The CyberWire Daily Briefing 07.02.15
Team GhostShell — the hacktivist crew that claims exposure of inadequate security as its mission — is back, dumping pieces of sensitive data picked up from government agencies and (especially) educational sites whose security GhostShell regards as "shoddy."
Banks in the United Arab Emirates sustain an apparently coordinated denial-of-service attack.
The Egyptian Army takes an unfortunate page from the ISIS information operations playbook, posting some two-dozen pictures of dead ISIS fighters to Facebook.
Cyber-rioting flares again between Armenia and Azerbaijan, this time with Armenian hackers leaking personal data of about 5000 Azerbaijani citizens.
As the class action lawsuit against OPM by Government employees proceeds (alleging among other things that OPM managers violated Federal law with respect to data protection) the US FBI warns businesses to prepare for more attacks emanating from China. (The Bureau doesn't say, but, as the Daily Beast puts it, "strongly implies" Chinese government responsibility for both the OPM and Anthem breaches.) War on the Rocks publishes a brief, clear account of the damage that can be done with the SF-86 data exposed at OPM.
Concerns about mobile malware continue, with FireEye outlining the potential for Masque attacks against iOS devices, and G DATA describing a rapid rise in Android exploits (many of them designed for use against financial targets).
The Angler exploit kit continues to push CrytpoWall. TorrentLocker surges in both the UK and Turkey. Ransomware-as-a-service picks up black marketshare.
Security researchers describe enterprise resource planning systems' attack surface.
Venture capitalists talk tech trends, guarantees, and cyber insurance.
A note to our readers: we'll be taking tomorrow off as we observe Independence Day (a day early, following Federal usages over here in America). The CyberWire will resume normal publication on Monday, July 6.
Today's issue includes events affecting Armenia, Azerbaijan, Brazil, China, Egypt, Iran, Kenya, Democratic Peoples Republic of Korea, Russia, Turkey, United Arab Emirates, United Kingdom, and United States.
Cyber Attacks, Threats, and Vulnerabilities
Team GhostShell hacktivists dump data from US universities and hundreds of sites (Computerworld) The hacker group GhostShell is back, claiming to have access to billions of accounts, trillions of records, hacking sites and dumping data to show that governments, educational institutions and other sites still have shoddy cybersecurity
Hacktivist group possibly compromised hundreds of websites (IDG via CSO) A hacker group known as Team GhostShell is publishing snippets of sensitive data allegedly stolen from the databases of hundreds of compromised websites
Anonymous cyber hackers hit UAE banking websites (Arabian Business) Several UAE banks were hit by a co-ordinated cyber attack, known in the trade as a distributed-denial-of-service (DDoS) attack, on Tuesday, crippling e-banking operations and websites, and leaving the unnamed institutions fearing further assaults, Arabian Business' sister website ITP.net has reported
Egypt Proudly Posts Photos of Mangled ISIS Corpses on Facebook (Daily Beast) The army's escalating military and media campaign to wipe out the terror group took a gruesome step Wednesday with two posts featuring dozens of contorted bodies clutching machine guns
Armenian Hackers Leak ID Cards, Passports of 5k Azerbaijani Citizens (HackRead) The cyber war between Armenians and Azerbaijani hackers is never ending. Just like today when Armenian hackers leaked trove of data containing personal information of Azerbaijani citizens
FBI Warns U.S. Companies to Be Ready for Chinese Hack Attacks (Daily Beast) In a message obtained by The Daily Beast, the bureau strongly implies Beijing was behind the massive hack that exposed U.S. government employees' secrets — and U.S. companies are next
The 9 Scariest Things that China Could Do with the OPM Security Clearance Data (War on the Rocks) The theft of the SF-86 security clearance records of millions of current, former, and prospective U.S. government employees and contractors from the Office of Personnel Management (OPM) probably has the Chinese government doing a happy dance. This data breach may affect up to 6 percent of the entire U.S. population. What use can the data be to China? Here are nine things that can now be done on an industrial scale
Three New Masque Attacks against iOS: Demolishing, Breaking and Hijacking (FireEye) In the recent release of iOS 8.4, Apple fixed several vulnerabilities including vulnerabilities that allow attackers to deploy two new kinds of Masque Attack (CVE-2015-3722/3725, and CVE-2015-3725). We call these exploits Manifest Masque and Extension Masque, which can be used to demolish apps, including system apps (e.g., Apple Watch, Health, Pay and so on), and to break the app data container
