The CyberWire Daily Briefing for 1.23.2014
China suffered a widespread, albeit brief, Internet outage Tuesday. DNS poisoning is suspected, and the Chinese government has been leaning toward the conclusion that the event was indeed a cyber attack. There are some indications that hacktivists sympathetic to the officially out-of-favor Falun Gong movement were involved.
Cyber-rioting continues in the Caucasus, most recently in the form of Azerbaijani attacks on Armenian government Websites.
CrowdStrike reports that the Russian government has adopted its Chinese counterpart's cyber espionage "play book"—economic gain, says CrowdStrike, is the leading Russian goal in cyber operations.
The Miami New Times alleges that a Florida networking company with possible ties to Iran's government may have been responsible for cyber attacks against Syrian rebels hitherto attributed to the Syrian Electronic Army.
Reports on the Target breach are slowing down, as security companies have second thoughts about speculation and disclosure.
Electronic messaging—texts and emails—are used to intimidate Ukrainian dissidents and threaten German Olympians.
The US Department of Homeland Security warns some 100 contractors that a breach in its web portal resulted in unauthorized access to potentially sensitive documents.
Potential cyber terrorism, particularly threats to critical infrastructure, worries European Union policy makers.
VMWare has acquired mobile security company AirWatch for nearly $1.5B. IBM will sell its x86 server business to Lenovo for $2.3B. BoozAllen is competing for US government insider threat business.
The World Economic Forum in Davos begins a two-year study of the "post-Snowden Internet."
Convicted hacker Mitchell Frost offers insight into hacktivist mind and motivation.
Notes.
Today's issue includes events affecting Armenia, Azerbaijan, China, European Union, Germany, Iran, Israel, Russia, Slovenia, Syria, Ukraine, United Kingdom, United States, and Vatican..
Cyber Attacks, Threats, and Vulnerabilities
China Suffers Internet Outage After 'DNS Hack' (TechWeekEurope) China suffered a significant Internet outage on Tuesday, raising fresh questions over the robustness of the so-called "Great Firewall of China". According to the official Xinhua news service, Internet users in China were unable to access websites ending with .com, and many were rerouted to an American anti-censorship website. The outage could have been exploited by hackers, or could have been the result of a hacking attack of the country's domain name system (DNS), according to media reports
China Internet Outage Caused by Cyber Attack, Government Says (Bloomberg) China said an Internet outage that cut access to websites including those operated by Alibaba Group and Baidu Inc. (BIDU) was caused by a cyber attack, according to a preliminary report
Chinese Internet Traffic Redirects to US Anti-Censorship Site (Threatpost) Much of the Chinese Web was redirecting to the website of an anti-censorship firm for more than an hour yesterday
Mystery surrounds China Internet outage, possible Falun Gong link (Zee News) The cause of an Internet outage in China that rerouted millions of users to a US website of a company which helps people get around Beijing's censorship remained a mystery on Wednesday, but experts weighed the possibility of a cyber attack
DNS Poisoning Suspected Cause of Huge Internet Outage in China (eWeek) DNS poisoning cuts Internet access for millions of users in China, but so far government officials have not clearly stated whether it was the result of a mistake or a cyber-attack
Chinese experts demand more DNS protection (Xinhua) Internet experts in China called for intensified efforts to safeguard the country's domain name system (DNS) after it malfunctioned on Tuesday, leaving users unable to access many websites
Several Armenian Government Ministries Websites Hacked by Anti-Armenia Team (HackRead) Azerbaijan Hackers from Anti-Armenia Team have hacked and defaced several Armenian government ministries websites. The sites were hacked two days ago where hackers left their deface page along with an anti-Armenian video message on all hacked websites. The links of all hacked websites is available here. The total number of targeted websites is 64, which includes high profile
Cybersecurity Firm Claims Russia Hacked Hundreds Of Western Companies (Business Insider) A U.S. cybersecurity firm says it has gathered evidence that the Russian government spied on hundreds of American, European and Asian companies, the first time Moscow has been linked to cyber attacks for alleged economic — rather than political — gains
