The CyberWire Daily Briefing 05.06.13

Summary

By The CyberWire Staff

Anonymous, of course, has threatened to cripple the US Government and the American banking system with tomorrow's promised OpUSA. Security experts are cautiously optimistic, expecting a fizzle along the lines of OpIsrael, but they do note a new apparent target set: small banks and credit unions. The Honolulu Police Department's website is defaced in a precursor to the campaign.

Morrocco's "Islamic Ghost Team" resurfaces to attack Cape Verde's US embassy. Pakistani hacktivists continue attacks on Indian government websites, inviting victims to feel "the wrath of Pakistani Hacker" (sic).

Microsoft discloses, and promises to patch swiftly, a zero-day vulnerability in Internet Explorer. The flaw may have been exploited in an apparent probe of nuclear weapons researchers.

QinetiQ still has nothing to say on the record about the breach Bloomberg reported last week, but the media consensus is that it was large, enduring, and damaging. CSO sees the attacks as essentially a supply chain campaign—one in which a relatively soft third-party target is compromised to reach harder targets that trust the third party.

Designers (and blawgers) see Internet governance as a source of security and online business disruption. More cyber trend reports appear, with an intelligent cautionary look from FUD Watch.

Industry news features predictions of rapid growth, merger-and-acquisition activity, and notes on up-and-coming startups.

France becomes the latest country to declare its intention of building offensive cyber capabilities.

US Government Internet snooping draws a novel legal critique on Third Amendment grounds (that's the amendment prohibiting quartering soldiers in citizens' homes).

Notes.

Today's issue includes events affecting Albania, Algeria, Armenia, Australia, Cape Verde, Chile, China, Columbia, France, India, Israel, People's Democratic Republic of Korea, Morocco, Netherlands, New Zealand, Organization of American States, Pakistan, Romania, Russia, Thailand, United Kingdom, United States.

Selected Reading

Cyber Trends

People Are Speaking, Markets Are Reacting, Fears Are Falling And Hackers Are Gonna Hack! (TechCrunch) The markets are not changing so much as the technology that makes markets move. The technology has enabled machines to ping each other at speeds that give them an edge over humans (at least in the very short-term) and people are connected to

Four Cybersecurity Breaches That Could Rattle The World (Business Insider) He's a former top US Department of Homeland Security official and author of the recently published book, "Cyber Warfare: How Conflicts in Cyberspace Are Challenging America and Changing the World." The book's cheerful premise? That technological

Is network monitoring dead? (Help Net Security) Network monitoring is dead, says the CEO of cPacket Networks; that is, unless network monitoring solutions become agile enough to deliver real-time visibility, while keeping up with the increasing

Trojans account for 80% of malware infections (Help Net Security) PandaLabs today published its report analyzing the IT security events and incidents from January through March 2013. In the first quarter of 2013 alone, more than six and a half million new malware

Trend Micro: Cyber crime up 40 percent in Latin America, Caribbean (ZDNet) Essentially, Trend Micro defined Latin America as the new hot target for cyber criminals -- especially when it comes to illegally tapping into government

FUDwatch: Armenia (Tenable) For a field that loves statistics, computer security sure treats them casually. In order to get my humble BA in Psychology, I absorbed my share of course hours in statistics and testing methods, including a set of lectures based upon Darrell Huff's brilliant book, "How to Lie with Statistics" - which I highly recommend. It's fun easy reading satire - those lectures had the effect of making me hyper-skeptical about any large, round, number that's thrown my way. Sometimes, I get the urge to play and this is one of those times. Please don't take anything from this point forward very seriously, OK? I'm going to cheerfully lie and throw bogus, useless figures at you, but (unlike the throwers of most of the bogus figures you see) I've given you the courtesy of warning you, first

The Next Great Internet Disruption: Authority and Governance (Daivd Bollier) As the Internet and digital technologies have proliferated over the past twenty years, incumbent enterprises nearly always resist open network dynamics with fierce determination, a narrow ingenuity and resistance. It arguably started with AOL (vs. the Web and browsers), Lotus Notes (vs. the Web and browsers) and Microsoft MSN (vs. the Web and browsers, Amazon in books and eventually everything) before moving on to the newspaper industry (Craigslist, blogs, news aggregators, podcasts), the music industry (MP3s, streaming, digital sales, video through streaming and YouTube), and telecommunications (VoIP, WiFi). But the inevitable rearguard actions to defend old forms are invariably overwhelmed by the new, network-based ones. The old business models, organizational structures, professional sinecures, cultural norms, etc., ultimately yield to open platforms

Some Important Thoughts About Internet Governance (Volokh Conspiracy) David Bollier and John Clippinger have an extremely interesting short essay on "The Next Great Internet Disruption: Authority and Governance" that is well worth reading. They start from Reed's Law…What does this have to do with Internet governance? A great deal, and possibly everything. Governance is nothing more (or less) than the processes through which groups articulate norms and rules that are binding on their members, and their policies and procedures for dealing with other groups. With a more robust ecosystem of group-formation tools at our disposal, it is easier to imagine, in Bollier and Clippinger's words, "the emergence of new sorts of effective, quasi-autonomous governance and self-provisioning" on the Net -- that could achieve both greater legitimacy than territorially-based governance institutions (because they could be much more closely aligned with each individual's voluntary consent to abide by the rules) and which could be more effective, in the a-territorial networked world, at dealing with harmful conduct that institutions whose powers are territorially defined

