The CyberWire Daily Briefing 05.08.13

Summary

By The CyberWire Staff

As many observers predicted, yesterday's OpUSA proved largely a fizzle.

Reports appear that the Syrian Electronic Army has shifted its campaign against Israel (an adjunct to its primary mission of supporting Assad's regime) from denial-of-service to attacks on SCADA. Syria shuts down its Internet connectivity for the second time during the ongoing civil war—but this won't disrupt the Syrian Electronic Army, which operates largely from outside the country.

The US Department of Defense calls the alleged Chinese cyber attack on QinetiQ North America "disturbing" but says it's "not in a position to investigate the security practices of a private company." ("Investigate" here seems to mean "investigate as a matter of law enforcement.") China remains in high dudgeon over US charges of cyber espionage, but the official allegations have lent urgency to the US Senate's consideration of new anti-espionage legislation. Bill Gates thinks he sees a solution—briefly, an Internet "referee," which he regards as technically feasible.

Attacks on media outlets continue, now in the form of redirection of Internet visitors to malicious sites serving malware and bogus antivirus software. Site visitors appear to be vulnerable only if they're using Internet Explorer. Twitter accounts remain attractive to hackers as well.

The Cool Exploit Kit is active and dangerous in the wild. IE, Java, and Apache vulnerabilities continue to be exploited, and SQL injection still succeeds against unprepared targets.

The US Department of Homeland Security will get a new CIO, and the CIA has a new head of its Clandestine Service.

Notes.

Today's issue includes events affecting Australia, China, Denmark, European Union, Finland, Norway, Iceland, Ireland, Israel, Netherlands, New Zealand, Syria, Sweden, United States.

Selected Reading

Cyber Trends

The Netherlands suffered over 250 critical cyber attacks report concludes (Cyberwarzone) The Netherlands suffered over 250 critical cyber attacks in 2011 - 2012 that could have crippled the Dutch infrastructure. The report that has been released by the National Cyber Security Centre in The Netherlands shows that The Netherlands experienced at least 250 cyber attacks that targeted the infrastructure of The Netherlands.It is the first time that the Dutch government provides an chronological list of cyber attacks that were targeting the Dutch environment

John Boles: FBI Cyber Division Deputy Assistant Director (Main Justice) Speaking before the House Judiciary subcommittee on crime, terrorism and homeland security in March, Boles classified the biggest cyber threats U.S. businesses and government currently face as coming from any of four actors: "foreign intelligence services, terrorist groups

A radical shift in security needs (Help Net Security) During the last 40 years we've seen a small number of significant, user-driven shifts in the computing landscape, which change the way businesses and IT departments operate. The move from mainframes and

IT executives believe the cloud increases data security (Help Net Security) While companies have become increasingly comfortable with the security of third-party cloud service providers, data security – particularly at the end user level – as well as concerns over meeting

Closing the Gap Between the Physical and Cyber Realms and What That Means for GEOINT (Trajectory) On Tuesday, March 12, 2013, the Office of the Director of National Intelligence (ODNI) released its "Worldwide Threat Assessment of the U.S. Intelligence Community," naming cyber the top priority. That same day on Capitol Hill, Gen. Keith Alexander, commander of U.S. Cyber Command and director of the National Security Agency, told the Senate Armed Services Committee cyber threats are becoming more severe

Legislation, Policy and Regulation

And What Will Europe Do? The European Council and Military Strategy (Egmont Institute) Important decisions on Europe's military capabilities are expected from the December 2013 European Council. But why? What do Europeans actually want to do with their capabilities? The answer to that question would be the crowning piece of the European Council's decisions

The Fog of Cyber Defence (National Defence University) …The book focuses on Nordic cooperation in the field of defence policy on a political level. It is a collection of articles that aim to answer the many questions related to cyber security and take a stand on the practical possibilities of cyber defence. The meeting of the Defence Ministers on the 12th and 13th of May 2009 was an example of political positioning with regard to cyber. All Nordic countries – Finland, Sweden, Norway, Denmark and Iceland – participated

India introduces Central Monitoring System (The Register) Privacy advocates are up in arms after the Indian government began quietly rolling out a Rs.4 billion(£47.8m) Central Monitoring System (CMS) designed to give the authorities sweeping access to citizens' phone calls and internet comms in the name of national security

Senators propose law to combat cyber theft (Reuters) General Keith Alexander, head of the U.S. National Security Agency and commander of the U.S. Cyber Command, has called the growing problem the "greatest transfer of wealth in history." China is accused of being the biggest culprit in theft attempts

US senators unite on cyber-security legislation (Business Spectator) General Keith Alexander, head of the US National Security Agency and commander of the US Cyber Command, has called the growing problem the "greatest transfer of wealth in history." China is accused of being the biggest culprit in theft attempts against