Miami Company Launches Cyber Attack on Syrian Rebels (Miami New Times) A cross rebel-held Syria last September, an innocuous-seeming image of a man kissing a woman flashed across computer screens. It prompted curiosity and clicks. But as rebels soon learned, the image was actually a virus, and they'd just infected their computers. For months, as Syria descended deeper into chaos and President Barack Obama threatened war, no one knew who had created the virus, or why
New Target Cyber-Attack Details Emerge (TechWeekEurope) Security researchers reveal details of the malware used in the damaging breach of US retailer Target
As Target breach unfolds, information vanishes from Web (ComputerWorld) Did security companies publish too much, too soon on the Target breach? At least three security companies have scrubbed information related to Target from the Web, highlighting the ongoing sensitivity around one of the largest-ever data breaches
The Story of How Target Had Chip and PIN Cards, But Failed to Keep Them (FierceRetailIT) Target (NYSE: TGT) almost avoided being the victim — along with more than 70 million of its customers — of the largest data breach in U.S. retail history. It had a chip-based smart card program but failed to successfully roll it out
Ominous Text Message Sent To Government Protestors In Ukraine (TechCrunch) Someone is broadcasting creepy messages to defuse violent protests against the Ukrainian government. "Dear subscriber, you are registered as a participant in a mass disturbance," is a text being sent to protesters, reportedly near the Parliament building. Protesters are, in part, angry over anti-demonstration laws passed by the heavy-handed president, Viktor Yanukovych
Olympic team receives Sochi email threats (The Local (German edition)) Germany's Olympic Committee confirmed on Thursday it had received e-mails warning it of a terrorist attack at Sochi's Winter Games. It came as Germany unveiled its team for the Olympics
DHS Warns Contractors About Breach Of Its Web Portal (Dark Reading) More than 100 organizations got some bad news from DHS recently when it was revealed that hundreds of documents had been accessed without authorization
Veterans benefits portal data breach could affect more than 5,000 (FierceGovIT) A North Carolina veteran using a joint Veterans Affairs and Defense Department self-service portal stumbled on a data breach earlier this month causing the VA to yank the site offline for some time over the weekend
Hackers Steal the Identities of All Doctors in Puerto Rico (eSecurity Planet) The hackers apparently accessed the data by breaching the computer systems of the Puerto Rico College of Physicians and Surgeons
Vital infrastructure a cyber-terrorism timebomb EU warns (SlashGear) Vital control systems used by energy, water, and transportation are ill-prepared to cope with online terrorism and hacking threats, the EU's cyber security agency has warned, blaming patchy and inconsistent testing for what could be a potential infrastructure disaster. Industrial Control Systems (ICS) are "often outdated" ENISA points out, while their expected lifespan of 20 years or more fails to incorporate the sort of security features essential to withstand cyber-terrorism attacks
Cyber security 'failure' could result in next major terrorism attack (SC Magazine) Compliance, standards, a shortage in IT security skills and budgets are reasons behind the 'failure' of cyber security, experts conclude at French information security conference
Fully automated, API-supporting service, undermines Facebook and Google's 'SMS/Mobile number activation' account registration process (Webroot Threat Blog) Operating in a world dominated by millions of malware-infected hosts acting as proxies for the facilitation of fraudulent and malicious activity, the Web's most popular properties are constantly looking for ways to add additional layers of authentication to the account registration process of prospective users, in an attempt to undermine automatic account registration tactics. With CAPTCHA under automatic fire from newly emerging CAPTCHA solving/breaking services, re-positioning the concept from what was once the primary automatic account registration prevention mechanism, to just being a part of the 'authentication mix' these days, in recent years, a new (layered) authentication concept got the attention
Security Patches, Mitigations, and Software Updates
Apple: Random iOS 7 crashes to be remedied in "upcoming software update" (Ars Technica) A fix for soft-rebooting phones and tablets is on its way, possibly in iOS 7.1
Cyber Trends
Studies prove once again that users are the weakest link in the security chain (CSO) Recent surveys confirm that naïve users and risky online behavior make users a significant threat to their own networks
Security Incident Response Teams Getting Short End of Budget Stick (SecurityWeek) Responding to a security threat is just as important as detecting it — if not more so. Yet Computer Security Incident Response Teams are often given short thrift in security budgets — a lack of attention a new study argues may be traceable to poor communication between security teams and executives