Legislation, Policy and Regulation

A Blueprint for Cyber Deterrence: Building Stability through Strength (Defense Update) Foreign intelligence and security services: Exploits may include political, military, economic, and industrial espionage; theft of information from or about another government; or theft of intellectual property, technology, trade secrets, and so on in

Anonymous takes charge, the Web takes down governments (Salon) The Internet collective's approach to holding power accountable might suit this moment better than any military

Cyberdefence to become cyber-attack as France gets ready to go on the offensive (ZDNet) The whitepaper also stresses on the need for France to have the "capability to autonomously produce security systems, especially for cryptography and attack detection", as it is seen as "essential component of national sovereignty." The goal seems to

Australia developing offensive cyber capabilities (The Australian Financial Review) "Cyber security continues to be a serious and pressing national security challenge," says the Defence white paper released on May 3, which sets out the

Govt tackles concerns over GCSB spying (New Zealand Herald) The Government has responded to concerns that its rejig of legislation around the GCSB would allow it to spy on New Zealanders without a warrant. Draft legislation released today shows the bureau will be required to seek authorisation from the responsible minister and Commissioner of Security Warrants when intercepting New Zealanders' communications during its security and information assurance functions

Thailand to enhance cybersecurity training, capability (ZDNet) 40 officers will be trained to become instructors specializing in ethical hacking and computer forensic skills, in agreement with the International Council of Electronic Commerce Consultants. Goal is to train 500 IT security officers by year-end. Thailand is training 40 officers to become instructors specializing in ethical hacking and computer forensic skills, in partnership with the International Council of Electronic Commerce Consultants (EC-Council), as part of efforts to tackle rising cases of cyberattacks

Products, Services, and Solutions

MACE: Taking Control of Network Access (Microsoft Research) Any businessperson in a large organization can testify about the challenges growth can bring. As a business gets larger, for example, the number of employees increases. Further growth might mean multiple offices--some, perhaps, located in distant lands

RIP, Hotmail, and Thanks for All the Spam (Wired) A remembrance of the first webmail service for millions of people: Hotmail. RIP buddy

Vir2us, Inc. Launches iKit - Software Solution For Securing Critical Infrastructure (MarketWatch) President Obama and Federal lawmakers have proposed legislation to secure the nation's critical infrastructure in recent months, and in recent days the President issued an Executive Order in response to the increasing number of cyber-attacks on

EiQ Networks launches SOCVue service (Help Net Security) EiQ Networks announced SOCVue, a new remote management service. With this development organizations can now leverage EiQ's SOC team expertise and knowledge to protect against cyber attacks and APTs

Intel set to unveil Silvermont Atom architecture (FierceMobileIT) Intel is expected to outline plans for a redesign of its Atom microprocessor on May 6, in the first such move since it was introduced in 2008 to power netbooks. Though netbooks have since fallen out of favor, Atom chips have found their way into networked devices such as NAS (Network Attached Storage) appliances and even low-power servers

Google experiments with Chromebook kiosks (FierceMobileIT) Businesses can now deploy Chromebooks for use at shared kiosks, thanks to a new Managed Public Sessions feature from Google. Once enabled, customers and employees can use the Chromebooks without a device login. Public session data inputs and outputs are cleared upon logout, ensuring privacy and that the next user starts with a clean session. According to Google (NASDAQ: GOOG), administrators can customize any Chrome device to be a public session device from the web-based management console

Bitdefender GravityZone (SC Magazine Australia) GravityZone can operate agentless or with an agent, and Bitdefender recommends that users deploy a virtual appliance on each host in their virtual data centre. This is especially important for large data centres with a lot of hosts. GravityZone has a

Technologies, Techniques, and Standards

ICS-CERT Revises Recommendations to Avoid Shamoon Infections (Threatpost) ICS-CERT updates a number of recommendations for critical infrastructure operators to prevent infections from the Shamoon wiper malware. Shamoon struck Saudi oil company Aramco, destroying more than 30,000 workstations

DoD officially adopts NIEM (FierceGovedrnmentIT) Two Pentagon memos make official Defense Department adoption of the National Information Exchange Model as the basis for defense data exchange. A March 28 memo (.pdf) from DoD Chief Information Officer Teri Takai says that as of that date, her office will no longer support further development of UCore or its C2 Core implementation "as unique DoD exchange models"

How Foreign Names Trip Up Terrorism Databases (InformationWeek) In April's Boston Marathon bombing, the key suspect's name, Tamerlan Tsarnaev, had multiple spellings on U.S. intelligence watch lists

Firms mull self-destructing data apps (FierceMobileIT) When it comes to BYOD, a major concern of IT managers is data security on personally owned mobile devices. Some firms are looking at apps like Snapchat as a model for corporate data security, according to a report by Network World. Snapchat enables smartphone users to share photo images that self-destruct after 10 seconds