Über 50 Prozent der Android-Schaddateien zielen auf Finanzgeschäfte ab (FinanzNachrichten) G DATA Mobile Malware Report: Fast 5000 neue Mobile-Schädlinge täglich
Xiaomi security flaw July 2015: Could put millions of Mi4, MI smartphones at risk (MNR Daily) Since its inception in 2010, Xiaomi has grown to become the number one smartphone manufacturer in China and the number three worldwide. Xiaomi commanded a share of 13.7% in the Chinese market, beating Apple during the fourth quarter, and sold 61 million smartphones in 2014
Injection Attacks on 802.11n MAC Frame Aggregation (ACM (WiSec '15)) The ability to inject packets into a network is known to be an important tool for attackers: it allows them to exploit or probe for potential vulnerabilities residing on the connected hosts. In this paper, we present a novel practical methodology for injecting arbitrary frames into wireless networks, by using the Packet-In-Packet (PIP) technique to exploit the frame aggregation mechanism introduced in the 802.11n standard. We show how an attacker can apply this methodology over a WAN — without physical proximity to the wireless network and without requiring a wireless interface card
Another example of Angler exploit kit pushing CryptoWall 3.0 (Internet Storm Center) Angler exploit kit (EK) has been evolving quite a bit lately. Recently, this EK has been altering its URL patterns on a near-daily basis. The changes accumulate, and you might not recognize current traffic generated by Angler. After two weeks of vacation, I almost didn't recognize it. This diary provides two traffic examples of Angler EK as we enter July 2015
TorrentLocker Surges in the UK, More Social Engineering Lures Seen (TrendLabs Security Intelligence Blog) We've noticed a recent increase in TorrentLocker-related emails being sent to users in several countries, particularly the United Kingdom and Turkey. From the latter half of May until June 10, there was a relative lull in TorrentLocker-related emails. However, over a period of just over two weeks (June 10 to June 28), we saw a recurrence of this threat
Franchising Ransomware (Dark Reading) Ransomware-as-a-service is fueling cyberattacks. Is your organization prepared?
Cisco UCDM Platform Ships with Default, Static Password (Threatpost) A week after admitting that several of its security appliances ship with static SSH keys, Cisco warned customers on Wednesday that its Unified Communications Domain Manager platform has a default, static password for an account that carries root privileges
Wi-Fi password-sharing feature in Windows 10 raises security concerns (CSO) With the launch of Windows 10, anyone who walks into your house and gets your Wi-Fi password for their PC could potentially let all their friends onto your network, thanks to a new feature that has ignited controversy online
SAP: Juicy Target For Attackers, Opportunity For Security Research Community (HackerOne) Enterprise resource planning (ERP) suites by the likes of SAP and Oracle JD Edwards serve as the nerve center of the most business critical processes of the enterprise. They control financial planning. They support manufacturing and supply chain management. They facilitate marketing and sales activities. And they're also some of the most vulnerable systems in the enterprise. In spite of spending millions on security today, enterprises are seriously dropping the ball when it comes to their most sensitive business applications. Here's how badly: 95 percent of SAP installations contain vulnerabilities that could lead to the full compromise of an organization's business data and process
Why We Need In-depth SAP Security Training (Dark Reading) SAP and Oracle are releasing tons of patches every month, but are enterprises up to this complex task? I have my doubts
Harvard Reveals It Had An IT Breach In June Impacting 8 Colleges And Administrations (TechCrunch) A seventeenth-century university has become the victim of a twenty-first-century crime. Harvard University on Wednesday announced that on June 19, it discovered a breach in the IT systems of its Faculty of Arts and Sciences and Central Administration, currently impacting eight different schools and administrative organizations at the university
Banks: Card Breach at Trump Hotel Properties (KrebsOnSecurity) The Trump Hotel Collection, a string of luxury hotel properties tied to business magnate and now Republican presidential candidate Donald Trump, appears to be the latest victim of a credit card breach, according to data shared by several U.S.-based banks