Why Isn't the Name of the New Director of CIA's National Clandestine Service Being Made Public? (Firedoglake) CIA director John Brennan has appointed someone to fill the position of National Clandestine Service (NCS) director. The individual, however, is apparently going to keep his undercover status

Don't freak out, but the government records and stores every phone call and email (ITworld.com) This Uber Communication DVR technology may be an outcome of the National Security Agency's (NSA's) push to expand its Global Information Grid (GIG) to handle yottabytes of data (10 ^ 24 bytes of data, or a septillionbytes). The NSA agency website

Patrick Gallagher: National Institute of Standards and Technology Director (Main Justice) NIST's role under the executive order is to develop a set of best practices and industry standards to protect critical infrastructure such as telecommunications and chemical plants from cyber attack. In an apparent attempt to address the

Fed Should Lead Cyberdefense for Financial Industry, Banks Say (Businessweek) U.S. banks urged the Federal Reserve to take the lead in defending the financial services industry from cyber attacks by working with federal counterterrorism, intelligence and law enforcement agencies, documents show. Bank representatives on the

Products, Services, and Solutions

Here's technology from Africa that ensures the cloud works when your connection doesn't (Quartz) The "cloud" is great for places that enjoy uninterrupted power and internet connections. But for large swathes of the world, where blackouts are common and connections unreliable, accessing files stored remotely on the internet is a massive hassle. Forget about downloading Adobe Creative Suite. Simply working on a Google doc can be aggravating. That's why the people behind Ushahidi, open disaster-mapping software, built BRCK (pronounced "brick.") BRCK is a wi-fi router and mobile modem in one, with eight hours of battery life to keep it going when the power runs out

Reservoir Labs & Tilera Unveil A New Generation In Cyber Security (Wall Street Journal) Reservoir Labs today announced the general availability of a new line of R-Scope(R) network security appliances. These powerful cyber-security devices provide real-time threat detection and network security monitoring solutions scaling to 100+ Gbps. R-Scope appliances leverage and extend the state-of-the-art open source Bro(1) analytics language, empowering analysts to develop custom network security analytics tailored to their environment. As a result, R-Scope DOMINATE(TM) and R-Scope PACE(TM)

Check Point Eyes SMB With Appliance Launch (Channelnomics) It's well established Check Point Software Technologies Ltd. has secured a strong place in the enterprise. Now the Israel-based network security company is

Thales passes LTE interoperability test (Urgent Communications) Thales Communications. Inc. has successfully completed the Department of Commerce's Public Safety Communications Research (PSCR) Phase 3 LTE Demonstration Network Test Plan, demonstrating interoperability of its public safety Long-Term Evolution (LTE) solution

Seagate unveils complete SSD product line (Help Net Security) Seagate took the wraps off its first client SSD and its next-generation enterprise SSDs. Featuring the Seagate 600 SSD, Seagate 600 Pro SSD, and the Seagate 1200 SSD, the new line of drives are engineered

Malwarebytes backup service prevents malware uploads (Help Net Security) Malwarebytes Secure Backup, released today, is an online backup service that automatically scans files for malware prior to backup, removing the threat of saving or sharing infected files

Analyzing 450 million lines of software code (Help Net Security) A new Coverity report details the analysis of more than 450 million lines of software code through the Coverity Scan service. The service, which began as the largest public-private sector research

Most Antivirus Products Improve in Latest AV-Test Report (PC Magazine) In this year's March/April test, AhnLab and ESET failed to achieve certification. Both managed to improve for the May/June test; nobody failed this time

Technologies, Techniques, and Standards

Seven "Sins" of Cyber Security (infosec island) While some of the cyber attacks making news lately are the result of sophisticated methods, many are not: they often take advantage of a lack of basic security protections. The 2013 Verizon Data Breach report notes that of the intrusions analyzed, 78% of the initial intrusions were rated as low difficulty. Let's take a look at seven "sins" that organizations and users are committing that are leaving them vulnerable

Resilience ‒ The way to Survive a Cyber Attack (infosec island) The claim that any Western, information technology dependent society could be brought down by a fifteen-minute cyber attack has recently provoked intense discussion. In reality, a well-prepared cyber attack does not need to last for 15 minutes to succeed. After preparations it takes only seconds to conduct the attack which may hit targets next door as well as those on the other side of the world

Inside a Cyber War Room: The Fight Against Hacking (CNBC) On the front lines of the cyberwar, things look much different than U.S. military veterans are used to. For one thing, veteran Army officers are used to having the upper hand in technology and manpower in any battle they fight. But in cyberspace, that's not always the case. Under-equipped corporate IT departments can find themselves tangling with elite Chinese army units probing every nook and cranny of the U.S. defense and industrial base