Marketplace

Detective bids to seize opportunity in cyber crime (The Herald Scotland) A detective seconded to head the new business cyber crime prevention group believes Scotland could become a world leader in the online security industry. Detective Superintendent Steven Wilson has been appointed to run the Cyber Resilience Group under the banner of the Scottish Business Crime Centre

Cyber Security Market is Growing at a CAGR of 11.3% and to Reach $120.1 Billion by 2017 (IT Business Net) According to a new market research report Cyber-Security Market (Identity & Access Management (IAM), Risk & Compliance Management, Data Encryption, Data Leakage Prevention (DLP) Solution, Data Recovery Solutions, Unified Threat Management (UTM), Anti-Virus, IPS/IDS, Web Filtering, Fire-Wall, Vulnerability Management): Advanced Technologies, Geographical Analysis and Worldwide Market Forecasts (2012 2017), published by MarketsandMarkets, the Cyber security market is expected to reach $120.1 billion by 2017 at a CAGR of 11.3% from 2012 to 2017

Re-Shoring, Cyber Attack Actions, Tax Fears (Live Trading News) A significant percentage of supply-chain professionals surveyed during ISM's 98th Annual International Supply Management Conference in Dallas this week say their firms embrace re-shoring, face cyber attacks, and view tax policy and European stability as corporate threats

Details leak on DoD's budget reprogramming (Navy Times) The NSA would get an additional $89.3 million "to establish a trained and ready cyber workforce in direct support of US Cyber Command, Cyber Mission Force requirements." Some of the funds would go toward military intelligence projects not specified in

Antivirus is ailing: Here are 5 firms ready to replace it (IT World) AV companies have been at war with the bad guys for much of the last two decades. And guess what? The bad guys won. Now that the days of antivirus software being in the front line of defense against malware are over, what companies are ready to step in and take up arms against sophisticated attacks and malware? Here are five to keep your eye on

Interop Las Vegas: 10 Cool Startups (InformationWeek) Will one of the startups at the 2013 Interop Las Vegas conference launch the next big thing in enterprise IT? Take a look at some contenders

Veteran tech workers see themselves locked out of job market (IT World) Many tech companies have called for the U.S. Congress to ease restrictions on high-skill immigration because they can't find qualified tech workers to fill open positions. Yet, many veteran IT tech workers say they can't find jobs

There Is In Fact A Tech-Talent Shortage And There Always Will Be (TechCrunch) For America to maintain its fragile role as the most innovative nation on earth, it must perpetually attract the world's best and brightest. There will always be trailblazing engineers who stay in their home country, leaving the United States one notch below its potential. Yet, on the heels of comprehensive immigration reform, a new viral economic study claiming that there is no tech talent

Pushing for a modern, mobile government (The News Journal) The company sells software originally designed by the National Security Agency that Fixmo obtained as part of a technology transfer program in 2009. The software continuously checks mobile devices for changes, seeking to ensure that any questionable

China's internet security giant Qihoo planning global domination (The Register) Controversial Chinese software vendor Qihoo 360 has its eyes on world domination after controversial founder Zhou Hongyi told the local press he wants to turn the firm into the planet's biggest web security biz

Booz Allen subsidiary laying off workers in Tampa (Tampa Bay Business Journal) ASE Inc., a subsidiary of Booz Allen Hamilton Inc., is permanently laying off employees at its office in the Westshore area of Tampa. The company notified the Florida Agency for Workforce Innovation through a WARN notice letter on May 1 that it will lay off 57 employees at that location effective June 30…Media relations associate James Fisher with Booz Allen Hamilton emailed the Tampa Bay Business Journal Friday afternoon with a comment from the firm. "Due to the cancellation of a contract under which ASE Inc., a subsidiary of Booz Allen Hamilton, was providing services to USCENTCOM via the Prime, SAIC, earlier this week, ASE announced the layoff of over 50 employees," the email said…The majority of employees involved in the layoff -- 48 -- are intelligence analysts. The remainder represents a mix of operations officers, training specialists and other analysts

Intel's McAfee Is Buying Stonesoft, A Finnish Networked Firewall Specialist, For $389M In Cash (TechCrunch) McAfee, the Intel-owned security specialist, has just announced that it is buying Stonesoft Oyj,a Finland-based specialist in firewall protection products, for $389 million in cash. The move will let McAfee expand its product line specifically in cloud-based networked security products, to complement the antivirus services for which McAfee is best known. Stonesoft, a publicly-traded company in

Tom Ridge, Howard Schmidt Launch New Cybersecurity Executive Services Firm (Ridge-Schmidt) Tom Ridge, the first U.S. secretary of Homeland Security, and Howard A. Schmidt, former Cybersecurity Advisor to President Barack Obama and President George W. Bush, today announced that they are forming Ridge Schmidt Cyber LLC, a consultancy that provides strategic and advisory services that help leaders in business and government navigate the increasing demands of cybersecurity

