hanover.
Cybergamut Technical Tuesday: Finding Splunk Before Splunk Finds You (Columbia, Maryland, USA, Jan 22, 2013) Rob Frazier of Whiteboard Federal Technologies will present his talk "Finding Splunk Before Splunk Finds You". Certification letters will be available for PMI PMP PDU' and CISSP CPEs as well as other technical credits as appropriate. The live event will be in Columbia, MD, and there will be a cybergamut node established in Omaha, Nebraska for this event.
TED X Baltimore: Baltimore Rewired (Baltimore, Maryland, USA, Jan 25, 2013) At our TEDxBaltimore event, TEDTalks video and live speakers will combine to spark deep discussion and connection in a small group. The TED Conference provides general guidance for the TEDx program, but individual TEDx events, including ours, are self-organized.
Data Privacy Day (Various locations, Jan 28, 2013) The National Cyber Security Alliance (NCSA), a non-profit public-private partnership focused on helping all digital citizens stay safer and more secure online, and official coordinator of Data Privacy Day (DPD), is collaborating with many educational institutions, corporations, government and non-profit organizations across the world to make Data Privacy Day on January 28th a success. Data Privacy Day is an international day of awareness to educate everyone to respect privacy and safeguard personal information.
tmforum Big Data Analytics Summit (Amsterdam, Netherlands, Jan 29 - 30, 2012) Bringing together leading service providers, market analysts and all of the big names in Big Data, this forward-looking, education-packed two-day Summit combines keynote perspectives, case studies, debates, panels, interactive sessions and networking opportunities that maximize every participant's opportunity to network and generate ideas that can be implemented immediately.
North American ICS & SCADA Summit (Lake Buena Vista, Florida, USA, Feb 6 - 15, 2013) The Summit brings together the program managers, control systems engineers, IT security professionals and critical infrastructure protection specialists from asset owning and operating organizations along with control systems and security vendors who have innovative solutions for improving security. Along with government and research leaders, they are coming together to learn and discuss the newest and most challenging cyber security risks to control systems and the most effective defenses.
ATMiA US Conference 2013 (Scottsdale, Arizona, US, Feb 19 - 21, 2013) A conference devoted to the design of ATMs, and the future of the ATM industry.
Cybergamut Technical Tuesday: Cloud Security (, Jan 1, 1970) Dr. Susie Cole of Exceptional Software Strategies will discuss cloud security..
#BSidesBOS (Cambridge, Massachusetts, USA, Feb 23, 2013) Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of space and time. It creates opportunities for individuals to both present and participate in an intimate atmosphere that encourages collaboration. It is an intense event with discussions, demos, and interaction from participants. It is where conversations for the next-big-thing are happening..
RSA USA 2013 (San Francisco, California, USA, Feb 25 - Mar 1, 2013) RSA Conference continually evolves program offerings to meet the ever-changing needs of our delegates in the dynamic infosec industry.
Nullcon Goa 2013 (Bogmallo Beach Resort, Goa, India, Feb 26 - Mar 2, 2013) An international information security conference that will feature speakers and training. Topics include security and politics, vulnerability elimination, Android hacking, SCADA and smart grid penetration testing, and more.
TechMentor Orlando 2013 (Orland, Florida, USA, Mar 4 - 8, 2013) Celebrating 15 years of educational events for the IT community, TechMentor is returning to Orlando, Florida, March 4-8, for 5 days of information-packed sessions and workshops. Surrounded by your fellow IT professionals, you will receive immediately usable education that will keep you relevant in the workforce. TechMentor track topics include:Windows PowerShell and AutomationCisco and Networking Infrastructure Windows Server Management Windows Client Management Cloud and Virtualization Identity, Access Management and Security Performance Tuning and Troubleshooting Mobility and BYOD Messaging and Collaboration.