Security Patches, Mitigations, and Software Updates
Cisco Unified Communications Domain Manager Default Static Privileged Account Credentials (Advisory ID: cisco-sa-20150701-cucdm) (Cisco Security Center) A vulnerability in the Cisco Unified Communications Domain Manager Platform Software could allow an unauthenticated, remote attacker to login with the privileges of the root user and take full control of the affected system
Microsoft goes public with more details on its Windows 10 rollout plan (ZDNet) Windows 10 Enterprise and Education will be available starting August 1. Starting July 29, those who want Windows 10 under the first-year-free deal will get the OS in waves
No support means just that for Windows Server 2003 users (MicroScope) The last few days of support for Windows Server 2003 are finally here but many users are still using the software and have yet to make moves away to an alternative
Confidence in antivirus falls to all-time low (Help Net Security) While concern for end-user risk persists, confidence is waning in traditional detection-based security solutions, such as antivirus and firewalls. Instead, interest is shifting toward prevention-based security solutions, such as endpoint threat isolation, according to a new Bromium report
Enterprise Threat Intelligence Programs are Immature (Network World) Seems like everyone is talking about threat intelligence these days. The feds are promoting public/private threat intelligence sharing across the executive and legislative branches while the industry is buzzing about threat intelligence feeds, sharing platforms, and advanced analytics
Four in five execs think conventional security is not enough for cloud environments (Cloud Tech) Earlier this week, this publication reported on a C-level study which showed a distinct lack of trust in cloud storage for fully securing corporate data. Now, a new survey from CloudPassage sheds light on the security executive perspective; 80% of security execs in North America don't believe conventional network security solutions are enough to protect their cloud computing environments
Providers grapple with cybersecurity (Healthcare IT News) Anti-virus, firewalls deployed as protection, but most recognize need for more advanced strategies
A Critical Threat (SC Magazine) Attacks on critical national infrastructure are a growing concern, not just the banking and civil infrastructure, but also control systems used in the physical delivery of services. This is set to become even more of a problem as SCADA systems become internet enabled, reports Kate O'Flaherty
Is the information security industry having a midlife crisis? (CSO) Focusing on awesomeness and a plan B can help get InfoSec out of its slump
Reverse retailing brings store traffic, online sales, cyber attacks (FierceRetail) As more merchants master the art of omnichannel retailing, they benefit from a new phenomenon called 'reverse retailing,' or intentional showrooming. However, this has led to an increase in online security problems
Middle-manager inaction the weak link in enterprise cyber-security (Engineering and Technology) Lethargic, narrow-minded middle-managers are among the biggest remaining obstacles to consolidating enterprise cyber-security, an industry expert has warned
Smart Cities' 4 Biggest Security Challenges (Dark Reading) The messiness of politics and the vulnerability of the Internet of Things in one big, unwieldy package
How a teenage hacker might start World War III (Christian Science Monitor Passcode) An excerpt from 'Ghost Fleet,' a new novel by Peter W. Singer and August Cole, that envisions what a future global cyberconflict might look like
Cyber security a business issue, CBI conference told (ComputerWeekly) Like any other serious threat to your company, cyber security should be firmly on the board's agenda, speakers told delegates at a CBI security conference
US Army Seeks Leap-Ahead Cyber Defense Tech (Defense News) The US Army is seeking to equip its cyber warriors with cutting-edge networking hardware, and it is going outside the traditional acquisitions system to do it
A New Battle Plan for Defeating Cyber Threats (CIO Review) The bad news is that cyber security threats are at an all-time high
Allegis Capital to Emphasize Cybersecurity With New Fund (Wall Street Journal Venture Capital Dispatch) Allegis Capital has closed on $100 million toward a new fund that will emphasize investments in cybersecurity startups
No More Snake Oil: Shifting the Information Security Mentality (CIO Review) When was the last time you made a major purchase without some type of guarantee?
