The CyberWire Daily Briefing for 5.10.2013

Cyber Attacks, Threats, and Vulnerabilities

US warns industry of heightened risk of cyberattack (Washington Post) Officials are highly concerned about "increasing hostility" against "U.S. critical infrastructure organizations," according to the warning, which was released by the Department of Homeland Security on a computer network accessible only to authorized

Chinese cyber espionage - widespread, aggressive (ITWeb) Any company doing a large deal with a Chinese company has likely had its systems compromised, says Richard Bejtlich, Chief Security Officer at Mandiant. Addressing the 8th annual ITWeb IT Security Summit, in Sandton, this morning, Bejtlich said cyber espionage is widespread and common in China. "Every time I read of a major deal pending with a Chinese company, I know we will be getting a call from the counter party soon, if we aren't already helping them," he said

On the Cyber Threat: Be Concerned…Be Very Concerned (New America Foundation) The panelists agreed that China - with its "vacuum cleaner approach" of almost indiscriminate spying - and Russia - which employs a careful, more strategic approach to espionage - are the most capable of executing a cyber attack on the U.S

The Cyberwar Spiral: A History (Russian National Programming) As we know, everything in history repeats itself. What has just happened had, at some point, happened before, and any event, any action is a repetition of the well-known and well-trod. In the 2000s, western media was gripped by a mass hysteria regarding the cyberthreat from Russia; Russian media was spared the same effect

What Is the Syrian Electronic Army Trying to Accomplish, Anyway? (Slate) In June 2011, just a few short months after protests first erupted in Syria, the country's president, Bashar Al-Assad, made a speech in which he thanked a group called the "Syrian Electronic Army" (SEA). Calling it a "virtual army in cyberspace," Al-Assad praised the group for its effort in trying to shape the Syrian narrative. Since then, that effort has included taking over the Facebook pages of celebrities from Oprah to Nicolas Sarkozy, hacking the website of Harvard University, and setting up a fake YouTube site to intercept the credentials of users who attempted to log in

Syrian state media say Internet service has been restored nationwide (Washington Post) Syrian state media say Internet service has been restored nationwide

Our internet connections depend on vulnerable undersea cables (Quartz) If you've been following the events in Syria over the past few days, you know the country's Internet is now back from the dead after a 19-hour outage that the government blamed on "terrorist" sabotage—an explanation bought by approximately zero people

Melbourne IT admits hack, says 'twas but a flesh wound (The Register) Australian domain registrar Melbourne IT admits "an unauthorised third party" has attacked the company, but says the incident was minor

Phishers taking over accounts of telecommunication customers (Help Net Security) The Internet Crime Complaint Center has received numerous reports of phishing attacks targeting various telecommunication companies' customers. Individuals receive automated telephone calls that claim to be from the victim's telecommunication carrier. Victims are directed to a phishing site to receive a credit, discount, or prize ranging from $300 to $500

Hacker leaks part of Candace Bushnell's unpublished book (Help Net Security) A hacker that goes by the name of "Guccifer" - the same one who has allegedly compromised email accounts belonging to the Bush family and some of their close friends earlier this year - has hacked the

Name.com breach just one of many executed by HTP hackers? (Help Net Security) Internet registrar Name.com has suffered a breach and has been informing users about it via email, requesting them to change their passwords. "Name.com recently discovered a security breach where

BitDefender Warns Of Rise in Fake Escrow Sites (SiliconANGLE) There are currently around 2,000 fake escrow sites on the internet today, says BitDefender. The company notes that these sites are often in cahoots with sellers looking to scam their customers, and sometimes even set up by the sellers themselves

Snapchat images that have "disappeared forever" stay right on your phone (Naked Security) Snapchat is a wildly popular app for Androids and iDevices that allows you to share photos with your friends. Snapchat replaces more pedestrian ways of sharing photos, such as sending them by email

New Terrorist Magazine Targets Obama, Drones (ABC News) President Barack Obama appears with a bull's-eye on his head in a new English-language magazine published online apparently by Islamist militants, who also urge Muslims around the world to try to hack and manipulate American drones. "Wanted Dead Only. Barack Obama Mass Murderer. Reward: in the Hereafter," reads the full page poster that depicts a darkened image Obama as a target