Cassidian Takes Major Share in Arkoon Network Security Firm (DefenseNews) Cassidian has acquired for an undisclosed amount Arkoon Network Security, a French specialist in computer protection products, the defense and security division of EADS said in a statement April 29

Haystax Technology acquires Digital Sandbox, Inc. (Haystax) Haystax Technology, Inc. (Haystax), a portfolio company of the Edgewater Funds, today announced the acquisition of Digital Sandbox, Inc. Haystax provides multi-source information integration, big data analytics and visualization to address the challenges posed by exponential increases in data volume to customers in the intelligence, defense and security communities. The Digital Sandbox acquisition extends Haystax capabilities and products in public safety, law enforcement and corporate security markets

Leonard Kennedy Joins Neustar as SVP, General Counsel (GovConWire) Leonard Kennedy, a former general counsel and chief government affairs officer at Sprint Nextel, has joined Neustar as senior vice president and general counsel. The appointment takes effect May 13 and he will oversee Neustar's legal and external affairs efforts such as public policy and government relations, Neustar said Thursday. He succeeds Scott Blake Harri

Research and Development

IBM takes a big new step in cryptography: practical homomorphic encryption (Naked Security) Although it doesn't sound terribly sexy or impressive, HELib is actually an interesting and important milestone in cryptography. HE is also a surprisingly relevant topic right now, with our ever-increasing attraction to cloud computing. Bear with me

Cyber Attacks, Threats, and Vulnerabilities

Anonymous Plans Cyber Attack on White House, FBI, Bank of America and Citi Bank (iDigitalTimes) Internet hactivist collective Anonymous has made quite a name after cracking down on North Korea's Twitter and Flickr accounts and Israel's web space. The group now plans to strike US banks and government sites on 7 May

Experts hope for another failure in next Anonymous attack (CSO) Twist in the planned U.S. attack is to target small banks, which are unlikely to have the same level of sophistication in their defenses

FYI: Anonymous Planning "OpUSA" Attacks on Banks and US Gov't on May 7th. More Info as Relevant to Come. (Internet Storm Center) [A compendium of links, commentary, and posts from ISC contributors.]

Honolulu Police Department, Hundreds of Other Sites Hacked for OpUSA (Softpedia) Hackers deface websites in preparation for OpUSA Enlarge picture - Hackers deface websites in preparation for OpUSA OpUSA, the campaign initiated by several hacktivist groups against the United States government, is scheduled to officially start on May 7. However, some hackers have already started attacking websites as part of this operation

Embassy of Cape Verde in US Breached by Islamic Hackers (Softpedia) A group of hackers from Morocco, calling themselves the Islamic Ghost Team, have breached and defaced the official website of the Embassy of Cape Verde in USA

Pakistan Zindabad: India feels the 'wrath of Pakistan', second cyber attack in two months (Daily Bhaskar) The vulnerability of Indian government's websites became evident yet again as a Pakistani hacker on Saturday defaced the site of Rajasthan Public Service Commission by posting jingoist messages. Using the name Codacker, the hacker wrote 'Pakistan zindabad' on RPSC portal and even diverted the traffic of the site. The site also reflected another message which read, 'Feel the wrath of Pakistani Hacker'

Net slowdown? It might be DoS attack (Times of India) Named "Denial of Service" (DoS) cyber attack, new start-ups and smaller industries in Chandigarh are especially prone to such an attack. Chandigarh police have received at least six complaints in the last few months. "DoS is a new trend cyber criminals

Internet Explorer zero-day exploit targets nuclear weapons researchers (Ars Technica) The attack code appears to have exploited a zero-day vulnerability in IE version 8 when running on Windows XP, researchers from security firm Invincea said in a blog post. The researchers have received reports that IE running on Windows 7 is

Microsoft admits zero-day bug in IE8, pledges patch (Computerworld) "The exploit on the [Department of Labor] site appears to be exploiting a zero-day exploit affecting Internet Explorer 8 (IE8) only, [via a] use-after-free memory vulnerability that when exploited allows an attacker to remotely execute arbitrary code

When You Log In to Facebook Wrong, Scammers Can Profit (Wired) Searching for terms like "facebook login" can expose you to a host of scam sites that try and get you to click on advertising links or install shady toolbars and questionable apps. Login scammers probably aren't making much money, but

Multi-stage exploit attacks for more effective malware delivery (Help Net Security) Most drive-by exploit kits use a minimal exploit shellcode that downloads and runs the final payload. This is akin to a two-stage ICBM (InterContinental Ballistic Missile) where the first stage

IRC/HTTP based DDoS bot nukes other bots (Help Net Security) Online underground markets seem to offer anything and everything a budding cyber criminal might need. Compromised online accounts? They've got them. Malicious domain registering service? Here you go. Steam information harvesting tool? Yep. And that's just a small part of what you can find for sale. Lately, DDoS attacks have stopped being just a protest tool for hacktivists, and have become a way for cyber crooks to disrupt Bitcoin exchanges, target anti-spam organizations, the gambling websites, and so on. Naturally, malware developers are trying to meet a rise in demand for DDoS botnet-creating tools and DDoS-as-a-Service schemes