No More Snake Oil: Why InfoSec Needs Security Guarantees (White Hat via SlideShare) Ever notice how everything in InfoSec is sold "as is"? No guarantees, no warrantees, no return policies. For some reason in InfoSec, providing customers with a form of financial coverage for their investment is seen as gimmicky, but the tides and times are changing. This talk discusses use cases on why guarantees are a must have and how guarantees benefit customers as well as InfoSec as a whole
Five Strategies for Better Cyber Protection and Defense (Menlo Ventures) Today, BitSight Technologies announces $23M in Series B funding to continue protecting businesses from cyber attacks with sophisticated cyber security ratings. At Menlo, we're proud to re-up our investment in BitSight. In fact, we're focusing $80M of our current $400M fund on cyber security investments, as attacks are an ever-increasing board-level threat to businesses today
Securing the Airways (CIO Review) Mobile communications are wide open to hacking. Encryption delivers a much needed solution
Why the enterprise mobility management market needs a rethink (EnterpriseAppsTech) A high-stakes battle has emerged in the rapidly-changing market for enterprise mobility management, also known as EMM
Startup BitSight Raises $23M to Advance Security-Ratings Platform Technology (The VAR Guy) Security startups have experienced a windfall of funding lately. We've told you about the cash CounterTack, Menlo Security and vArmour have all added to their wallets, and now another nascent security company BitSight Technologies — which develops a platform allowing companies to rate their own and other organizations' security — is joining the list
Thycotic Receives Significant Investment from Insight Venture Partners to Meet Growing Demand for Privileged Account Management Solutions (PRNewswire) Thycotic, a provider of smart and effective privileged account management solutions for global organizations, today announced a significant investment from New York-based private equity and venture capital firm Insight Venture Partners. The new capital will be used to fuel the company's continued global expansion and product innovation. Mike Triplett, managing director and Philip Vorobeychik, senior associate will join Thycotic's board of directors. Specific deal terms were not disclosed
Level 3 Communications (LVLT) Acquires Black Lotus (Street Insider) Global telecommunications provider Level 3 Communications, Inc. (NYSE: LVLT), announced it acquired privately held Black Lotus, a provider of global Distributed Denial of Service (DDoS) mitigation services
Two companies living the life of growth (IT Pro Portal) Digital Shadows and Growth Intelligence, both Level39 and High Growth Space members, started off in humble beginnings — small teams, small spaces but big ideas
Women in IT Security: Women of influence (SC Magazine) We enlisted a team of moderators to ask a number of prominent IT security professionals about the challenges they faced as a woman entering the field, the prejudices they deal with every day and the skills they use to navigate within their business
NIST Vet Jeremy Grant Joins Chertoff Group as Managing Director (GovConWire) Jeremy Grant, formerly senior executive adviser at the National Institution of Standards and Technology, has been appointed to a managing director role at The Chertoff Group
SECUDE Announces Joerg Dietmann as New CEO (Sys-Con Media) Former Business Executive From Ciber Joins SECUDE to Support the Company's Growing Business in the Field of SAP Security
Products, Services, and Solutions
Dashlane and Golden Frog Form Partnership to Increase Online Security for Customers (Sys-Con Media) Leading password management and personal VPN companies create special offers for their respective services
Fortscale Partners With Cloudera to Deliver Hadoop-Based User Behavior Analytics Solution (Dark Reading) Scalable solution enables enterprise customers to quickly discover and respond to insider threats
How to access Wi-Fi anonymously from miles away (ZDNet) A tiny device provides an extra layer of defense which can keep the online activities of journalists, activists and criminals hidden
Union Bank Fulfills Mobile Demands and BYOD Security Requirements with ZixOne (MarketWatch) Straightforward solution was up and running in hours
Technologies, Techniques, and Standards
Start with Security: A Guide for Business (Federal Trade Commission) When managing your network, developing an app, or even organizing paper files, sound security is no accident. Companies that consider security from the start assess their options and make reasonable choices based on the nature of their business and the sensitivity of the information involved. Threats to data may transform over time, but the fundamentals of sound security remain constant
Opinion: An Underwriters Laboratories for cybersecurity is long overdue (Christian Science Monitor Passcode) Noted security researcher Mudge left Google to launch what appears to be the cybersecurity equivalent of electronics testing outfit Underwriters Laboratories — an idea first proposed 16 years ago
How to Protect Your Company's Bottom Line Against Data Breach Losses Through Insurance (JDSupra) In the wake of what seems to be daily announcements of new data security breaches and increased regulatory oversight over company information security and privacy practices, companies are looking for ways to minimize risks associated with the seemingly inevitable data security breach