What IT managers need to know about risky file-sharing (Computer Weekly) There is a danger in employees being tech-savvy they can use devices and means to transport and exchange files that are beyond the control of IT management. Employees may simply see webmail, file-sharing services, cloud storage, USB sticks and smart devices as easier to use than traditional corporate tools to transfer files. For IT managers, however, users with unchecked file transfer methods represent unacceptable security risks with regulatory implications. The internet is an empowering thing

Why wiping decommissioned IT assets should be a must (Help Net Security) Last week I've written about the ways confidential data can leak outside the organization if the IT security team doesn't pay attention to printers, shredders, or employees are plainly leaving documents

The importance of secure coding (Help Net Security) Jim Manico is the VP of Security Architecture for WhiteHat Security. In this video recorded at Hack In The Box 2013 Amsterdam, Manico illustrates the importance of secure coding and talks about various

Increase Facebook privacy with Safe Profile (Help Net Security) 76 percent of consumers are concerned about their privacy when they share their life on social platforms. Facebook's array of privacy settings, which enable users to precisely control the privacy

To hoard or not to hoard big data (FierceBigData) Some say it is too early in the life of big data analytics to tell what data may be meaningful to future questions, so all data should be retained. Others say there is no way we will be able to keep pace with the amount of data being generated and that no one will ever need every one of Justin Bieber's tweets, so we need to start separating real information from junk data

Marketplace

Spires out as DHS CIO (FierceGovernmentIT) Homeland Security Department officials confirmed May 7 that Richard Spires, the departmental chief information officer since August 2009, is no longer in that position. Spires went on leave March 15. No new permanent CIO has been appointed, officials said, adding that Deputy CIO Margie Graves will continue as acting CIO

DHS IT officials grapple with patch management (FierceGovernmentIT) Alma Cole, until recently the chief systems security officer of Customs and Border Protection--now a vice president at Robbins-Gioia--said the problem of good patch management has shifted from applying Microsoft operating system updates. "The Microsoft patches are not the problem anymore, and it's not what's been attacked as much, anymore," he said, adding that third party applications such as Adobe Reader, Flash and Java are more often now the site of patching problems

Federal Agencies Start to Lose Competitive Edge for Cyber Workers (Nextgov) Salaries for federal information security workers are beginning to lag behind those received by their private sector counterparts, an issue that could impact agencies that already are facing challenges in recruiting, hiring and retaining in-demand cyber talent, according to a new report

Sequester Changes Rules On DoD Contractor Background Reinvestigations (Federal Times) Citing sequester and budget challenges, the arm of the Defense Department overseeing security clearances for contractors is cutting how much time people have to request so-called periodic reinvestigation

Intel takes on cyber-hackers with £250m Stonesoft buy (Telegraph.co.uk) The agreed deal, struck by Intel's McAfee security-software business, adds Stonesoft's firewall technology to the chipmaker's suite of anti-hacking products at a time when companies and governments are under increasing pressure to stop cyber criminals

Bob Kipps: GovCon M&A Sellers Must 'Know Their Buyer' (GovConWire) Sellers Need to Know Their Buyer Bob Kipps, Managing Director, KippsDeSanto & Company In sales, experts always say "know your customer." That advice also holds true in large part for owners of Government and Defense industry firms considering the sale of their business. In this year of transition and uncertainty, sellers can complete successful transactions

Lou Von Thaer Named SAIC Natl Security Sector Lead (GovConWire) Lou Von Thaer, president of General Dynamics' (NYSE: GD) advanced information systems business unit since 2005, has joined Science Applications International Corp. (NYSE: SAI) as president of its national security sector. The appointment is effective June 6 and Von Thaer will lead a business that will become part of Leidos, one of two independent companies SAIC

Barracuda appoints new ANZ country manager (Techday NZ) Barracuda Networks has appointed Mike Romans as country manager for Australia and…auditing means Kiwis are more vulnerable than ever to cyber attacks

Research and Development

Los Alamos Surfs Its Own Quantum Internet for 2 Years (TechNewsWorld) That may bring the promise of Internet connections protected by light and physics-based quantum cryptography that much closer to the present day, where criminals and state-sponsored hackers grab more headlines daily. Amid fears that state-sponsored

'Honeywords' to trigger alarm when hackers compromise passwords (Wired) The new, complementary honeyword measure -- proposed in a research paper titled "Honeywords: Making Password-Cracking Detectable -- was devised by RSA Labs researcher Ari Juels and MIT cryptography professor Ronald Rivest, the latter who is the