Security Patches, Mitigations, and Software Updates

Microsoft Patch Tuesday targets multitude of Internet Explorer faults (CSO) Microsoft is issuing critical security bulletins this Patch Tuesday that affect all versions of Internet Explorer and deal with an exploit that attackers are actively working. Internet Explorer 6, 7, 8, 9 and 10 are the recipients of a patch that can prevent an exploit that enables remote code execution in the browser. This affects all Windows operating systems except XP

Zero-Day Flaws Force Fast Fixes From Microsoft And Adobe (TechWeekEurope UK) As exploits do the rounds on the Internet, Microsoft has confirmed a temporary fix for a Internet Explorer 8 zero-day vulnerability, whilst Adobe promised to patch a serious flaw in its ColdFusion platform. The Internet Explorer 8 zero-day was used in

Cyber Trends

69% of surveyed Canadian businesses experienced cyber attack in a 12-month period (Canadian Underwriter) Preparedness against cyber crime among Canadian businesses is lacking despite seven in 10 polled organizations being the victim of a cyber attack, suggests a survey released this week by the International Cyber Security Protection Alliance (ICSPA)

Marketplace

India joins list of nations vetting Huawei, ZTE (The Register) India has joined the list of countries concerned about allowing the installation of telecoms kit from Chinese companies Huawei and ZTE. The USA has banned the pair from winning contracts connecting phones from sea to shining sea, citing security concerns (although many feel its real worry is protecting local companies). Australia forbade Huawei from supplying the nation's nascent national broadband network, on security grounds. Australia's decision was made just a few weeks after a visit by Barack Obama, who's retinue is believed to have offered Australian authorities a briefing on the risks posed by Huawei

Security processes accelerate adoption of commercial devices (Air Force Link) Approval last week of security technical implementation guides for BlackBerry and Samsung Knox devices means that Defense Department organizations will be able to use those devices in conjunction with a secure

Check Point: A Safe Bet To Ride The Rising Cyber-Security Trend (Seeking Alpha) Check Point Software Technologies Ltd. (CHKP) is the worldwide leader in securing the Internet, providing customers with uncompromised protection against

Carl Icahn and Southeastern Propose Alternative Offer To Michael Dell's Buyout (TechCrunch) Dell shareholders Carl Icahn and Southeastern Asset Management have teamed up to propose an alternative offer to founder Michael Dell's $24.4 billion leveraged buyout deal

As Tech Giants Scramble For Talent, It's Buy Or Die (TechCrunch) The writing's on the wall. Mobile is the future, and it requires different skill than the web. Entrepreneurship is more fetishized than ever, making standard hiring tough. The result is days like today where Yahoo, Twitter, Salesforce, and Box all bought startups, and Facebook and Microsoft were reported to be in talks for major acquisitions. Big is a scary thing to be right now

Information assurance certification gives SMEs the edge (ComputerWeekly.com) IT consultancy Purple Frog Systems believes its gold certification to the IASME information assurance standard for small to medium enterprises give it a competitive edge. Many of the firm's customers are large corporations looking for help in data

Ron Mason Appointed ASRC Federal C4ISR Group SVP (GovConWire ) Ron Mason, a former program executive officer for the U.S. Air Force, joined ASRC Federal as senior vice president for the C4ISR solutions group (command, control, communications, computers, intelligence, surveillance and reconnaissance). The former Senior Executive Service official will be responsible for developing business strategies and identifying business opportunities across C4ISR markets in his new

Products, Services, and Solutions

5 Russian-Made Surveillance Technologies Used in the West (Wired Danger Room) We all know surveillance is big in Putin's Russia. What you may not know is that Russia's surveillance tech is being used all over — even here in the U.S. The Kremlin is up to its domes in spy technology

McAfee taps Intel to offer high-throughput intrusion-prevention system (CSO) McAfee is taking advantage of its new owners by rolling out a high-throughput intrusion-prevention system (IPS) family built on Intel technology. The Intel-based NS-Series comes in three models: the 2U-sized 9100 and 9200 models and the 9300, which is a 4U device. Intel bought McAfee for nearly $8 billion in 2010 and this is the first family of products that incorporate Intel's technology