PCI Update Paves Way For Expanding Point-to-Point Encryption (Dark Reading) Move appears designed mainly for large organizations and big-box retailers looking to lock down payment card security
The Best Defence Against Targeted Threats (Information Security Buzz) Hackers' increasing sophistication means perimeter security is failing. Organisations must switch tactics and turn to tools which can stop intruders once they're inside the network, argues Tufin's Reuven Harrison
Securing Single Points of Compromise (SPoC) (SANS Institute) Securing the Single Points of Compromise that provide central services to the institution s environment is paramount to success when trying to protect the business. (Fisk, 2014) Time Based Security mandates protection (erecting and ensuring effective controls) that last longer than the time to detect and react to a compromise. When enterprise protections fail, providing additional layered controls for these central services provides more time to detect and react. While guidance is readily available for securing
Securing SAP Systems from XSS vulnerabilities Part 3: Defense for SAP NetWeaver J2EE (ERPScan) Cross-site scripting, or XSS, is one of the most popular vulnerability in all products and in SAP products with total number of 628 vulnerabilities (almost 22% of all vulnerabilities ever found in SAP during 12 years). In the previous posts, we described the general information on XSS and how to defense SAP NetWeaver ABAP from this vulnerability. Today we will give an overview of SAP NetWeaver J2EE defence
Want to know if your employees are security savvy? Run your own phishing campaign (Security Affairs) In a Q&A with ZDNet, the vice president of Cybersecurity Services at Fidelis explains why top-level management has to be the security-focused example for others to follow
Design and Innovation
The Quest to Rescue Security Research From the Ivory Tower (Wired) Stolen credit card numbers. Stolen passwords. The personal information of about 4 million federal workers hacked. We know all too well that computers are dreadfully insecure. And all too often, the people who could do the most to help make them more secure are stuck in academia with little connection to the real world
TV's newest hacker drama "Mr. Robot" is technically sound, morally ambiguous (Naked Security) "Mr. Robot," USA Network's new series about a cybersecurity engineer at the center of a plot by a group of hackers to take down an evil corporation, is good entertainment
Research and Development
Georgia Tech studies streamlined cybersecurity for Navy (C4ISR & Networks) The Georgia Institute of Technology has been awarded a $2 million Navy contract for cybersecurity research. The contract covers two projects
MIT to study persistent threats for Air Force (C4ISR & Networks) The Massachusetts Institute of Technology has been awarded a $7.1 million Air Force contract for transparent computing
DARPA picks two for WAN project (C4ISR & Networks) Two companies will aid the Defense Advanced Research Projects Agency improve wide-area networks, under contracts connected to DARPA's Edge-Directed Cyber Technologies for Reliable Mission program
What if You Trained Google's Chatbot on Mein Kampf? (Wired) Google recently built a chatbot that can learn how to talk to you. Artificial intelligence researchers Oriol Vinyals and Quoc Le trained the thinking machine on reams of old movie dialogue, and it learned to carry on a pretty impressive conversation about the meaning of life
Legislation, Policy, and Regulation
Kenya to require users of public Wi-Fi to register with government (Ars Technica) New Internet regs will require cafés, hotels to log device owner data
The Brazil-U.S. Cyber Relationship Is Back on Track (Council on Foreign Relations) Brazilian President Dilma Rousseff's was in Washington D.C. this week to meet with President Obama. The trip came two years after she had famously cancelled a state visit in 2013 in protest following allegations that the NSA had spied on Brazil and Rousseff personally. At the time, the Brazilian president was very public and vocal in her denunciations, calling the espionage "manifestly illegitimate" and expressing her outrage at the United Nations
David Cameron on a Mission to Destroy 'Strong Cryptography' (Hacked) British Prime Minister David Cameron believes that strong cryptography is a major barrier to peace, order, and justice
Pentagon Releases New National Military Strategy (Defense News) The Pentagon has released a new National Military Strategy, the first update to that document since 2011 — and one that warns non-traditional threats are on the rise
Defense cyber strategy: We can and will hit back (C4ISR & Networks) The Defense Department's new cyber strategy, just over two months old, is an outline of overarching goals fleshed out with narrower objectives and plans for implementation, hits on Pentagon cyber ambitions. Perhaps chief among them: The U.S. military has the means to retaliate in the digital realm and a willingness to do so
Bulk Phone Surveillance Lives Again, to Die in a More Orderly Fashion in Five Months (Intercept) A federal judge with the top-secret surveillance court on Monday breezily reinstated the NSA bulk domestic surveillance program that was temporarily halted a month ago, allowing the agency to go back to hoovering up telephone metadata for five months while it unwinds the program for good
An Unassuming Web Proposal Would Make Harassment Easier (Wired) The privacy of countless website owners is at risk, thanks to a proposal in front of the byzantine international organization at the heart of the Internet: ICANN. If adopted, the new proposal could limit access to proxy and privacy services, which protect domain registrants from having their home addresses exposed to everyone on the Internet