Researchers Hack Building Control System at Google's Australian HQ (Wired) Two security researchers recently found that they could easily hack the building management system for the corporate giant's Wharf 7 headquarters overlooking the water in the Pyrmont section of Sydney, Australia

University of Rochester Medical Center Acknowledges Security Breach (eSecurity Planet) 537 former patients' names, genders, ages, birthdates, weights, phone numbers and medical record numbers may have been exposed

Another cyber 'intrusion': Is an attack next? (Tribune-Review) "In the wrong hands, the Army Corps of Engineers' database could be a cyber attack roadmap for a hostile state or terrorist group to disrupt power grids or target dams in this country," she said. And with the Obama administration aiming to expand

Is A North Korean Cyber Attack On The Horizon? (Huffington Post) And NO we should not be worried about nothing. Concerned, may be, but worried, No. Mitch_Williams May 03, 2013 17:18 Do you think North Korea is capable of launching a cyber attack against the U.S.? Is this something we should be worried about

US Military Contractor Hacked: Secrets Served Up On A Platter (Silicon Angle) A key US Military contractor's confidential research data was exposed to hackers sponsored by the Chinese military for more than three years, in what is just the latest in a string of high-profile cyberespionage scandals

QinetiQ downplays Chinese cyber attack, national report (WSFA) A Huntsville defense contractor is criticizing a Bloomberg report that blames the firm as the reason for a possible security breach at Redstone Arsenal. That Bloomberg article claims Chinese hackers used a QinetiQ administrator's password to gain access to military top secrets. WAFF 48 News sent multiple emails and phone calls since the report surfaced earlier this week. QinetiQ didn't respond to any of our attempts. On Friday, WAFF 48 News decided to stop by their Huntsville office to find out why. Management was more than happy to talk off camera. Off camera, QinetiQ management admitted to being hacked but said they reported everything to the proper authorities. They also downplayed how deep the hack went but didn't go into specifics

Defense contractor under cyberattack for three years (CSO) Advanced persistent data theft at QinetiQ linked to Chinese hackers. Most, if not all, of the intellectual property of a U.S. defense contractor whose forte includes spy satellites and drone aircraft, was apparently compromised over a three-year period by Chinese hackers. Traces of the hackers' work was found in many of the divisions of the contractor, QinetiQ (pronounced "kinetic") and across most of their product lines, a former senior vice president at Verizon Terremark told Bloomberg News

Report: Chinese hackers drained secrets from top US military and spy contractor (Infosecurity Magazine) Spies like us? Apparently so, as in, they're just as vulnerable to Chinese hackers as anyone else. One of the top espionage and military contractors for the US, QinetiQ North America, has been successfully compromised and its information siphoned off, according to a Bloomberg report. The culprit? The well-known hacking collective Comment Crew. The damage? Thus far not fully assessed - but don't be surprised if US and Chinese military craft start to look suspiciously alike. Infosecurity reached out to QinetiQ NA for comment, but the company had not responded to the request by press time

Cyberspace & The Federal Gridlock On Your Security (WHNT) This week WHNT News 19 learned of a report claiming Chinese hackers gained access to computer systems owned by QinetiQ, a military defense contractor in Huntsville. According to the report, how the Chinese computer spies got through remains uncertain. It suggests top-secret data from virtually every corner of the company may have been compromised

Cutting Through the Bitcoin Hype: A Security Expert's Take (Wired) I'm on neither "Team Bitcoin" nor "Team Global Financial System." I'm on "Team Lets Fix This Thing." Who am I to say? I'm not an economist; I'm a hacker, who has spent his career exploring and repairing large networks

Lifting the lid on the Redkit exploit kit (Part 1) (Naked Security) In the first of a two part series, Fraser Howard takes a closer look at the Redkit exploit kit. Learn more about how this kit works and the compromised web servers that are being used to host it

The worst possible cybersecurity breaches could be far worse than you imagined (Quartz) The cyber-ruffians who briefly tanked the stock market recently by faking a news tweet about an attack at the White House showed how much damage can be done with a few well-placed keystrokes. Those who hacked into a Department of Labor website earlier this week could have wreaked even more havoc, say, if they successfully tweaked the monthly jobs report. Neither seemed particularly sophisticated, or malicious. But they do beg the obvious question: How much damage could a group of well-trained hackers do, economic and otherwise, if they really wanted to

Academia

The best defence (Winnipeg Free Press) New program teaches students of all ages safe online behaviour, how to improve cyber security. As a professional who recently experienced a very severe laptop computer virus in spite of all the firewalls possible, I'm suddenly much more aware and appreciative of the work being done in the area of cyber security

Transfiguration Students' Posters Win Spots in National Online-Safety Calendar (Oakdale Patch) The girls--Madeline Sevigny and Amy Vievering--were recognized during an assembly Friday at the Oakdale school

Litigation, Investigation, and Enforcement

Third Amendment constrains military cyber operation, argues EPIC lawyer (FierceGovernmentIT) Alan Butler, EPIC's appellate advocacy counsel, in an article in the American University Law Review (link at SSRN) says military cyber operations may easily meet thresholds established by the 18th century constitutional prohibition against soldiers quartering during peacetime in "any house, without the consent of the Owner" and during wartime "but in a manner to be prescribed by law"