Does data science need an independent, third-party peer review service? (FierceBigData) Properly conducted science has nothing to do with belief. Neither data scientists nor the businesses and organizations that will come to leverage big data should ever consider themselves believers of big data. An article in GigaOM this week started off talking about how "true believers [in big data analytics] may be guilty of hype" and went on to discuss the potential for bias among data scientists, which is a more meaningful issue and of genuine concern

Cyber Attacks, Threats, and Vulnerabilities

Massive hacker strike against US government and banks turns out to be a dud (Quartz) Today is May 7, the day that Anonymous and various explicitly anti-USA and anti-Israel hacking groups promised to take down the websites of the Pentagon, White House, FBI, Bank of America, Chase bank, and all the other usual symbols of oppression. Except the attacks appear to be a complete failure. All the sites on the group's #OpUSA target list seem to still be up and running. If these sites are under fire—via a flood of nonsense traffic known as a Distributed Denial of Service attack—they are absorbing it with no apparent interruption to their service

Syrian Electronic Army targets and hacks SCADA systems (concise-courses) A hacker collective called the 'Syrian Electronic Army (SEA)' has gained entry into an important Israeli Internet relay center. Their motivation was the Israeli attack a few days ago which as of Tuesday May 7th, seems to be escalating. Hacking and take-downs is hardly new news when it comes to conflicts, but what is relatively different with this is the specific attacks on SCADA systems – rather than the usual DoS barrage which becomes a dime a dozen during heightened times. Point in case, look at the North Korean tension which was sky-high only a few days ago. At its' zenith that particular flare-up by the North was accompanied by a cyber-attack they allegedly initiated – as is evident by their usage of their tried and tested 'wiper' attack

Syria disappears off the face of the internet (Naked Security) It looks like internet access into and out of Syria has been shut down, cutting the country off from the rest of the internet

Chinese Cyber-spying on QinetiQ Probed by Pentagon (Bloomberg) The U.S. Defense Department is investigating intrusions by Chinese cyber-spies into the computer systems of defense contractor QinetiQ North America, the Pentagon said. For three years, hackers linked to China's military infiltrated QinetiQ's computers and compromised most if not all of the company's research, which includes work on secret satellites, drones and software used by U.S. special forces in Afghanistan and the Middle East, Bloomberg News reported May 2

Pentagon Retracts Statement on Probe of QinetiQ Cyber-Intrusions (BusinessWeek) The Pentagon retracted statements that it's probing the multiyear campaign of cyber-intrusions into defense contractor QinetiQ North America. The Pentagon today reversed comments made to reporters May 3 by its press director that the U.S. Defense Department was investigating hacking by Chinese cyber-spies into the computer systems of QinetiQ. Bloomberg News reported earlier today that Pentagon spokesman Army Colonel Steve Warren had told reporters that investigators were "working very closely with QinetiQ to determine exactly the scope and breadth of this incident"…"While the reports of cyber intrusions against QinetiQ are disturbing, the Department of Defense is not in a position to investigate the security practices of a private company -- including cleared defense contractors," Pickart said in an e-mail

After lull, PLA 'Comment Crew' hasn't changed cyber-espionage tactics (TechTarget) In a follow-up to Mandiant Corp.'s explosive APT1 report alleging an extensive hacking operation within the Chinese People's Liberation Army, another threat intelligence firm has concluded that the PLA entity known as "Comment Crew" is still hard at

Experts wary of Pentagon cybersecurity report fingering China (CSO) Marks first time U.S. has accused China of using cyberweapons to steal intellectual property, and gain a military and economic advantage

China And Cyberwar (New York Times) Despite denials from Beijing, there seems little doubt that Chinas computer hackers are engaged in an aggressive and increasingly threatening campaign of cyberespionage directed at a range of government and private systems in the United States, including the power grid and telecommunications networks

China Sees Cyberwar as Reducing U.S. Advantage in Future Conflict (All Things D) It's one thing to read news concerning the latest report to Congress by the U.S. Department of Defense on China's latest military activities. But with regard to China's evolving stance and capabilities in the cyber arena, it's especially interesting to read the original report

Pentagon's cyber attack accusations irresponsible: expert (Xinhua) A Pentagon report alleging that China is conducting cyber attacks against the United States is groundless and irresponsible, said military experts on Tuesday. In its annual report to Congress on Chinese military developments

US Cyber Attack Accusation Damages Diplomatic Relationship Says China (iDigitalTimes.com) A 2012 survey conducted by the Pew Research Center said that cyber attacks from China are more dangerous than the

Bill Gates: The Internet Needs a Referee for Cyber Attacks (Businessweek) Now that the U.S. has formally accused the Chinese military of launching computer attacks, Microsoft Chairman Bill Gates has proposed a way to mediate such international disputes. The idea is technically feasible and seemingly the responsible way to handle conflicts in an increasingly interconnected world. And it likely won't happen anytime soon