AhnLab V3 Click Review (Gadget Review) There's a lot of programs to help PC owners overcome viruses and other forms of malicious online attacks. But many PC users just don't bother to install anything and hope they won't be targeted. Into this void comes the V3 Click. Shaped like a hockey puck, its design insures that you see it's there -- but more importantly that it won't be forgotten should it be taken out from your home. Why do that? Because it provides portable anti-virus protection

Technologies, Techniques, and Standards

I Think We're All Botnets On This Bus (Dark Reading) How many undercover researchers can fit under one cover? Threat intelligence is such a thing these days that everyone is doing it. I talk to dozens of vendors who tell me about the sensors they have distributed across the Internet; the thousands of honeypots and honeyclients they're running; the traffic they're capturing; and they even tell me about their researchers monitoring IRC channels

Technologies Clear Up Cloudy Data Security (Dark Reading) With employees wanting to use data both inside the company and out, cloud-security startups have focused on two models: Protecting data in third-party cloud services and protecting data on the endpoint

Erase The Line Between QA Defects And Security Flaws? (Dark Reading) Is a defect a defect by any other name? Some testing advocates push for industry to stop segregating security from the rest of quality testing categories

Hacking back: cops and corporations want cybersecurity to go on the offensive (The Verge) Law enforcement agencies and private companies don't always get along, but one occasion where they frequently come together is to complain that their networks are being penetrated by a seemingly continuous stream of cyber attacks. Whether it's the relative nuisance of DDoS attacks from hacktivist groups like Anonymous, or more serious threats of data theft and espionage from criminal gangs and foreign governments, the general rule has been that private entities maintain a defensive posture while the government hunts down the culprits

Hacking back: Digital revenge is sweet but risky (IT World) As cyberattacks increase, victims are fighting back. But retaliation has its own consequences--and may create more damage

Healthcare leaders streamline third party assessment process (src) Recent breach data clearly indicates that third party business partners pose significant risk of data loss to a healthcare organization, often requiring public notification and subsequent reporting

Big data helping social media become anti-social (FierceBigData) I have the courage of my great-grandparents to thank for my living in a country where I am free to express my thoughts without fear of serious reprisal. I have no clue who they were or what circumstances led them to emigrate, but no matter the circumstances, it takes courage to uproot oneself and travel someplace from where one is unlikely to return. So thanks great-grandmas and great-grandpas, whoever you were

Sure, information has value, but don't forget the risks (ComputerWorld) Most companies describe information as the lifeblood of the organization. But too many enterprises have clogged their arteries. How can this be? Over time, the value of information declines, while the associated costs remain constant and the compliance and legal risks actually rise. This conclusion, based on research conducted by members of the Compliance Governance and Oversight Council (CGOC), implies that those who champion the defensible disposal of all information that has no legal, regulatory or business value can help their companies significantly reduce costs and risk

Research and Development

Unmanned Systems Soon May Offer Universal Remote (SIGNAL) Unmanned vehicles may become joint platforms as new software allows operators using a standard control system to use craft employed by different services. So, an Army squad deep in the battlefield may be able to use data accessed directly from a Navy unmanned aerial vehicle to bring an Air Force strike to bear against enemy forces

PayPal: Time to Ditch Passwords and PINs (CSO) "We have a tombstone here for passwords," Barrett toldthe audience, pointing to a slide with a tombstone for passwordswith the years 1961 to 2013 etched on it. "Passwords, when used ubiquitously everywhere at Internetscale are starting to fail us," he added

Google's five-year plan for authentication: It's complicated (CSO) Some of the technology has to be deployed together for maximum security, making the process complicated, said one security expert

Legislation, Policy, and Regulation

Biometric Database of All Adult Americans Hidden in Immigration Reform (Wired Threat Level) Civil rights advocates are worrying that immigration reform the Senate began debating yesterday is the first step toward a national identification system that would grow into a dossier on Americans and chronicle our most every move. That's because buried in

UK's New Defamation Law May Accelerate The Death Of Anonymous User-Generated Content Internationally (Forbes) Historically, United Kingdom defamation law has been victim-favorable. In an effort to modernize its defamation law, the UK Parliament recently enacted the Defamation Act 2013 (royal assent was given on April 25). The act generally makes it harder for plaintiffs to win defamation lawsuits, but I'll focus on the effects of Section 5 of the act, entitled "Operators of websites"