Crime expert attacks 'deceptive' Home Office figures showing fall in offences (The Guardian) Claims that Britain has never been safer are misleading, according to a study that accuses the government of massaging official crime figures. It alleges that the Home Office is promoting statistics knowing they do not include some of the fastest-rising forms of online crime, making figures significantly lower than the true crime rate

Making a Difference in the Counterterrorism Community (Fire Engineering) Announcing the standup of the Joint Counterterrorism Assessment Team (JCAT) at the National Counterterrorism Center (NCTC), where public safety professionals, law enforcement, emergency medical services, fire service, intelligence, homeland security, and public health officials, are making a difference in the Counterterrorism Community

Terrorism database bloated with names (Portland Press Herald) The government's catch-all list for terrorism suspects has 875,000 records. When a Russian intelligence service told the CIA that Tamerlan Tsarnaev had become an Islamic radical looking to join underground groups, the agency put his name in the government's catch-all database for terrorism suspects

Alleged 'SpyEye' Botmaster Ends Up in America, Handcuffs (Wired) A 24-year-old Algerian man landed in Atlanta, Georgia on Thursday to face federal charges that he hijacked customer accounts at more than 200 banks and financial institutions, capping a months-long extradition battle. Hamza Bendelladj, who went by the name Bx1 online, is also accused of operating botnets of machines infected with the SpyEye banking trojan

Ex employee hacked into high-voltage power manufacturer's network (Help Net Security) A criminal complaint was unsealed on Thursday in federal court in the Eastern District of New York charging Michael Meneses - who was arrested earlier that day in Smithtown, Long Island - with hacking

Three Foreign Nationals Appear in Court for Cyber Fraud Conspiracy (Main Justice) Three Romanian nationals charged with cyber crimes appeared before a federal judge this week after their recent

Dutch spy gets 12 years for feeding sensitive military and political intelligence to Russia (Irish Times) Raymond Poeteray's capture was seen as a coup for the Dutch security service but it emerged he had been caught too late

Design and Innovation

British cryptographic hacking from WW2 - how well would *you* have done? (Naked Security) If you were taken prisoner and wanted to send messages home under your captors' noses, what would you do? Find out how a Royal Navy officer did just that during WW2, and have a go yourself at hiding a secret message in an innocent-sounding letter home

FBI Fun With Codes (iProgrammer) To interest the public in the work of its Cryptanalysis and Racketeering Records Unit (CRRU), the FBI has devised a dot code cryptanalysis puzzle

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

Hack in Paris (Paris, France, June 17 - 21, 2013) This five day event will examine forensics, malware analysis, and corporate hacking techniques, and what could be better, it is held at the Euro Disney conference center outside of Paris. It has attracted a stellar lineup of speakers and promises to be a very technical event with heavy emphasis on training. This is its second year.

ShakaCon (Honolulu, Hawaii, USA, June 25 - 28, 2013) This is the fifth year this "laid back security conference in paradise" is being held. Some solid presentations and training on malware analysis and penetration testing. After all, what could be better than "sun, surf, and C Shells?" There are intensive training classes on hacking mobile apps and even lock picking (the set of tools is included in the class registration).

GrrCon (Grand Rapids, Michigan, USA, September 12 - 13, 2013) Says IT World, "Another hacker conference, this time in Michigan. The schedule looks to be bawdy, brash and anything but dull, with hackers promising to "pwn" you before you leave town. There are also sessions on penetration testing tools and mobile hacking methods."

Strange Loop (, January 1, 1970) Meet us in St. Louis, Sept 18-20th, 2013, to make connections with the creators and users of the languages, libraries, tools, and techniques at the forefront of the industry. Find out where we're going…and where we're not. Topics include emerging languages, concurrent and distributed systems, new database technologies, front-end web, and mobile.

The Monktoberfest (Portland, Maine, USA, October 4, 2013) Our speakers will explore how social trends can change the way we build and use technology, and how technology in turn can change the way we socialize.

Interop Las Vegas (Las Vegas, Nevada, USA, May 6 - 10, 2013) Attend Interop Las Vegas, May 6-10, and attend the most thorough training on Apple deployment at the NEW Mac & iOS IT Conference. Join us in Las Vegas for access to 125+ workshops and conference classes, 350+ exhibiting companies and the latest technology.

(ISC)² CyberSecureGov (Crystal City, Virginia, USA, May 7 - 8, 2013) Join (ISC)² for an exciting two days as they explore the prevailing factors working against US Government IT Security practitioners and managers, how existing technical and personnel resources are faring during this time of transition, what new resources are emerging -- from both industry and government -- that hold promise in helping to fulfill the mission of securing government systems and citizens, and more.

