The CyberWire Daily Briefing 11.10.15

Cyber Trends

GCHQ chief to say free market failing on cyber security (Financial Times) The free market is failing when it comes to cyber security, Britain's electronic spy chief is to warn on Tuesday, in a rare public intervention that could pave the way for tougher regulation as the threat of attack becomes "exponential"

Privacy will hit tipping point in 2016 (CNBC) Concerns about online privacy will reach a tipping point in 2016, prompting regulators to crack down on companies, and consumers to demand greater protection, a new study by Forrester Research predicts

Almost two thirds of employees don't understand that critical company information loss, could heavily impact on their company's future (IT Security Guru) Only 39% of UK employees recognise that intellectual property (IP) could damage their company if leaked, according to new research from data loss prevention company Clearswift

Dealing With Emerging Threats (CXO Today) Technology has a major impact on the gathering, storage, retrieval and dissemination of information. However, its main ethical impact relates to accessibility/inaccessibility and the manipulation of information

Cybercrime is the new healthcare crisis (Techspective) The scale and intensity of healthcare related cybercrime is a critical and growing threat to the U.S. medical system

Banks Should Prepare For The Internet Of Things (TechCrunch) It is widely acknowledged that the Internet of Things (IoT) will have a huge impact on nearly every industry, and financial services is no exception

Middle East cyber security market to value $10 billion by 2020 (Security Middle East) Middle East cyber security market to value $10 billion by 2020 as regional companies boost defences against cyber-attacks

Legislation, Policy and Regulation

The Draft Investigatory Powers Bill — what it actually says (Graham Cluley) Many security commentators reacted strongly to UK Prime Minister David Cameron's stated desire to ensure that there could be "no safe place" on the internet for terrorists and criminals

On weakening data encryption, Tim Cook warns "any backdoor is a backdoor for everyone" (Quartz) The UK government wants to increase its power to oversee data on the internet, and has insisted that new measures it plans to put in place are necessary in order effectively to fight terrorism. On the other side of that debate is Apple, which has embraced end-to-end encryption

GCHQ's infosec arm bins advisor accreditation scheme (Register) Too busy listening in to phone calls to listen to customers?

EU Sharpens Tone on Need for Safe Harbor Agreement Replacement (Legaltech News) In addition to releasing a new set of guidelines, EU Commissioner says, 'It is now for the U.S. to come back with their answers'

'E-Neva Convention' needed to set international standards for cyberwarfare, say lawmakers (FierceGovernmentIT) Members of the House Intelligence Committee's National Security Agency and cybersecurity subcommittee sent an open letter to Secretary of State John Kerry and National Security Advisor Susan Rice last week urging the Obama administration to work to create clearer international laws and regulations for cyberwarfare and attacks

Risk of crippling cyber war yet to be addressed, says former US official (ComputerWeekly) Governments need to do more with defensive cyber security because offensive capability will not restore critical services after an attack, says a former US official

Industry says it's fed up with feds' no hack-back rules (FCW) Some companies are frustrated that the government is not hitting back at foreign cyber adversaries and prohibiting the companies themselves from retaliating, according to speakers at a Nov. 5 Chertoff Group event

Closer Look at CISA's Cybersecurity Information-Sharing Provisions (National Law Review) As we reported on October 27, the U.S. Senate passed the Cybersecurity Information Sharing Act ("CISA," S. 754). If enacted into law, CISA would, among other things, establish a voluntary framework for the sharing of cybersecurity threat information between and among the federal government and private entities

The rise of the citizen cyber-soldier (Federal Times) It's no secret that the United States faces advanced, persistent threats to the security of the networks and data that drive our daily lives — from state, state-sponsored, and non-state actors, to criminal organizations, hacktivists, and 'lone wolf' cyber terrorists, even insiders who work amongst us

Products, Services, and Solutions

Bluebox Security Introduces First Solution to Create Self-Defending Mobile Apps for Public App Stores (Bluebox) Bluebox Security®, the mobile app security and analytics company first to pioneer self-defending apps for BYOD employees and the extended enterprise, today introduced a new solution for enterprises to secure their consumer-facing apps and fight back against escalating mobile threats that are placing consumers and businesses at risk