White House releases open data policy (FierceGovIT) Agencies and departments are now required to collect and create information in a way that supports downstream processing and sharing, through the use of machine-readable and open formats, data standards, and common core and extensible metadat

Is anonymity already a lost cause? (FierceBigData) The first laws written for the European Union related to the privacy of personal data came in 1995, a world away from the big data realities of today. In a piece written for MIT Technology Review this week (found on Mashable) Patrick Tucker said the definition of personal data has evolved to include far more information than those European legislators could ever have imagined. Not only has personal data evolved, but other identifiable data has evolved along with it

Litigation, Investigation, and Law Enforcement

$45M Bank Hack Suspect Was Shot Dead While Playing Dominoes (Wired Threat Level) Alberto Yusi Lajud-Peña, one of a number of suspected ringleaders behind a coordinated and sophisticated global bank heist operation that netted the thieves $45 million in stolen funds, was mowed down inside his Dominican Republic home

DOJ Statement on Global Cyberheist (Bank Info Security) Following is the complete text of a Department of Justice statement. A four-count federal indictment was unsealed in Brooklyn charging eight defendants with participating in two worldwide cyber-attacks that inflicted $45 million in losses on the global financial system in a matter of hours. These defendants allegedly formed the New York-based cell of an international cybercrime organization that used sophisticated intrusion techniques to hack into the systems of global financial institutions, steal prepaid debit card data, and eliminate withdrawal limits

Eight Charged in Debit Card Cyber Attack Targeting Banks (Businessweek) Eight New York residents were charged in what U.S. prosecutors said was a $45 million global debit card cyber-attack scheme targeting banks based in the United Arab Emirates and Oman. The defendants are accused in a four-count indictment unsealed

Payment card processors hacked in $45 million fraud (PCWorld) A vast debit card fraud scheme that allegedly netted US$45 million has been linked to the hacking of credit card processors in the U.S. and India

Cyber-attacks behind possibly record-breaking bank heist (CBS News) It may be the largest bank robbery in history: A crime ring is accused of stealing $45 million from financial institutions from around the world. But these criminals weren't wearing masks or waving guns. They were armed with computers

How hackers allegedly stole "unlimited" amounts of cash from banks in just hours (Ars Technica) Feds accuse eight men of participating in heists that netted $45 million. Federal authorities have accused eight men of participating in 21st-Century Bank heists that netted a whopping $45 million by hacking into payment systems and eliminating withdrawal limits placed on prepaid debit cards

Alleged SpyEye big fish hauled in for US trial (The Register) Alleged SpyEye kingpin Hamza Bendelladj now faces a 23-count computer hacking and fraud indictment following his extradition from Thailand to the US last week. Bendelladj, a 24-year-old Algerian national, is suspected by the FBI of making millions from selling the SpyEye banking Trojan toolkit to cybercrooks through various underground online marketplaces and carding forums

HP Hit By Fresh Lawsuit Over Troubled Autonomy Deal (TechWeek Europe) HP's headaches continue after it faces a fresh Autonomy lawsuit, and is accused of knowing it was a bad deal. Executives at Hewlett-Packard allegedly ignored warnings before it bought British software maker Autonomy for $11.3 billion (£7.3bn) that the company's financial numbers had been exaggerated

The EU's Unofficial Spy Services Are Growing Out-Of-Control (Business Insider) Brussels, the center of gravity of the European Union and seat of NATO Headquarters, not only teems with lobbyists, diplomats, military personnel, bureaucrats, politicians, Americans, and other weird characters from around the world, but also with spies

RedHack Not a Terrorist Group, Turkish Prosecutors Say (Softpedia) After hacking into the website of Turkey's Foreign Ministry, some of the country's officials said that the notorious RedHack group would be placed on the list of terrorist organizations. However, prosecutors have ruled that the hackers are not terrorists

Downloading al-Qaeda terror guide 'will lead to arrest and prosecution' (The Times) Downloading Inspire has led to more than 20 prosecutions in Britain in the past 18 months.Security agencies and police are adopting a zero-tolerance approach in investigations into the distribution of al-Qaeda's online magazine Inspire after its emergence as a common thread in a series of terrorism plots

For a complete running list of events, please visit the Event Tracker.