ITWeb Security Summit 2013 (Sandton, South Africa, May 7 - 9, 2013) A conference devoted to cyber security, with a particular emphasis on countering the latest attack vectors. The gathering creates an opportunity for senior security professionals and business decision-makers to learn about new strategies and tactics, and hear insight and comment from leading international and local subject-matter experts, featuring expert insights, interactive workshops, an expo, valuable networking, sought-after SANS training, and practical solutions.

The Computer Forensics Show (New York City, New York, USA, May 8 - 9, 2013) For IT and business executives responsible for creating, implementing, and managing a proactive and comprehensive IT strategy for information security, risk management, compliance, and business continuity management. An understanding of risk and the application of risk assessment methodology is essential to being able to create a secure computing environment. (Co-located with ASIS New York City Security Conference and Expo.)

ASIS 23rd New York City Security Conference and Expo (New York City, New York, USA, May 8 - 9, 2013) Join more than 2,500 professionals in the Big Apple for the largest annual conference in the Northeast for security management and law enforcement professionals. This exciting event will focus on key challenges facing practitioners and organizations in the public and private sectors.(Co-located with the Computer Forensics Show.)

Software Engineering Institute Invitational Hiring Event (Arlington, Virginia, USA, May 8 - 9, 2013) Attention software engineers and cyber security professionals: Carnegie Mellon's Software Engineering Institute needs your top notch skills to meet today's challenges. SEI staff will be interviewing on May 8 & 9 at their offices in Arlington to fill immediate local positions. All candidates must be eligible to obtain a Security Clearance. Interviews are by appointment only. At the SEI, you will have opportunities to make an impact on internet security and work with some of the most talented people in the field.

Baltimore Tech-Security Conference (Baltimore, Maryland, USA, May 9, 2013) The Baltimore Tech-Security Conference features 25-30 vendor exhibits and several industry experts discussing current tech-security issues such as email security, VoIP, LAN security, wireless security, USB drives security & more. There will be lots of give a ways and prizes such as iPods, $25, $50 and $100 gift cards, as well as cash prizes and lots more! This unique conference format will provide educational speaker sessions as well as tremendous networking opportunities. You'll come away with advice and knowledge you can start applying to your environment immediately.

CyberSecurity UAE Summit 2013 (Dubai, UAE, May 13 - 14, 2013) Review developments, strategies and best practice in global cyber security. Assess the nature of the latest threats being faced and the impact of these upon your organisation. Discuss the most promising cyber security technologies in the marketplace. Assess the trends to watch in global cyber security. International Case Studies: Discover the best practice in protecting your organisation from cyber-attack.

GovSec (Washington, DC, USA, May 13 - 15, 2013) GovSec is the nation's premier event for Government, Homeland Security, and Law Enforcement professionals looking for proven strategies and cost effective technology so they can achieve their mission of protecting our communities, critical infrastructures, and key assets. The conference includes sessions devoted to cyber security.

cybergamut Technical Tuesday: Identifying TLS/SSL Encrypted Network Exploitation Activity Using Traffic Externals (Columbia, Maryland, USA, May 14, 2013) Jeff Kuhn of CACI describes recently completed CACI research using adaptive data analytics to distinguish encrypted exploitation activity from legitimate network traffic based on traffic externals in a real world environment.

Thriving in the Post-Sequestration GovCon Era (McLean, Virginia, USA, May 14, 2013) The Potomac Officers Club is hosting a summit for GovCon executives and government leaders to collaborate and share ideas on how to navigate a new era involving sequestration. At least five speakers, each experts in the intersection between the public and private sector, will discuss what is to come after the automatic budget cuts known as sequestration dissipate. Confirmed speakers include: Frank Kendall (Defense Undersecretary for Acquisition, Technology and logistics), Robert Hale (Defense Department Comptroller), Jim McAleese (founder of McAleese & Associates), Pierre Chao (managing partner and co-founder of Renaissance Strategic Advisors), and Stephen Fuller (George Mason University professor and director at the Center for Regional Analysis).

Second Maryland Cybersecurity Center Symposium (MC2) (College Park, Maryland, USA, May 14 - 15, 2013) Drawing on regional experts of national and international acclaim, MC2's second Annual Cybersecurity Symposium will showcase the latest research, trends, and topics in cybersecurity, including: keynote addresses by Dr. Fred Schneider, Randy Sabett, Dr. Kathleen Fisher and Dr. Steve Bellovin; tutorials by MC2 faculty and corporate partners; and Tech Talks by MC2 faculty. The MC2 Symposium program will broaden your knowledge, skillset, and awareness of cybersecurity problems and directions, and the event is sure to present unique opportunities to connect with colleagues across academia, industry, and the state and federal government.

FOSE (Washington, DC, May 14 - 16, 2013) FOSE is the premier event for government technology professionals interested in innovative, effective tools and solutions allowing you and your agency or organization to advance your mission. From IT managers and buyers to CIOs and other technology management professionals, FOSE has the right products, people and solutions for you in one very accessible location.

7th Annual INSA IC Industry Day (Springfield, Virginia, USA, May 15, 2013) This annual event is held at the TS/SCI level in cooperation with ODNI as a comprehensive forum for IC leaders to relate their budget priorities to industry. The theme of this year's IC industry day is Intelligence Program Priorities in a Budget Constrained Environment and will feature keynote addresses from DNI James Clapper, Dr. Roger Mason, ODNI, and Letitia Long, Director, NGA. Registration opens Wednesday, March 27.