Resilient Systems Enhances Incident Response Platform through Strategic Integrations with IBM and HP (BusinessWire) Resilient's latest release provides response teams with deeper intelligence and quicker enterprise-wide deployment

Cryptzone Releases New Site Module for Security Sheriff (Cryptzone) Integration with Microsoft RMS allows companies to leverage existing technology to dynamically encrypt and control the sharing of sensitive SharePoint data

ESET offers up secure USB drives with built in antivirus (SecurityWatch) ESET has teamed up with Swedish tech firm CTWO Products AB to develop a new range of secure USB drives

Dimension Data launches Managed Security Services in Middle East and Africa (ITWeb) New suite of standardised managed and cloud-based services deployed to tackle current and emerging security threats

ThreatConnect Partners with EnergySec (BusinessWire) EnergySec to use industry's most widely adopted threat intelligence platform for intelligence aggregation, analysis and member collaboration

Niara Goes with Flow for Security Analytics (eSecurity Planet) Security analytics must go beyond server logs to the network packet level, says Niara CEO

Technologies, Techniques, and Standards

Expert: Intel Community Needs to Stabilize Reliance on All Disciplines (SIGNAL) "We need to find the middle and do the middle well," former ambassador says

Technology not always the best fix for operational security issues, expert warns (CSO Australia) Companies must be prepared to end-of-life old security investments and start anew rather than trying to endlessly patch up ponderous legacy environments, an infrastructure-security expert has warned as growing executive attention to cybersecurity empowers CISOs to execute new security mandates

A Security Collaboration Model for IoT (Tripwire: the State of Security) Fifteen years ago, I retired from law enforcement and joined the private sector like many other ex-officers with some expertise in digital forensics investigations

Why Threat Intelligence Feels Like A Game Of Connect Four (Dark Reading) In real life, solving the cybersecurity puzzle has many challenges. But shared wisdom and community defense models are making it easier to connect the dots

Are you ready to anticipate breach? (ITWorld) Leadership mindset is the key to success when it comes to handling breaches and better security

Protecting Users and Enterprises from the Mobile Malware Threat (Internet Storm Center) With recent news of mobile malicious adware that "roots" smartphones, attention is again being paid to mobile security and the malware threat that is posed to it

Marketplace

4 Ways Boards Can Strengthen Cybersecurity (Corporate Compliance Insights) With new cyberthreats constantly emerging, directors need to play an active part

Prepare before you head into the breach on cyber cover (Business Insurance) Risk of cyber attacks is only going to increase, and there is little to prevent it, as hackers seem to stay a step ahead of the technology. Bill Cosgrove, managing principal and practice leader for EPIC Insurance Brokers & Consultants' Financial Institution Practice, says preparation, diligence and a good insurance policy can ease the pain for targeted companies

How Much Is Encryption Worth to the Economy? (National Journal) With strong, ubiquitous encryption under fire, a new research paper tries to assess the economic benefits of encryption

KEYW's losses widen, miss estimates in third quarter (Baltimore Business Journal) KEYW Holding Corp. on Monday reported a worse-than-expected loss in its third quarter, the last before newly hired CEO William J. Weber came on board

The KEYW Holding Corporation (KEYW — $7.39*) Lower Price Target: Delivers Soft September Results; Major Challenges Ahead — Maintain Market Perform (FBRFlash) Last night, November 9, KEYW delivered soft September results with the company missing the Street's estimates across the board. Notably, KEYW's all-important commercial cyber solutions revenue missed the Street estimates yet again, as the company continues to struggle with converting pipeline into deal flow on this front

AVG Technologies Announces 1.6 Million Share Repurchase Program (PRNewswire) AVG® Technologies N.V. (NYSE: AVG), the online security company™ for more than 200 million monthly active users, announced today that it has adopted a share repurchase program under which AVG intends to repurchase up to 1,666,667 of its ordinary shares (the shares) to cover its obligations to deliver shares under its employee stock options incentive and restricted share units plans