Leaders have no real understanding of cyber attack implications (The HR Director) The results of a Ponemon Institute report entitled, "Cyber Security Incident Response: Are we as prepared as we think?" Findings show that while security threats are imminent, CEOs and other members of the management team are in the dark about potential cyber-attacks against their companies
Cloud Computing: A Powerful Tool For Cyber Attacks? (Silicon India) As cyber warfare against enterprises grows more brutal by the year, cloud computing technology is also at risk for cyber attacks such as malware and phishing, which have increased the demand for technologies to combat these threats
Most SMB employees in fear of identity theft in the workplace (Help Net Security) The smaller business workplace has transformed into a mobile-enabled, agile, and satisfying environment, but one where the workforce is acutely aware and worried about the threat to their personal online information, an independent study funded by GFI Software has revealed
Microsoft Maps Out Malware Haves And Have-Nots (Dark Reading) Some countries suffer disproportionately from malware infections and cybercrime, and Windows XP could exacerbate the problem
Everyone Has A Secret (TrendLabs Security Intelligence Blog) People are seldom an entirely open book. It's common sense and rational to keep some stuff like financial and medical records away from prying eyes. For others, it can be something trivial and silly (say, an embarrassing taste in music) to the more serious (like a traumatic event in one's past)
Marketplace
2014's Hacking Pain is Cyber Security's Gain (Forbes) First it was Target TGT -0.37% that got hacked over the Christmas holiday and that has the company bracing for a fierce backlash after it disclosed that over 70 million credit cards and other customer data was "compromised." That's a pretty sour way to close out the year, particularly if you are Gregg Steinhafel the Chairman and CEO of Target, but to think Target was the only company to get hacked in 2013 would be naive. Some of the bigger hacks in during 2013 including LivingSocial, Washington state Administrative Office of the Courts, Evernote, Drupal.org, and one of the internal websites of the Federal Reserve
VMware to aquire mobile security company AirWatch (CSO Salted Hash) Well, it seems that the M&A activity that we saw with FireEye picking up Mandiant earlier this month was just the tip of the iceberg in the market
Integrate cybersecurity with federal cloud computing adoption, says Karen Evans (FierceGovIT) A paper co-authored by a former government executive who occupied the position now known as the federal chief information officer recommends greater integration of cybersecurity efforts with federal cloud adoption
Booz Allen, Snowden's old firm, looking to help US government with 'insider threats' (Christian Science Monitor) Are defense and intelligence contractors the best choice to manage a threat they've contributed to? Edward Snowden told a writer for The New Yorker in an "interview conducted by encrypted means" that he had no assistance from Russia, any other country, or any other person or entity when he stole (by his count) over a million secret documents from his former employer, the National Security Agency (NSA)
Lunarline's Managed Security Service Takes on Major New Client (Sacramento Bee) "This service provides our clients access to their expertise as well to the full portfolio of Lunarline's cyber intelligence and continuous monitoring tools"
DB Networks Honored for Security Product Excellence (CIO Today) DB Networks, an innovator of behavioral analysis in database security, today announced that Info Security Products Guide, the industry's leading information security research and advisory guide, has named DB Networks' IDS-6300 as a finalist for the 10th Annual 2014 Global Excellence Awards in four products and services excellence categories, as well as for the Tomorrow's Technology Today Award
Premier Alliance Names Kent F. Anson as Chief Executive Officer, Positioning the Company for Its Next Phase of Growth (MarketWatch) Premier Alliance Group, Inc., (otcqb:PIMO) a leading provider of business performance, cyber security, and energy-management solutions, today announced that Kent F. Anson is joining the company as chief executive officer, effective January 20
Harmless hackers to solve biggest cyber problems to date (Voice of Russia) Hackers, who are not from the dark side, are coming out from their hiding spots to try and solve the toughest cyber challenges for a contest. On January 28, some of the best hackers in Israel will be identified in a competition, as they try to win a trip to the US to see exactly how Symantec tackles its cyber defense issues