Litigation, Investigation, and Law Enforcement
Class-Action Suit Alleges OPM Officials Failed to Protect Employees' Data (Threatpost) A class-action lawsuit filed by a government employees' union against the Office of Personnel Management as a result of the massive data breach at OPM that affects more than 18 million people alleges that not only did the agency know about vulnerabilities in its network long before the attack, but that the agency's director and CIO both broke federal laws by ignoring directives to fix the weaknesses
GCHQ did spy on Amnesty International, secret tribunal admits (Ars Technica) Embarrassing admission highlights one of the many problems with secret tribunals
Intelligence agency to develop cybercrime map, pinpoint high-tech criminals (MISCO) British cybercrime fighters are to have a new tool to help thwart high-tech criminals, the BBC has reported
The FBI Most Wanted hackers. Law enforcement is willing to pay $4.2 million to get them (Security Affairs) FBI has published the lists of most wanted hackers, the rewards for their capture reach $4.2 million. They have stolen hundreds of millions of dollars
California fiber optic cable vandalism continues unabated (Ars Technica) New attack in underground vault brings to 11 the number of incidents in a year
California's physical internet cable hacking riddle sparks FBI probe (Register) Chopping up cables is one way of stopping mass surveillance
Corrupt Silk Road investigator pleads guilty, admits to $240K movie deal (Ars Technica) Carl Force was "Nob," "French Maid," and "Death from Above"
Baton Rouge man arrested in cyber attack on Georgia-Pacific computers (Advocate) A 43-year-old Baton Rouge man recently fired by Georgia-Pacific has been indicted and arrested for a cyberattack on the company's computer system, U.S. Attorney Walt Green said Wednesday
For a complete running list of events, please visit the Event Tracker.
Newly Noted Events
Career Discovery in Cyber Security: A Women's Symposium (New York, New York, USA, Jul 30, 2015) Our annual conference brings together some of the best minds in the industry, with the goal of guiding women with a talent and interest in cyber security into top-flight careers
National Insider Threat Special Interest Group Meeting (Laurel, Maryland, USA, Jul 16, 2015) Topics to be discussed at the meeting; Insider Threat Program Development & Implementation, Behavioral Indicators Of Concern, Legal Considerations When Developing & Managing An Insider Threat Program. There is no cost to attend this meeting
National Cybersecurity Center of Excellence (NCCoE) Speaker Series: Janet Levesque, Chief Information Security Officer at RSA (Rockville, Maryland, USA, Jul 16, 2015) Traditional security models are failing. While the idea of a shift from prevention to detection has gained traction, most current approaches to detection rely heavily on the same techniques that have rendered preventative tools ineffective. The ultimate goal — disrupting and stopping attacks — has continued to elude security experts. The next stage in the industry's evolution is to move to a stance of "dynamic defense," which combines the ability to detect an attack and fully understand its scope and potential impact on the business, and then use the information to disrupt the attack before adversaries can accomplish their goals
TakeDownCon Rocket City (Huntsville, Alabama, USA, Jul 20 - 21, 2015) TakeDownCon is a highly technical forum that focuses on the latest vulnerabilities, the most potent exploits, and the current security threats. The best and the brightest in the field come to share their knowledge, giving delegates the opportunity to learn about the industry's most important issues. With two days and two dynamic tracks, delegates will spend Day 1 on the Attack, learning how even the most protected systems can be breached. Day 2 is dedicated to Defense, and delegates will learn if their defense mechanisms are on par to thwart nefarious and persistent attacks
CyberMontgomery 2015 (Rockville, Maryland, USA, Jul 30, 2015) Montgomery County, Maryland, is home to the National Institute of Standards and Technology (NIST), the National Cybersecurity Center of Excellence (NCCoE), the FDA, NIH, NOAA, NRC and more than a dozen other Federal agencies, plus regional State and local agencies, educational institutions (such as Montgomery College, the Universities at Shady Grove, a satellite campus of Johns Hopkins, and the Bethesda-based SANS Institute), plus scores of cyber companies, ranging from start-ups to multinational corporations such as Lockheed Martin, employing upwards of 37,000 people in cyber-related jobs. With cybersecurity constituting a major growth engine in the region for many years to come, and with leading Federal government, industry and academic assets already in place in the region, the annual CyberMontgomery conference serves to bring them together so that they can coalesce and elevate the cyber ecosystem to a level of national prominence. In that light, CyberMontgomery provides clear direction on finding business opportunities, contracting, forecasted demand areas, workforce development, recruiting & staffing, legal responsibilities for businesses, updates on technologies being developed in the County, and summary updates regarding our NCCoE neighbors, federal civilian agencies and commercial sector leaders