Invotas Announces Spin Off from Parent Company CSG International (BusinessWire) Company to become Invotas International and operate as an independent entity

Tenable Network Security Raises $250 Million in One of the Largest Funding Rounds for a Private Security Company (BusinessWire) Series B funding led by Insight Venture Partners and Accel will help accelerate development of the company's next-generation cyber security software

Cybric Closes $1.3 Million Investment to Virtualize and Automate Security, Speeding Remediation from Months to Minutes (Yahoo! Finance) Proven security practitioners from Bank of America, Netflix, Yahoo, Actifio and Dell unite to pioneer the industry's fastest way to find, fix and prevent cyber vulnerabilities

Qualcomm and KT to build LTE-based IoT security solution (ZDNet) Following their agreement in January to jointly develop equipment with secure gateways to the Internet of Things, the companies' recently announced business project aims to make ATMs easier to install and cheaper to maintain

Fortinet, Intel, Palo Alto Networks and Symantec — Big four unite to combat cyber crime (Reseller News) "Managing this risk is a shared responsibility. We need to step forward, and not wait for the adversary to make the move first"

Homeland Security to Fast Track Hiring of up to 1,000 New Cyber Personnel (Nextgov) The Department of Homeland Security plans to fast track the hiring of up to 1,000 new cybersecurity personnel by June, according to a notice set to be published tomorrow in the Federal Register

Former NYPD Commissioner Ray Kelly Joins K2 Intelligence (K2 Intelligence) K2 Intelligence, an industry-leading investigative, compliance and cyber defense services firm founded by Jules B. Kroll and Jeremy M. Kroll announced the appointment of former New York Police Department (NYPD) Commissioner Raymond W. Kelly as Vice Chairman of the firm

Security Patches, Mitigations, and Software Updates

Symantec Endpoint Protection Elevation of Privilege Issues (Security Advisories Relating to Symantec Products) The management console for Symantec Endpoint Protection Manager (SEPM) is susceptible to OS command execution, Java code execution elevation of privilege. SEP clients are susceptible to a binary planting vulnerability that could result in arbitrary code running with system privileges on a client due to only partially addressing this issue in previous releases

Comodo fixes bug that led to issue of banned digital certificates (IDG via CSO) The company issued new certs for internal hosts, which is now banned by the CAB Forum

Everyone blames someone else as classified military smartphones lack patches (Ars Technica) Telecoms, manufacturers hold back critical updates to put classified information at risk

7 serious software update SNAFUs of the last 25 years (CSO) Microsoft's Windows 10 eager early upgrade wasn't the first software update gone way too wrong

Cyber Attacks, Threats, and Vulnerabilities

Ukraine: Cyberwar's Hottest Front (Wall Street Journal) Ukraine gives glimpse of future conflicts where attackers combine computer and traditional assaults

ISIS Hacks Thousands Of Twitter Accounts: Islamic State Hacker Group Vows A Come-Back Following Death Of Cyber Caliphate Leader (International Business Times) Some 54,000 Twitter accounts were reportedly hacked Sunday night by members of the Islamic State militant group, also known as ISIS, who sought revenge for the killing of one of the group's lead hackers earlier this year

Iran cyber spy group hit in coordinated European raids (Reuters via Business Insurance) European authorities have taken action to shut down a cyber espionage operation linked to Iran's powerful Revolutionary Guard in the first operation of its kind since Tehran signed a nuclear treaty, according to security researchers who located computers used to launch attacks

Iranian Hackers Tried to Spy on Israeli Physicists, Nuclear Scientists (Haaretz) Most of the group's cyberattacks were directed at Saudi Arabia, United States, and targets within Iran

Iran 'Rocket Kitten' cyber group hit in European raids after targeting Israeli scientists (Jerusalem Post) Europol, the FBI and Israel's internal security service Shin Bet declined immediate comment

Iranian cyberespionage group attacked over 1,600 high-profile targets in one year (PC World) Security researchers believe they've identified the group's main programmer

Rocket Kitten: A Campaign With 9 Lives (Check Point Software) The customized malware and creative phishing techniques of cyber-espionage groups prove that there is a recurring industry problem