Lenovo agrees to buy IBM's server business for $2.3 billion (ITWorld) Lenovo expects the acquisition of IBM's low-end x86 server business to raise its profile in the enterprise market
Products, Services, and Solutions
Symantec NetBackup 7.6 focuses on performance, feature parity (TechTarget) Symantec NetBackup 7.6 arrived late, but the vendor said backup and recovery performance will stand out in lieu of groundbreaking features
Technologies, Techniques, and Standards
NIST opens third round of NSTIC pilots (FierceGovIT) The National Institute of Standards and Technology sees testing as critical to the formation of an identity ecosystem, as called for in the National Strategy for Trusted Identities in Cyberspace. On Jan. 16, NIST formally announced a federal funding opportunity for a third round of NSTIC pilots
Snapchat Makes You "Find The Ghosts" To Keep Hackers From Stealing Your Phone Number [Update: But It Fails] (TechCrunch) Snapchat now verifies new users aren't robots by making them choose its ghost mascot within images. It's an attempt to keep out hackers who could steal phone numbers by exploiting a leaked database of details on 4.6 million accounts. a 16-year-old hacker proved he could do just that by finding the number of Snapchat CTO Bobby Murphy, but now he says Snapchat has patched the holes he harnessed. [Update: But the "Snap-tcha" solution doesn't seem very secure as another hacker built a workaround in under an hour
Bitcoin wallets: How to protect your digital currency (Naked Security) With the growing popularity of Bitcoins as an on- and offline currency, we look at what to look for in a Bitcoin wallet, and how to keep your money safe
Learning from the breaches that happen to others (Internet Storm Center) Initially when major breaches or incidents announced via the media, everyone and their pet dog has a theory about how it happened. As an Incident handler, I love a good explanation of what really happened when systems get breached, rather that the wide ranging, speculative theories. Most of us completely understand that during a breach information has to be limited to a need to know basis while the incident is being worked on and have to run their course before the investigators can even think about publically publishing their findings. That means the armchair security experts can pontificate endlessly of what they think happened. When an official report does get published of the breach, I tend to feel big chunks are missing, with some excellent notable exceptions. When discovering a public, well written, comprehensive report, that dives in to the nitty-gritty of an attack it cries out to be shared and should be cherished, voraciously dissected, pillaged for any tactical or strategic indicators and then carved up for lessons learned whenever they surface
Learning from the breaches that happen to others Part 2 (Internet Storm Center) My last Diary piece was on the analysis of multiple similar breaches with a great deal of technical details from an external team brought in to handle the incidents, but it didn't touch on the human elements that are intertwined with each and every breach
Design and Innovation
EC Creates Corporates+Universities Group And A Thinktank To Help EU Startups (TechCrunch) We've already covered the set of initiatives the European Commission plans to roll out in order to address the pressing need to support tech startups in Europe. Today in Davos, at the World Economic Form, Vice President Neelie Kroes has announced the launch of two initiatives inspired by that work
Research and Development
Securing the Smart Home, from Toasters to Toilets (MIT Technology Review) Efforts are underway to make your smart toilet—and other connected devices—less vulnerable to hackers
Amazon Files Patent for 'Anticipatory' Shipping (FierceRetailIT) Amazon (NASDAQ: AMZN) is determined to become the world's fastest package shipper as their latest venture will ship packages before being ordered
Two year investigation launched into post-Snowden Internet (ITProPortal) A major inquiry into the future of the Internet was announced at the World Economic Forum in Davos yesterday, intended to address the issues raised by the Edward Snowden spying revelations
Legislation, Policy, and Regulation
EU commissioner calls for larger data breach fines (Naked Security) The European Union commissioner for justice, Viviane Reding, has called for bigger fines for companies who breach data privacy laws within the union
CERT-UK to drive international cyber security collaboration (ComputerWeekly) The UK's new national computer emergency response team (CERT-UK) is set to drive international cyber security collaboration once it becomes operational later in 2014