U.S. media sites compromised, lead to malware (Help Net Security) At least five U.S. media sites and a number of other popular ones have been compromised and are redirecting visitors to malicious URLs, Zscaler warns. The sites have been injected with obfuscated JavaScript that contains an iFrame that redirects users to one of several sites serving the ZeroAccess Trojan and fake AVs

WTOP victim of malicious cyber attack (WTOP) WTOP.com is currently dealing with a malicious cyber attack, which attempts to use our site to infect computers with malware when using the Internet Explorer (IE) browser. To help protect our website visitors and prevent any further damage, we have

Attackers breach and encrypt TV station's email server (Help Net Security) The email server of FOX21 News has been hacked over the weekend and the information it contained held ransom. The attackers were asking for $5,000 to decrypt the information they encrypted, but

Many social accounts are still in danger (Help Net Security) The recent hacking of the Associated Press' Twitter account has begged the question, how secure are social media accounts? A study released by IObit reveals that 30% users always accept "Keep Me Logged In"

CVE-2012-1876: Recent update to the Cool Exploit Kit landing page (Microsoft Technet) A recently debuted exploit kit (EK), called "Cool EK," and detected by us with the name Exploit:JS/Coolex, has been known to include various exploits targeting Oracle JRE, Adobe Reader, Adobe Flash Player to Windows kernel-mode drivers. If you're unlucky enough to visit a webpage that hosts Cool EK, you might encounter all these exploits in the one place, turned against you in a barrage designed to compromise your computer

Attack hitting Apache sites goes mainstream, hacks nginx, Lighttpd, too (Ars Technica) Linux/Cdorked backdoor exposes 100,000 Web visitors to potent Blackhole exploits

The rise in the exploitation of old PDF vulnerabilities (Microsoft Technet) Exploitation of software vulnerabilities continues to be a common way to infect computers with malware. Leveraging exploits allows malware authors to infect, disrupt, or take control of a computer without the user's consent and typically without their knowledge. Exploits target vulnerabilities in operating systems, web browsers, applications, or software components that are installed on the computer. For details on exploit trends and insights on security vulnerabilities please refer to the latest edition of the Microsoft Security Intelligence Report

Are there any websites that are NOT compromised? (Internet Storm Center) Today was yet another day with lots of compromised websites, some notable others less. This morning, a reader wrote in to notify us that the county government website of a county in Georgia was compromised. Sure enough, it appeared to serve malicious javascript, launching the usual exploit kit Java exploit (zeroaccess was the readers guess, and I think he was right). With smaller sites/organizations like this, I usually try to give them a call, and in this case, was pretty quickly sent to a person who was responsible for the web site content. Sadly, I don't think this person had any basic understanding of exploit kits or web applications to understand most of what I tried to explain, but she knew someone to contact. As of right now, the web site *appears* to be "clean". Which gets me to the next point, some of the difficulties one encounters in notifying sites

Citibank 'Merchant Billing Statement' themed emails lead to malware (Webroot Threat Blog) Over the past 24 hours, we've intercepted yet another spam campaign impersonating Citibank in an attempt to socially engineer Citibank customers into thinking that they've received a Merchant Billing Statement. Once users execute the malicious attachment found in the fake emails, their PCs automatically join the botnet operated by the cybercriminal/cybercriminals

AutoIT makes malware "outrageously easy" (Infosecurity Magazine) AutoIT, a flexible coding language that's been used since 1999 for scripting in Windows, is on the rise as a go-to development language for malware

Stealthy Web server malware spreads further (CSO) Eset has found a malware program targeting Apache servers also affects the Lighttpd and Nginx web servers

IE 8 zero-day attack spreads to military sites (Computing) However, it has now become apparent that the exploit is via a zero-day vulnerability in Internet Explorer 8 only. While this is potentially good news for many Internet Explorer users, a recent survey by statistics site WebMarketShare shows Internet

Researchers Warn Over Internet Explorer 8 Zero-Day Flaw (TechWeekEurope UK) A zero-day vulnerability affecting Internet Explorer 8 has caused something of a panic in the security community, as it's been seen causing trouble in the wild. Researchers discovered attackers had used the new unpatched flaw in last week's watering

Beware of fake AV and ransomware combo (Help Net Security) Ransomware and fake antivirus solutions are well-known threats, but a deadly fraudulent combination of the two has been recently spotted by Total Defense researchers. The software - dubbed "Secure Bit" - first tries to convince the victims that the "security level" of their computer is low and instructs them to call for support so that the "threats" it has "found" can be removed. The claim is accompanied with a pop-ups that lists a great number of them