ProtonMail Back Online Following Six-Day DDoS Attack (Threatpost) Encrypted email service ProtonMail is back online today following a crippling six-day attack that saw the company's ISPs and data centers under siege

More websites hit by Armada Collective DDoS blackmail attacks, but won't pay up (Graham Cluley) An online criminal gang calling itself the "Armada Collective" has been demanding that online businesses pay thousands of dollars in Bitcoins, or face having their websites brought to their knees by crippling internet attacks

'Unwieldy' DDoS attacks growing, lasting longer (MISCO) A new study by security firm Kaspersky has revealed some interesting findings on distributed denial of service (DDoS) attacks, including the fact that most of them target the same ten countries — and even cyber criminals take holidays

Experts: DDoS, Extortion Fuel New Attacks on Banks (BankInfo Security) New wave of attacks discussed at Dallas Fraud, Breach Summit

Paying Ransoms to Hackers Stirs Debate (Wall Street Journal) One FBI official says the simplest solution for firms and individuals hit by 'ransomware' is often to pay to retrieve data

Hackers Infect British Parliament Computers with Ransomware (HackRead) Cyber cooks breached the security of British parliament's secure network and hacked into many of its computer systems

New crypto-ransomware targets Linux web servers (Help Net Security) There's a new piece of crypto-ransomware out there, but unlike most malware of this particular type, this one is mainly directed at web servers running on Linux

Linux Ransomware has predictable key, automated decryption tool released (CSO) Linux.Encoder.1 has been broken by researchers, administrators warned that this flaw was a lucky one

The Economist urges readers to check it they were saddled with malware (Help Net Security) Popular UK-based news outfit The Economist — or rather, some of its online readers — have become the latest confirmed victims of an attack executed by hacking anti-adblocking service PageFair

Final TalkTalk breach tally: 4% of customers affected (Help Net Security) TalkTalk continues with its practice of updating the public with information regarding the recent data breach on Fridays, and according to the latest update, the total number of customers whose personal details were accessed is 156,959

Why the cyber attack on TalkTalk should be a wake up call for all organisations (Government Computing) Nick Wilding, head of cyber resilience, AXELOS, explains why cyber security is not just about bits and bytes, it's about behaviour

Quick Heal: IoT and iOS the new targets of malware (ZDNet) Security firm Quick Heal has highlighted devices running Apple's mobile operating system as well as wearables in the Internet of Things space as the next to be hit by historically Android-based hackers

iOS apps more vulnerable than Android (CSO) Applications written for iOS devices have more vulnerabilities than those written for Androids

Beware of Apple-themed phishing emails threatening to limit your account (Help Net Security) A new email phishing campaign is targeting businesses and consumers who have Apple IDs, trying to get them to enter their Apple login credentials, personal and credit card information into a site that mimics that of the popular tech company, the Comodo Antispam Labs team warns

British Airways Facebook Scam — Free Tickets? (Check & Secure) With the recent goings on in Egypt, British Travellers would undoubtedly be pleased for a little good news

Comodo Issues Eight Forbidden Certificates (Threatpost) Certificate authority Comodo admits it incorrectly issued eight certificates that include forbidden internal server names or reserved IP addresses

Norwich International Airport's website hacked in cyber-attack (Eastern Daily Press) Bosses at Norwich airport have confirmed they have been the victims of a cyber-attack — but insisted security was not compromised

San Jose: City websites recovering from unspecified cyber attack (San Jose Mercury News) The city's public-facing websites were rolling back into function Monday after an apparent cyber attack caused intermittent disruptions, including a lengthy outage for the San Jose Police Department's home page

Cyber scammers con firm of £80,000 in two hours (Irish Times) Companies face going out of business if they don't legislate against cyber-crime — which is costing the Northern Ireland economy £100 million a year

New 4G LTE Hacks Punch Holes In Privacy (Dark Reading) Black Hat Europe researchers to demonstrate newly found flaws in 4G mobile that expose privacy and disrupt phone service

6 Critical SAP HANA Vulns Can't Be Fixed With Patches (Dark Reading) Onapsis releases 21 SAP HANA security advisories, including some Trexnet vulnerabilities that require upgrades and reconfigurations