Independent review board says NSA phone data program is illegal and should end (The Washington Post) The National Security Agency's long-running program to collect billions of Americans' phone records is illegal and should end. In a strongly worded report to be issued Thursday, the Privacy and Civil Liberties Oversight Board (PCLOB) said that the statute upon which the program was based, Section 215 of the USA Patriot Act, "does not provide an adequate basis to support this program"
Deciphering Obama's Necessary Message to the Intelligence Community (Defense One) President Barack Obama's speech last week was a thoughtful and comprehensive appraisal of the intelligence community's signals intelligence mission and capabilities
Our View: Obama's limits on surveillance not strong enough (Modesto Bee) The limits on the massive surveillance of Americans that President Barack Obama announced Friday are significant and necessary. His plan, however, should be only the start to striking the right balance between national security and civil liberties
Knowledge is Power: How the NSA bulk data seizure program is like gun registration (The Washington Post) We are repeatedly told by defenders of the NSA bulk data seizure program that there has not been a single example of any abuse by the NSA of this database
Fox News Poll: Most voters glad they know Snowden secrets (Fox News) A sizable majority of voters are glad they now know the federal government's collecting phone and email records of everyday Americans — a secret until National Security Agency leaker Edward Snowden gave classified agency documents to the media
Cybersecurity could be the next bipartisan breakthrough (The Hill) The most optimistic Congressional observers (a rare breed in Washington) have dared express the view that the recently enacted two-year budget agreement may encourage representatives and senators of both political parties to come together to tackle other important issues
Time for an International Convention on Government Access to Data (Huffington Post) Last week, President Obama spoke about the role of the National Security Agency and announced some important changes to the surveillance practices of the U.S. government. We appreciate the steps the President announced, which represent positive progress on key issues including privacy protections for non-U.S. citizens. There is more work to do to define some of the details and additional steps that are needed, so we'll continue to work with both the administration and Congress to advocate for reforms consistent with the principles our industry outlined in December
Congress wants more insight into cyber budget (Federal Times) US lawmakers have ordered the Pentagon to provide more detailed documentation as to how it spends money for cyber and special operations
Pope says internet is a 'gift from God' (The Local (Italian edition)) Pope Francis described the internet on Thursday as "a gift from God" and called on Catholics to "boldly become citizens of the digital world"
Litigation, Investigation, and Law Enforcement
Privacy Conundrum: When protecting customer privacy makes your company liable (FierceBigData) Alan Mulally, CEO of Ford Motor Co., appears to be begging regulators to protect consumer privacy by law. Yet he countered the statements made by his own executive vice president of global marketing, Jim Farley, who said at CES: "We know everyone who breaks the law; we know when you're doing it. We have GPS in your car, so we know what you're doing," he said, according to an article in Business Insider. "By the way, we don't supply that data to anyone." Mulally said Farley has it wrong in that Ford does not track drivers and does not share data without expressed consumer consent. So, why then is he supporting legal privacy protections? Officially the reason is civic concern. But unofficially, it may be a matter of company liability
State Dept. OIG sounds alarm on recurring cybersecurity weaknesses (FierceGovIT) Recurring weaknesses put "at significant risk the integrity" of the State Department's cybersecurity program, warns the departmental inspector general
Verizon Says It Received More Than 1,000 National Security Letters In 2013 (The Wall Street Journal) Verizon Communications Inc. said it received more than 1,000 requests for information about its subscribers on national security grounds last year, in the company's first report on official requests to turn over customer data. The U.S. telecom giant said it received between 1,000 and 1,999 so-called National Security Letters, which are requests for customer records that don't require approval from a judge or grand jury as long as the information is relevant to national security. Recipients of individual National Security