10 Reasons SQL Injection Still Works (Dark Reading) Developer techniques, business process choices, and attacker preferences all play a part in the continued relevance of SQLi. After all these years, SQL injection vulnerabilities still stand as an old reliable for attackers seeking to break into corporate databases. "SQL injection is still out there for one simple reason: it works!" says Tim Erlin, director of IT security and risk strategy for Tripwire. "As long as there are so many vulnerable Web applications with databases full of monetizable information behind them, SQL injection attacks will continue"

Lack of Chip and PIN technology leaves US shoppers and diners at risk from hackers (Naked Security) Despite being one of the biggest economies for the retail and 'food and beverage' industries, the US lacks basic card protection that could prevent data thieves from Americans' bank accounts

Why Windows 8 is more vulnerable to attack (FierceCIO: TechWatch) The complexity of Windows 8 has increased its security vulnerability, says Wayne Kirby, a product specialist from Kaspersky Lab

LivingSocial website hack targeted thousands of Irish users (The Journal) "LivingSocial recently experienced a cyber-attack on our computer systems that resulted in unauthorised access to some customer data from our servers. We are actively working with law enforcement to investigate this issue." On the same day, the company

Academia

Cyber attack identity theft hackers Source: Supplied (Herald Sun) TELSTRA, the Federal Government and Microsoft have invited a bunch of university students to participate in a hacking competition to raise awareness of cyber security issues. Their goal was to break

Litigation, Investigation, and Enforcement

Feds Drop Hacking Charges in Video-Poker Glitching Case (Wired Threat Level) They know when to fold 'em. Las Vegas prosecutors targeting two men who took advantage of a software bug to win a small fortune at video poker have dropped all hacking charges from the case, cashing out an 18-month legal

Credit Suisse targets departing employee for trade secrets theft (FierceFinance) The saga of Sergey Aleynikov stands as a stark reminder of just how painful a trade secrets theft case can be

Privacy sweep underway for popular websites (Computer World) Fifty of the most popular websites visited by Australians will be searched by the Office of the Australian Information Commissioner (OAIC) to see if their privacy policies can be easily understood and accessed

Cyber Threats to Law Firms and Businesses: How Do We Defend Ourselves? (Legal Talk Network) Digital Detectives hosts Sharon D. Nelson, Esq. and John W. Simek, president and vice president of Sensei Enterprises, Inc., welcome Stewart Baker of Steptoe & Johnson to discuss the 2013 Verizon Data Breach Report, cybersecurity legislation, and more…Tune in to hear Baker explain the difference between active defense against cyber-defense and vigilantism, the meaning of the Attribution Revolution, and what President Obama Cybersecurity Executive Order means and how it may be amplified by pending legislation

Design and Innovation

Cyber Tech is Exposed to a Social Collaborative Floor Plan: Offices of CyberPoint International Invite New Design from The Verve Partnership (citybizlist Baltimore) They might be building secure software applications on a daily basis but what Cyberpoint LLC was not building were your standard cubicles in their newly designed Cyber Technology & Innovation Center. Their 3,600 square foot space was based on the desire for "a space where cubes don't thrive." The cyber security firm turned to The Verve Partnership to implement designs for this new venture

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

Interop Las Vegas (Las Vegas, Nevada, USA, May 6 - 10, 2013) Attend Interop Las Vegas, May 6-10, and attend the most thorough training on Apple deployment at the NEW Mac & iOS IT Conference. Join us in Las Vegas for access to 125+ workshops and conference classes, 350+ exhibiting companies and the latest technology.

(ISC)² CyberSecureGov (Crystal City, Virginia, USA, May 7 - 8, 2013) Join (ISC)² for an exciting two days as they explore the prevailing factors working against US Government IT Security practitioners and managers, how existing technical and personnel resources are faring during this time of transition, what new resources are emerging -- from both industry and government -- that hold promise in helping to fulfill the mission of securing government systems and citizens, and more.

ITWeb Security Summit 2013 (Sandton, South Africa, May 7 - 9, 2013) A conference devoted to cyber security, with a particular emphasis on countering the latest attack vectors. The gathering creates an opportunity for senior security professionals and business decision-makers to learn about new strategies and tactics, and hear insight and comment from leading international and local subject-matter experts, featuring expert insights, interactive workshops, an expo, valuable networking, sought-after SANS training, and practical solutions.

The Computer Forensics Show (New York City, New York, USA, May 8 - 9, 2013) For IT and business executives responsible for creating, implementing, and managing a proactive and comprehensive IT strategy for information security, risk management, compliance, and business continuity management. An understanding of risk and the application of risk assessment methodology is essential to being able to create a secure computing environment. (Co-located with ASIS New York City Security Conference and Expo.)