88 Percent of Networks Susceptible to Privileged Account Hacks (Threatpost) IT professionals have long grappled with the inherent risks associated with privileged accounts. Whenever credentials that allow other employees to login to servers, routers, and so forth, are compromised, it can have a dire outcome on the rest of the network

Critical Java Bug Extends to Oracle, IBM Middleware (Threatpost) For close to 10 months, a critical vulnerability in a library found in most Java rollouts has been twisting in the wind, unpatched, and until this week without proof-of-concept exploits that people paid attention to

Three Little Phishes — security lessons from the week just past… (Naked Security) We come across a lot of spams, scams and phishing attempts here at Naked Security

7 ways hackers can use Wi-Fi against you (CSO) Wi-Fi — oh so convenient, yet oh so dangerous. Here are seven ways you could be giving away your identity through a Wi-Fi connection and what to do instead

10 riskiest applications that have passed their expiration dates (CSO) Applications that have reached the ends of their lives are no longer maintained by their original developers, and do not receive security updates. However, many users forget to remove these applications from their machines, or do not realize that they pose a danger

Evading cyber legislation: Jurisprudence cloaking is the future of cyber warfare (Help Net Security) When is an IP address not actually the person, country of origin or device you thought? From Klingons, to Harry Potter, to Xbox Halo's Master Chief, the world has dreamt up scores of science fiction stories around the concept of visually cloaking someone in plain sight

Government CIOs and CISOs under siege by insider threats (CIO) As the Office of Management and Budget rolls out a framework to help agencies advance their cybersecurity posture, a new report highlights pervasive vulnerabilities from insiders

Privileged access to federal IT systems remains a problem, survey finds (FierceGovernmentIT) Federal workers may have more access to IT systems and applications than they need, and those working in agencies' more sensitive systems often go unmonitored, a recent survey found

Stolen or lost devices and the risks of remote working (Help Net Security) 44 percent of organizations believe a member of their senior management has lost a mobile device in the last year, whilst 39 percent say senior management had a device stolen

Own a Vizio Smart TV? It's watching you (Ars Technica) Vizio is offering advertisers "highly specific viewing behavior data on a massive scale"

Academia

Northrop Grumman to be Industry Partner in "CyberInvest" UK University Research Initiative (Nasdaq) U.K. government announces public/private partnership to bolster cyber security research investment across the U.K.'s academic sector

The secret school that trains 'silent warriors.' (Hint: It helps the NSA.) (Chicago Tribune) Leonard Reinsfelder's wife found a note on her car as she was leaving a shopping center one day: "Have your husband give us a call. We think we could use him"

Litigation, Investigation, and Enforcement

Tackling crime on the Dark Web with new Joint Operations Cell (Naked Security) GCHQ and the National Crime Agency (NCA) in the UK have formed a new unit with which to police the Dark Web

Federal judge halts NSA phone surveillance of plaintiffs (USA TODAY) A federal judge ruled Monday that the National Security Agency must stop collecting the phone records of a handful of Americans who challenged the legality of the mass surveillance program

House committee letter demands: 'Who's using Stingrays?' (Federal Times) Rep Jason Chaffetz, R.-Utah, wants to know which federal agencies own cell-phone tracking devices, known as Stingrays and what they are doing with them

Facebook must stop tracking Belgian users in two days or be fined &126;$267K daily (Ars Technica) More privacy woes for company in the wake of Safe Harbour being struck down

Fugitive nabbed after posting selfies from Mexico (Naked Security) A fugitive is back in custody having spent a year posting selfies onto Facebook showing his tanned mug and his beachside hideaway

Design and Innovation

How 3 Oregon tech firms plan to make the Internet of Things smarter — and less creepy (Portland Business Journal) Computer science research and development firm Galois, mobile ticketing firm GlobeSherpa and smart home startup IOTAS are teaming up on a project funded by the federal National Institutes of Standards and Technology

The Secret World Of Ciphers (Semiconductor Engineering) What's changing in this clandestine sector, and what does it really take to be an expert?