Judge Enforces Spy Orders Despite Ruling Them Unconstitutional (Wired) A federal judge in California who ruled last year that the government's use of National Security Letters is unconstitutional has defied her own ruling by enforcing three NSLs in the wake of that judgment, according to newly unsealed documents
U.S. Accuses Security Background Check Firm of Fraud (Wall Street Journal) The Justice Department on Wednesday accused the government's largest private security background check contractor of defrauding the country of millions of dollars by methodically filing more than 660,000 flawed background investigations—40% of the cases it sent to the government over a four-year period
Why I did it: Former hacker Mitchell Frost explains his motivation (ComputerWorld) In 2006, Mitchell Frost, then a 19-year-old college student at the University of Akron, used the school's computer network to control the botnets he had created. Authorities say between August 2006 and March 2007, Frost launched a series of denial of service (DDOS) attacks against several conservative web sites, including Billoreilly.com, Anncoulter.com and Rudy Giuliani's campaign site, Joinrudy2008.com. He is accused of taking down the O'Reilly site five times, as well as disrupting the University of Akron's network during a DDOS attack Frost allegedly launched on a gaming server hosted by the university
Slovenia frees man charged with hacking into NASA despite US extradition order (IT Security News) A Slovenian higher court on Wednesday rejected an United States extradition request and released a Romanian citizen charged with hacking into NASA computers in 2006
Shipyard worker denounces anonymous claim of spying (Honolulu Star-Advertiser) A senior Pearl Harbor shipyard manager says he was falsely accused of espionage, taken off the job in March and has not been paid since July — even though an investigation cleared him of the "foreign influence" allegations
For a complete running list of events, please visit the Event Tracker.
Upcoming Events
"Cyber Threat Landscape": How the FBI is counteracting the current threats (, Jan 1, 1970) Donald J. Good, FBI Section Chief Cyber Operations and Outreach Section, will offer first-hand awareness of how the FBI works with other government agencies and the private sector to counteract the current cyber threat scenario.
Cybertech — Cyber Security Conference and Exhibition (Tel Aviv, Israel, Jan 27 - 29, 2014) Cybertech Israel, the first event of its kind, will present world-leading companies in the field of cyber defense alongside young companies that offer unique solutions to advance the discipline of cyber security. The conference will focus on commercial problem-solving strategies and solutions for cyber infrastructure experts across multiple sectors: energy, utilities, finance, defense, R&D, manufacturing, service sectors, health, government, telecommunications, transportation and more.
U.S. Census Data Protection & Privacy Day (Suitland, Maryland, USA, Jan 28, 2014) The Census Bureau's Privacy Compliance Branch of the Policy Coordination Office is hosting a Data Protection and Privacy Day on January 28. This event is intended to provide a forum for Census employees and contractors to discuss current data protection and privacy policy and to generate ideas to help evolve the current policies . The event will feature various participants from the U.S. Census Bureau as well as other government agencies and industry.
2014 Cybersecurity Innovation Forum (Baltimore, Maryland, USA, Jan 28 - 30, 2014) The 2014 Cybersecurity Innovation Forum (CIF) is a three-day event, sponsored by the National Cybersecurity Center of Excellence (NCCoE) with DHS, NIST, and NSA as primary participating organizations. The CIF will cover the existing threat landscape and provide presentations and keynotes on current and emerging practices, technologies and standards. The 2014 CIF will provide action-oriented outputs to fuel voluntary principle-driven consensus-based standards efforts, create opportunities for industry growth and drive research activities, and define use cases for subsequent exploration, which in turn will feed back into the subsequent CIF's, continually evolving the state of the art.
Cyber Training Forum at NGA (Springfield, Virginia, USA, Feb 4, 2014) The 2014 Cyber Security Training Forum (CSTF) will take place at the NGA East Campus in Springfield, VA. This event is designed to provide education and training to the NGA Workforce, the Intelligence Community, and Industry. The CSTF will include keynotes, breakout sessions, and cyber security demonstrations from industry.
U.S. Department of Commerce Technology Expo (, Jan 1, 1970) Department of Commerce is interested in hearing from you! The OCIO Office is specifically looking for speakers on Vulnerability Management and Implementation of Continuous Monitoring. Please contact your FBC representative to submit an abstract today.