Business Insurance Risk Management Summit (New York City, New York, USA, Mar 5 - 6, 2013) The annual Risk Management Summit, now in it its fourth year, provides attendees with focused insight via specific, timely general sessions and strategic, thought-provoking discussions with peers and industry leaders.
e-Crime Congress 2013 (London, England, Mar 12 - 13, 2013) The e-Crime Congress is designed to meet the needs of key stakeholders and decision makers who are responsible for designing and coordinating information security and risk management strategy, safeguarding digital assets and sensitive information, protecting customers, defending against internal or external threats and responding to incidents.
CTIN Digital Forensics Conference (Seattle, Washington, USA, Mar 13 - 15, 2013) Speakers include experts and published authors in the field of digital forensics and cybersecurity. Topics include; Mobile Device Forensics, Internet Forensics, Physical Memory Analysis, Open Source Tools, Data Carving, Registry Forensics, Placing the Suspect Behind the Keyboard, Triage and Live Forensics CDs, and more.
IT Security Entrepreneurs' Forum (ITSEF 2013) (Palo Alto, California, USA, Mar 19 - 20, 2013) Supported by the U.S. Department of Homeland Security, Office of Science and Technology, ITSEF 2013 aims to connect the ecosystem of the entrepreneur: industry, government, and academia. The conference will advance innovation, lead change and build trusted global collaboration models between the public and private sectors to defeat Cybersecurity threats.
The Future of Cyber Security 2013 (London, England, UK, Mar 21, 2013) Cyber Security and the Citizen 2013 is a one-day conference and exhibition for senior decision-makers of central and local government organisations, NGOs and major private sector enterprises.
Cloud Connect Silicon Valley (Santa Clara, California, USA, Apr 2 - 5, 2013) Cloud Connect returns to Silicon Valley, April 2-5, 2013, for four days of lectures, panels, tutorials and roundtable discussions on a comprehensive selection of cloud topics taught by leading industry experts.
An Evening in Cyberspace: Supporting Tomorrow's Cybersecurity Leaders (National Harbor, Maryland, USA, Apr 6, 2013) UMUC is pleased to present An Evening in Cyberspace: Supporting Tomorrow's Cybersecurity Leaders. Join us for this special black-tie event to support the next generation of cybersecurity students. The evening will feature a reception, dinner, keynote and entertainment.
Cyber 1.3 (, Jan 1, 1970) Maj. Gen. Suzanne Vautrinot, USAF, commander, 24th Air Force, and commander, Air Force Network Operations, will discuss the global strategic implications that relate to the cyber domain at the Space Foundation national conference Cyber 1.3, to be held Monday, April 8th, at The Broadmoor Hotel in Colorado Springs, Colorado. Cyber 1.3 is a full-day conference that takes place immediately before the official opening of the 29th National Space Symposium. The conference includes a networking breakfast, a luncheon and concludes with a networking reception, co-sponsored by General Dynamics Advanced Information Systems. Government Executive Media Group is a Cyber 1.3 media co-sponsor.
InfoSec World Conference & Expo 2013 (Orlando, Florida, USA, Apr 15 - 17, 2013) With the primary objective of providing top-notch education to all levels of information security and IT auditing professionals, InfoSec World delivers practical sessions that give you the tools to strengthen your security without restricting your business.
Infosec Southwest 2013 (Austin, Texas, USA, Apr 19 - 21, 2013) InfoSec Southwest is intended to be a general security and hacking conference with no specific industry or topical focus. As such, nearly all topics (other than vendor pitches) are fair game and the attending audience is expected to span all demographics.
25th Annual FIRST Conference (Bangkok, Thailand, Jun 16 - 21, 2013) The annual FIRST conference provides a setting for conference participants to attend a wide range of presentations delivered by leading experts in both the CSIRT field and from the global security community.
SECRYPT 2013 (Reykjavik, Iceland, Jul 29 - 31, 2013) The 10th International Conference on Security and Cryptography (SECRYPT 2013) will take place from 29 to 31 July 2013 in Reykjavik, Iceland…The conference will focus on information systems and network security, including applications within the scope of knowledge society in general and information systems development in particular, especially in the context of e-business, internet and global enterprises. It will bring together researchers, mathematicians, engineers and practitioners interested in security aspects related to information and communication.