The CyberWire Daily Briefing 01.14.14

Summary

By The CyberWire Staff

The shopping-season attacks on Target and Neiman Marcus increasingly appear to be part of a coordinated criminal campaign. Most observers believe Target's point-of-sale devices suffered RAM-scraping, a relatively sophisticated attack that extracted card data while those data were resident in memory, and thus less protected by encryption. The malware also apparently performed something akin to what microbiologists call "quorum sensing": remaining quiet and stealthy until the infection achieved the critical mass necessary to work its damage.

Neiman Marcus, which discovered its breach later than Target did, is now assessing damage and notifying affected customers. Other unnamed retailers were also breached. Card data stolen in the attacks has flooded criminal markets. The data ought to be worth billions, but the thieves seem to be having trouble moving their digital swag: there's a glut on the market and the merchandise is still pretty hot.

Since Target and Neiman Marcus were by no means ill-prepared or poorly resourced, it seems safe to conclude that (1) their handling of the incident will prove instructive, and (2) many other, softer targets will discover they've been hit as well.

Elsewhere in the criminal economy the market for do-it-yourself telephony denial-of-service (TDoS) tools thrives.

Oracle, Adobe, and Microsoft all patch later today.

In industry news, Google makes a smart-grid, Internet-of-things play, buying Nest for $3.2B. Facebook snuggles up to VKontakte with a data-sharing agreement. Huawei works on an image makeover amid signs the UK government will shun its hardware.

Researchers develop a model to predict cyber attacks.

Notes.

Today's issue includes events affecting Belarus, China, European Union, Germany, Russia, Somalia, Spain, Ukraine, United Kingdom, United States.

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

"Cyber Threat Landscape": How the FBI is counteracting the current threats (, January 1, 1970) Donald J. Good, FBI Section Chief Cyber Operations and Outreach Section, will offer first-hand awareness of how the FBI works with other government agencies and the private sector to counteract the current cyber threat scenario.

FloCon2014 (Charleston, South Carolina, USA, January 13 - 16, 2014) FloCon 2014, a network security conference, takes place at the Francis Marion Hotel in Charleston, South Carolina, on January 13–16, 2014. This open conference provides a forum for operational network analysts, tool developers, researchers, and other parties interested in the analysis of large volumes of traffic to showcase the next generation of flow-based analysis techniques.

NASA Langley Cyber Expo (Hampton, Virginia, USA, January 14, 2014) The 2013 NASA Langley Cyber Expo is an annual event dedicated to Cyber Security and Information Technology at this secure facility. As the Cyber Expo hosts, the Office of the Chief Information Officer will be recruiting top federal speakers to provide informational sessions on relevant Cyber issues. Industry exhibitors may sit in on the sessions.This event will be promoted to all NASA Cyber and IT-focused personnel, as well as the entire workforce at this location.

Federal Intel Summit (, January 1, 1970) The Potomac Officers Club is proud to host the 2014 Federal Intel Summit featuring Congressman Mike Rogers and leadership from across the Federal Agencies focused on protecting our national interests.

cybergamut Tech Tuesday: Malware Reverse Engineering — An Introduction to the Tools, Workflows, and Tricks of the Trade to Attack Sophisticated Malware (, January 1, 1970) Reverse engineering malware can be an integral part of every security team's calculus. This session provides a technical review of the tools, workflows, and advanced analytic insight a senior reverse engineer brings to the fight. It will help demystify the process and illustrate the value-proposition associated with deep analytics of malware. Moreover, understanding the detail available through reverse engineering gives the security professional deeper insight into the tactics and techniques the attackers use to circumvent their defensive solutions. The session empowers cyber security professionals at every level to make better-informed judgments on how to improve their response and remediation protocols.

Federal Mobile Computing Summit (, January 1, 1970) The Federal Mobile Computing Summit: Digital Government Strategy II will feature government leaders who played an instrumental role in the development of the DGS and worked on the resulting deliverables. These IT thought leaders will examine the mobile landscape over the next 18 months — and beyond.

Cybertech — Cyber Security Conference and Exhibition (Tel Aviv, Israel, January 27 - 29, 2014) Cybertech Israel, the first event of its kind, will present world-leading companies in the field of cyber defense alongside young companies that offer unique solutions to advance the discipline of cyber security. The conference will focus on commercial problem-solving strategies and solutions for cyber infrastructure experts across multiple sectors: energy, utilities, finance, defense, R&D, manufacturing, service sectors, health, government, telecommunications, transportation and more.

U.S. Census Data Protection & Privacy Day (Suitland, Maryland, USA, January 28, 2014) The Census Bureau's Privacy Compliance Branch of the Policy Coordination Office is hosting a Data Protection and Privacy Day on January 28. This event is intended to provide a forum for Census employees and contractors to discuss current data protection and privacy policy and to generate ideas to help evolve the current policies . The event will feature various participants from the U.S. Census Bureau as well as other government agencies and industry.

2014 Cybersecurity Innovation Forum (Baltimore, Maryland, USA, January 28 - 30, 2014) The 2014 Cybersecurity Innovation Forum (CIF) is a three-day event, sponsored by the National Cybersecurity Center of Excellence (NCCoE) with DHS, NIST, and NSA as primary participating organizations. The CIF will cover the existing threat landscape and provide presentations and keynotes on current and emerging practices, technologies and standards. The 2014 CIF will provide action-oriented outputs to fuel voluntary principle-driven consensus-based standards efforts, create opportunities for industry growth and drive research activities, and define use cases for subsequent exploration, which in turn will feed back into the subsequent CIF's, continually evolving the state of the art.

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.