Upcoming Events

Interop Las Vegas (Las Vegas, Nevada, USA, May 6 - 10, 2013) Attend Interop Las Vegas, May 6-10, and attend the most thorough training on Apple deployment at the NEW Mac & iOS IT Conference. Join us in Las Vegas for access to 125+ workshops and conference classes, 350+ exhibiting companies and the latest technology.

CyberSecurity UAE Summit 2013 (Dubai, UAE, May 13 - 14, 2013) Review developments, strategies and best practice in global cyber security. Assess the nature of the latest threats being faced and the impact of these upon your organisation. Discuss the most promising cyber security technologies in the marketplace. Assess the trends to watch in global cyber security. International Case Studies: Discover the best practice in protecting your organisation from cyber-attack.

GovSec (Washington, DC, USA, May 13 - 15, 2013) GovSec is the nation's premier event for Government, Homeland Security, and Law Enforcement professionals looking for proven strategies and cost effective technology so they can achieve their mission of protecting our communities, critical infrastructures, and key assets. The conference includes sessions devoted to cyber security.

cybergamut Technical Tuesday: Identifying TLS/SSL Encrypted Network Exploitation Activity Using Traffic Externals (Columbia, Maryland, USA, May 14, 2013) Jeff Kuhn of CACI describes recently completed CACI research using adaptive data analytics to distinguish encrypted exploitation activity from legitimate network traffic based on traffic externals in a real world environment.

Thriving in the Post-Sequestration GovCon Era (McLean, Virginia, USA, May 14, 2013) The Potomac Officers Club is hosting a summit for GovCon executives and government leaders to collaborate and share ideas on how to navigate a new era involving sequestration. At least five speakers, each experts in the intersection between the public and private sector, will discuss what is to come after the automatic budget cuts known as sequestration dissipate. Confirmed speakers include: Frank Kendall (Defense Undersecretary for Acquisition, Technology and logistics), Robert Hale (Defense Department Comptroller), Jim McAleese (founder of McAleese & Associates), Pierre Chao (managing partner and co-founder of Renaissance Strategic Advisors), and Stephen Fuller (George Mason University professor and director at the Center for Regional Analysis).

Second Maryland Cybersecurity Center Symposium (MC2) (College Park, Maryland, USA, May 14 - 15, 2013) Drawing on regional experts of national and international acclaim, MC2's second Annual Cybersecurity Symposium will showcase the latest research, trends, and topics in cybersecurity, including: keynote addresses by Dr. Fred Schneider, Randy Sabett, Dr. Kathleen Fisher and Dr. Steve Bellovin; tutorials by MC2 faculty and corporate partners; and Tech Talks by MC2 faculty. The MC2 Symposium program will broaden your knowledge, skillset, and awareness of cybersecurity problems and directions, and the event is sure to present unique opportunities to connect with colleagues across academia, industry, and the state and federal government.

FOSE (Washington, DC, May 14 - 16, 2013) FOSE is the premier event for government technology professionals interested in innovative, effective tools and solutions allowing you and your agency or organization to advance your mission. From IT managers and buyers to CIOs and other technology management professionals, FOSE has the right products, people and solutions for you in one very accessible location.

7th Annual INSA IC Industry Day (Springfield, Virginia, USA, May 15, 2013) This annual event is held at the TS/SCI level in cooperation with ODNI as a comprehensive forum for IC leaders to relate their budget priorities to industry. The theme of this year's IC industry day is Intelligence Program Priorities in a Budget Constrained Environment and will feature keynote addresses from DNI James Clapper, Dr. Roger Mason, ODNI, and Letitia Long, Director, NGA. Registration opens Wednesday, March 27.

Hack Miami (Miami, Florida, USA, May 17 - 19, 2013) The HackMiami 2013 Hackers Conference seeks to bring together the brightest minds within the information security industry and the digital underground. This conference will showcase cutting edge tools, techniques, and methodologies that are at the forefront of the global threatscape.

CEIC 2013 (Orlando, Florida, USA, May 19 - 22, 2013) The largest digital-investigations conference of its kind and the only one to offer hands-on lab sessions for practical skills development. CEIC offers relevant and practical information from expert speakers. It will be of interest to anyone interested in cyber forensics and e-discovery. Former Director of Central Intelligence Michael Hayden will deliver the keynote.