ASIS 23rd New York City Security Conference and Expo (New York City, New York, USA, May 8 - 9, 2013) Join more than 2,500 professionals in the Big Apple for the largest annual conference in the Northeast for security management and law enforcement professionals. This exciting event will focus on key challenges facing practitioners and organizations in the public and private sectors.(Co-located with the Computer Forensics Show.)

Software Engineering Institute Invitational Hiring Event (Arlington, Virginia, USA, May 8 - 9, 2013) Attention software engineers and cyber security professionals: Carnegie Mellon's Software Engineering Institute needs your top notch skills to meet today's challenges. SEI staff will be interviewing on May 8 & 9 at their offices in Arlington to fill immediate local positions. All candidates must be eligible to obtain a Security Clearance. Interviews are by appointment only. At the SEI, you will have opportunities to make an impact on internet security and work with some of the most talented people in the field.

Baltimore Tech-Security Conference (Baltimore, Maryland, USA, May 9, 2013) The Baltimore Tech-Security Conference features 25-30 vendor exhibits and several industry experts discussing current tech-security issues such as email security, VoIP, LAN security, wireless security, USB drives security & more. There will be lots of give a ways and prizes such as iPods, $25, $50 and $100 gift cards, as well as cash prizes and lots more! This unique conference format will provide educational speaker sessions as well as tremendous networking opportunities. You'll come away with advice and knowledge you can start applying to your environment immediately.

CyberSecurity UAE Summit 2013 (Dubai, UAE, May 13 - 14, 2013) Review developments, strategies and best practice in global cyber security. Assess the nature of the latest threats being faced and the impact of these upon your organisation. Discuss the most promising cyber security technologies in the marketplace. Assess the trends to watch in global cyber security. International Case Studies: Discover the best practice in protecting your organisation from cyber-attack.

GovSec (Washington, DC, USA, May 13 - 15, 2013) GovSec is the nation's premier event for Government, Homeland Security, and Law Enforcement professionals looking for proven strategies and cost effective technology so they can achieve their mission of protecting our communities, critical infrastructures, and key assets. The conference includes sessions devoted to cyber security.

cybergamut Technical Tuesday: Identifying TLS/SSL Encrypted Network Exploitation Activity Using Traffic Externals (Columbia, Maryland, USA, May 14, 2013) Jeff Kuhn of CACI describes recently completed CACI research using adaptive data analytics to distinguish encrypted exploitation activity from legitimate network traffic based on traffic externals in a real world environment.

Thriving in the Post-Sequestration GovCon Era (McLean, Virginia, USA, May 14, 2013) The Potomac Officers Club is hosting a summit for GovCon executives and government leaders to collaborate and share ideas on how to navigate a new era involving sequestration. At least five speakers, each experts in the intersection between the public and private sector, will discuss what is to come after the automatic budget cuts known as sequestration dissipate. Confirmed speakers include: Frank Kendall (Defense Undersecretary for Acquisition, Technology and logistics), Robert Hale (Defense Department Comptroller), Jim McAleese (founder of McAleese & Associates), Pierre Chao (managing partner and co-founder of Renaissance Strategic Advisors), and Stephen Fuller (George Mason University professor and director at the Center for Regional Analysis).

Second Maryland Cybersecurity Center Symposium (MC2) (College Park, Maryland, USA, May 14 - 15, 2013) Drawing on regional experts of national and international acclaim, MC2's second Annual Cybersecurity Symposium will showcase the latest research, trends, and topics in cybersecurity, including: keynote addresses by Dr. Fred Schneider, Randy Sabett, Dr. Kathleen Fisher and Dr. Steve Bellovin; tutorials by MC2 faculty and corporate partners; and Tech Talks by MC2 faculty. The MC2 Symposium program will broaden your knowledge, skillset, and awareness of cybersecurity problems and directions, and the event is sure to present unique opportunities to connect with colleagues across academia, industry, and the state and federal government.

FOSE (Washington, DC, May 14 - 16, 2013) FOSE is the premier event for government technology professionals interested in innovative, effective tools and solutions allowing you and your agency or organization to advance your mission. From IT managers and buyers to CIOs and other technology management professionals, FOSE has the right products, people and solutions for you in one very accessible location.

7th Annual INSA IC Industry Day (Springfield, Virginia, USA, May 15, 2013) This annual event is held at the TS/SCI level in cooperation with ODNI as a comprehensive forum for IC leaders to relate their budget priorities to industry. The theme of this year's IC industry day is Intelligence Program Priorities in a Budget Constrained Environment and will feature keynote addresses from DNI James Clapper, Dr. Roger Mason, ODNI, and Letitia Long, Director, NGA. Registration opens Wednesday, March 27.

Hack Miami (Miami, Florida, USA, May 17 - 19, 2013) The HackMiami 2013 Hackers Conference seeks to bring together the brightest minds within the information security industry and the digital underground. This conference will showcase cutting edge tools, techniques, and methodologies that are at the forefront of the global threatscape.