Cyber Security 2014 (, Jan 1, 1970) The threats and the opportunities conference brings together over 150 business leaders, senior decision makers, business development managers and IT professionals from across the whole defence and security supply chain, from Prime Contractors, through tier 1 and tier 2 suppliers, SMEs and those at the front of R&D and the development of new and innovative products and services. The event will provide a unique opportunity for those within the whole supply chain to understand both the current and future threat of Cyber Security on the supply chain and what action will need to be taken to mitigate these and ensure we are fit to compete in the future — both as businesses and as a country. Organisations who have confirmed their attendance include: RBS, Finmeccanica Selex, Thales, MOD, Scottish Government, Lockheed Martin UK, BAE Systems and others.
Security Analyst Summit 2014 (Punta Cana, Dominican Republic, Feb 9 - 13, 2014) The Kaspersky Security Analyst Summit (SAS) is an annual event connecting anti-malware researchers and developers, global law enforcement agencies and CERTs and members of the security research community. The goal is to learn, debate, share and showcase cutting-edge research, new technologies and discuss ways to improve collaboration in the fight against cyber-crime.
FBI HQ Cloud Computing Vendor Day (, Jan 1, 1970) As part of its FAR mandated market research efforts and in order to keep FBI employees informed of new products, technologies and services available in the industry, ITED has been tasked with organizing four 'Vendor Days' a year focusing on technology that can enhance current IT capabilities. These market research events will enhance exposure for all Department of Justice (DOJ)/Federal Bureau of Investigation (FBI) employees to new products and services and to have an opportunity to interact directly with the industry. Vendor days are for demo purposes only and are designed to facilitate FBI market research efforts. Attending vendors shall make all inquiries concerning pending or future FBI requirements to the cognizant FBI contracting officer.
New FFIEC Guidelines on Social Media: 3 Things You Need to Know (, Jan 1, 1970) We'll take an in-depth look at the new Federal Financial Institutions Examination Council (FFIEC) guidelines on social media and consumer compliance risk, and how they may impact your organization. We'll break down nearly 20 pages of dense government material, distilling the key topics for legal, compliance, risk and finance professionals.
RSA Conference USA (San Francisco, California, USA, Feb 24 - 28, 2014) Hundreds of game-changing interactions will give you an unparalleled diversity of industry insight and information based on best practices, real implementation stories, and detailed case studies. Each year, educational sessions feature new and returning educational tracks you won't find anywhere else.
Nellis AFB Technology & Cyber Security Expo (, Jan 1, 1970) For over 12 years, the Armed Forces Communications & Electronics Association (AFCEA) - Las Vegas Chapter and FBC have been co-hosting the Annual Information Technology Expo at Nellis AFB. As was the case last year, the 2014 event will once again have a Cyber Security theme. This is an excellent opportunity for any technology or cyber company to meet with the personnel at Nellis AFB, as well as the local AFCEA members.
Trustworthy Technology Conference (, Jan 1, 1970) Join us for the first Trustworthy Technology Conference, to be held on 27 February 2014 at the AMC Metreon Theatre in San Francisco, California. We welcome all security researchers, practitioners and citizens who are interested in discussing the technical, legal and ethical underpinnings of a stronger social contract between users and technology.
Creech AFB Technology & Cyber Security Expo (, Jan 1, 1970) The Armed Forces Communications & Electronics Association (AFCEA) - Las Vegas Chapter, with support from the 432d Wing, will host a Cyber Security Awareness Day & Technology Expo at Creech AFB. This is an excellent opportunity for technology, cyber and tactical technology companies to meet with remote personnel at Creech AFB. At the 1st Annual event held in February 2013 over 100 Creech AFB personnel attended this event. Some of their job descriptions included: Commander, Flight Chief, Communications Officer in Charge, IT Lead, Systems Admin, Wing Training, Information Assurance Officer, Knowledge Management, Section Chief, Avionics, Physical Security, Project Manager, Director and more.