IEEE Symposium on Security and Privacy (San Francisco, California, USA, May 19 - 22, 2013) Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for the presentation of developments in computer security and electronic privacy, and for bringing together researchers and practitioners in the field. Papers offer novel research contributions in any aspect of computer security or electronic privacy. Papers may represent advances in the theory, design, implementation, analysis, or empirical evaluation of secure systems, either for general use or for specific application domains. (Co-located with the IWCC and Web 2.0 Security and Privacy.)

U.S. Department of State Mobile Computing Forum (Washington, DC, USA, May 23, 2013) The U.S. Department of State's Bureau of Information Resource Management will host an educational forum and IT Expo, themed "Mobile Computing," reflecting their mission to empower diplomacy, consular services and development, by providing access to information and technology solutions anytime and anywhere. The U.S. Department of State has over 69,000 users worldwide at 285 posts with approximately 40,000 remote access users! Small businesses and prime contractors with products and services in Mobile Computing are invited to share information about their companies.

International Workshop on Cyber Crime (IWCC) (San Francisco, California, USA, May 24, 2013) The aim of this workshop is to bring together the research accomplishments provided by the researchers from academia and the industry. The other goal is to show the latest research results in the field of digital forensics and to present the development of tools and techniques which assist the investigation process of potentially illegal cyber activity. We encourage prospective authors to submit related distinguished research papers on the subject of both: theoretical approaches and practical case reviews. (Co-located with the IEEE Symposium on Security and Privacy.)

Web 2.0 Security and Privacy (San Francisco, California, USA, May 24, 2013) The goal of this one-day workshop is to bring together researchers and practitioners from academia and industry to focus on understanding Web 2.0 security and privacy issues, and to establish new collaborations in these areas. (Co-located with the IEEE Symposium on Security and Privacy.)

Maryland/DC Celebration of International Trade (Linthicum, Maryland, USA, May 21, 2013) Join Maryland exporters and international business experts as they celebrate International Trade Week. Hosted by the Maryland/DC District Export Council this event is a content rich celebration of international trade. Participate in expert discussions lead by manufacturers, legal, financial, transportation and industry experts as well as government leaders in eight vertical tracks for a total of 24 highly interactive 90 minute sessions.

IEEE-Cyber 2013 (Nanjing, China, May 26 - 29, 2013) This conference will cover cyber physical systems, cyber control and automation, cyber robotics, and the Internet of things.

Cyber Security @ CeBIT (Sydney, New South Wales, Australia, May 28 - 30, 2013) The Cyber Security Conference will serve as a platform where all those involved in securing and governing ICT within an organisation can discuss the newest challenges and strategies. The event is a must-attend for CIOs, CSOs, CISOs, Chief Risk Officers, Heads of Governance and Compliance and IT Directors. It is predicted that security service spending in Asia-Pacific will reach $7 billion in 2015, so ensure that you are investing in the best technologies for your business by joining us at the Cyber Security Conference on 28 May 2013 and hearing from leading financial institutions, retailers, airlines, telecoms companies and government.

Private Sector Crossovers: Protecting People, Property and Information (, Jan 1, 1970) With its annual cyber conference on May 29, the Howard County Chamber of Commerce and its GovConnects initiative will offer expert speakers on cyber security and efforts to protect government agencies and private industry. There will be opportunities for informal networking and formal, targeted match-ups for businesses interested in making connections with government contractors and agencies.

Cyber Security for the Chemical Industry (Franfurt, Hessen, Germany, May 29 - 30, 2013) It is becoming increasingly more important than ever to be aware of the latest cyber threats, and equipped to protect your company from them. In addition to physical security, these industries are faced with the ever-increasing risk of cyber attacks to their DCS and SCADA infrastructure networks as well as their R&D networks. These attacks can have a costly affect not only on profits, but also corporate reputation.

DGI Cyber Security Conference & Expo (Washington, DC, 2013, May 30, 2013) Data security threats continue to increase in number and sophistication. The growing use of collaborative technologies - from mobile devices and social media to virtualization and cloud computing - will continue to be one of the most significant factors impacting the security landscape. For these reasons, the federal government has increased efforts to minimize and prevent cyber security attacks, and will continue to place significant focus on securing the nation's cyber infrastructure.