CEIC 2013 (Orlando, Florida, USA, May 19 - 22, 2013) The largest digital-investigations conference of its kind and the only one to offer hands-on lab sessions for practical skills development. CEIC offers relevant and practical information from expert speakers. It will be of interest to anyone interested in cyber forensics and e-discovery. Former Director of Central Intelligence Michael Hayden will deliver the keynote.

IEEE Symposium on Security and Privacy (San Francisco, California, USA, May 19 - 22, 2013) Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for the presentation of developments in computer security and electronic privacy, and for bringing together researchers and practitioners in the field. Papers offer novel research contributions in any aspect of computer security or electronic privacy. Papers may represent advances in the theory, design, implementation, analysis, or empirical evaluation of secure systems, either for general use or for specific application domains. (Co-located with the IWCC and Web 2.0 Security and Privacy.)

U.S. Department of State Mobile Computing Forum (Washington, DC, USA, May 23, 2013) The U.S. Department of State's Bureau of Information Resource Management will host an educational forum and IT Expo, themed "Mobile Computing," reflecting their mission to empower diplomacy, consular services and development, by providing access to information and technology solutions anytime and anywhere. The U.S. Department of State has over 69,000 users worldwide at 285 posts with approximately 40,000 remote access users! Small businesses and prime contractors with products and services in Mobile Computing are invited to share information about their companies.

International Workshop on Cyber Crime (IWCC) (San Francisco, California, USA, May 24, 2013) The aim of this workshop is to bring together the research accomplishments provided by the researchers from academia and the industry. The other goal is to show the latest research results in the field of digital forensics and to present the development of tools and techniques which assist the investigation process of potentially illegal cyber activity. We encourage prospective authors to submit related distinguished research papers on the subject of both: theoretical approaches and practical case reviews. (Co-located with the IEEE Symposium on Security and Privacy.)

Web 2.0 Security and Privacy (San Francisco, California, USA, May 24, 2013) The goal of this one-day workshop is to bring together researchers and practitioners from academia and industry to focus on understanding Web 2.0 security and privacy issues, and to establish new collaborations in these areas. (Co-located with the IEEE Symposium on Security and Privacy.)

Maryland/DC Celebration of International Trade (Linthicum, Maryland, USA, May 21, 2013) Join Maryland exporters and international business experts as they celebrate International Trade Week. Hosted by the Maryland/DC District Export Council this event is a content rich celebration of international trade. Participate in expert discussions lead by manufacturers, legal, financial, transportation and industry experts as well as government leaders in eight vertical tracks for a total of 24 highly interactive 90 minute sessions.

IEEE-Cyber 2013 (Nanjing, China, May 26 - 29, 2013) This conference will cover cyber physical systems, cyber control and automation, cyber robotics, and the Internet of things.

Cyber Security @ CeBIT (Sydney, New South Wales, Australia, May 28 - 30, 2013) The Cyber Security Conference will serve as a platform where all those involved in securing and governing ICT within an organisation can discuss the newest challenges and strategies. The event is a must-attend for CIOs, CSOs, CISOs, Chief Risk Officers, Heads of Governance and Compliance and IT Directors. It is predicted that security service spending in Asia-Pacific will reach $7 billion in 2015, so ensure that you are investing in the best technologies for your business by joining us at the Cyber Security Conference on 28 May 2013 and hearing from leading financial institutions, retailers, airlines, telecoms companies and government.

Private Sector Crossovers: Protecting People, Property and Information (, January 1, 1970) With its annual cyber conference on May 29, the Howard County Chamber of Commerce and its GovConnects initiative will offer expert speakers on cyber security and efforts to protect government agencies and private industry. There will be opportunities for informal networking and formal, targeted match-ups for businesses interested in making connections with government contractors and agencies.

Cyber Security for the Chemical Industry (Franfurt, Hessen, Germany, May 29 - 30, 2013) It is becoming increasingly more important than ever to be aware of the latest cyber threats, and equipped to protect your company from them. In addition to physical security, these industries are faced with the ever-increasing risk of cyber attacks to their DCS and SCADA infrastructure networks as well as their R&D networks. These attacks can have a costly affect not only on profits, but also corporate reputation.

DGI Cyber Security Conference & Expo (Washington, DC, 2013, May 30, 2013) Data security threats continue to increase in number and sophistication. The growing use of collaborative technologies - from mobile devices and social media to virtualization and cloud computing - will continue to be one of the most significant factors impacting the security landscape. For these reasons, the federal government has increased efforts to minimize and prevent cyber security attacks, and will continue to place significant focus on securing the nation's cyber infrastructure.

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.