Hack Miami (Miami, Florida, USA, May 17 - 19, 2013) The HackMiami 2013 Hackers Conference seeks to bring together the brightest minds within the information security industry and the digital underground. This conference will showcase cutting edge tools, techniques, and methodologies that are at the forefront of the global threatscape.

CEIC 2013 (Orlando, Florida, USA, May 19 - 22, 2013) The largest digital-investigations conference of its kind and the only one to offer hands-on lab sessions for practical skills development. CEIC offers relevant and practical information from expert speakers. It will be of interest to anyone interested in cyber forensics and e-discovery. Former Director of Central Intelligence Michael Hayden will deliver the keynote.

IEEE Symposium on Security and Privacy (San Francisco, California, USA, May 19 - 22, 2013) Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for the presentation of developments in computer security and electronic privacy, and for bringing together researchers and practitioners in the field. Papers offer novel research contributions in any aspect of computer security or electronic privacy. Papers may represent advances in the theory, design, implementation, analysis, or empirical evaluation of secure systems, either for general use or for specific application domains. (Co-located with the IWCC and Web 2.0 Security and Privacy.)

U.S. Department of State Mobile Computing Forum (Washington, DC, USA, May 23, 2013) The U.S. Department of State's Bureau of Information Resource Management will host an educational forum and IT Expo, themed "Mobile Computing," reflecting their mission to empower diplomacy, consular services and development, by providing access to information and technology solutions anytime and anywhere. The U.S. Department of State has over 69,000 users worldwide at 285 posts with approximately 40,000 remote access users! Small businesses and prime contractors with products and services in Mobile Computing are invited to share information about their companies.

International Workshop on Cyber Crime (IWCC) (San Francisco, California, USA, May 24, 2013) The aim of this workshop is to bring together the research accomplishments provided by the researchers from academia and the industry. The other goal is to show the latest research results in the field of digital forensics and to present the development of tools and techniques which assist the investigation process of potentially illegal cyber activity. We encourage prospective authors to submit related distinguished research papers on the subject of both: theoretical approaches and practical case reviews. (Co-located with the IEEE Symposium on Security and Privacy.)

Web 2.0 Security and Privacy (San Francisco, California, USA, May 24, 2013) The goal of this one-day workshop is to bring together researchers and practitioners from academia and industry to focus on understanding Web 2.0 security and privacy issues, and to establish new collaborations in these areas. (Co-located with the IEEE Symposium on Security and Privacy.)

Maryland/DC Celebration of International Trade (Linthicum, Maryland, USA, May 21, 2013) Join Maryland exporters and international business experts as they celebrate International Trade Week. Hosted by the Maryland/DC District Export Council this event is a content rich celebration of international trade. Participate in expert discussions lead by manufacturers, legal, financial, transportation and industry experts as well as government leaders in eight vertical tracks for a total of 24 highly interactive 90 minute sessions.

IEEE-Cyber 2013 (Nanjing, China, May 26 - 29, 2013) This conference will cover cyber physical systems, cyber control and automation, cyber robotics, and the Internet of things.

Cyber Security @ CeBIT (Sydney, New South Wales, Australia, May 28 - 30, 2013) The Cyber Security Conference will serve as a platform where all those involved in securing and governing ICT within an organisation can discuss the newest challenges and strategies. The event is a must-attend for CIOs, CSOs, CISOs, Chief Risk Officers, Heads of Governance and Compliance and IT Directors. It is predicted that security service spending in Asia-Pacific will reach $7 billion in 2015, so ensure that you are investing in the best technologies for your business by joining us at the Cyber Security Conference on 28 May 2013 and hearing from leading financial institutions, retailers, airlines, telecoms companies and government.

Private Sector Crossovers: Protecting People, Property and Information (, January 1, 1970) With its annual cyber conference on May 29, the Howard County Chamber of Commerce and its GovConnects initiative will offer expert speakers on cyber security and efforts to protect government agencies and private industry. There will be opportunities for informal networking and formal, targeted match-ups for businesses interested in making connections with government contractors and agencies.

Cyber Security for the Chemical Industry (Franfurt, Hessen, Germany, May 29 - 30, 2013) It is becoming increasingly more important than ever to be aware of the latest cyber threats, and equipped to protect your company from them. In addition to physical security, these industries are faced with the ever-increasing risk of cyber attacks to their DCS and SCADA infrastructure networks as well as their R&D networks. These attacks can have a costly affect not only on profits, but also corporate reputation.

DGI Cyber Security Conference & Expo (Washington, DC, 2013, May 30, 2013) Data security threats continue to increase in number and sophistication. The growing use of collaborative technologies - from mobile devices and social media to virtualization and cloud computing - will continue to be one of the most significant factors impacting the security landscape. For these reasons, the federal government has increased efforts to minimize and prevent cyber security attacks, and will continue to place significant focus on securing the nation's cyber infrastructure.

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.