The CyberWire Daily Briefing 12.30.15
Today's issue includes events affecting China, France, Germany, India, Iran, Iraq, Israel, Democratic Peoples Republic of Korea, Russia, Syria, Turkey, United Kingdom, and United States.
The CyberWire will be taking this Thursday and Friday off for the New Year holidays. We'll be back as usual on Monday, January 4. In the meantime, best wishes for a safe, secure, and happy 2016.
Cyber Attacks, Threats, and Vulnerabilities
ISIL aims to launch cyberattacks on U.S. (POLITICO) Its hackers have tried to penetrate computers that regulate the nation’s electricity grid, U.S. officials say.
ISIS Cyber Attack? US Government, Planes Threatened With Malware, Hacking By Islamic State (International Business Times) The Islamic terrorist group has looked to carry out cyberattacks in 2016, according to a new report.
What Twitter Really Means for Islamic State Supporters (War on the Rocks) Abu Ahmad, one of Islamic State’s most active supporters online says he has had over 90 Twitter accounts suspended, but is not planning to slow down. He
Can we prevent terrorism by checking immigrants’ social media accounts? No. (Washington Post) In the wake of the recent San Bernardino attack, the New York Times published a story based on confidential sources that at least one of the perpetrators, Tashfeen Malik, had expressed anti-American sentiments and a desire to commit “violent jihad” on at least one social network before applying for a K-1 visa. The article implied […]
U.S. Spy Net on Israel Snares Congress (WSJ) Even as the White House two years ago said it would curtail eavesdropping on friendly heads of state, it decided to keep certain allies—such as Israel— under close watch. In the process, the NSA also swept up the content of private conversations with U.S. lawmakers.
The Cold War-Era Rules Designed to Protect U.S. Lawmakers’ Communications (WSJ) The rules governing the way the National Security Agency treats intercepted communications involving U.S. lawmakers date back to the Cold War.
Windows 10 covertly sends your disk-encryption keys to Microsoft (Boing Boing) Windows 10 covertly sends your disk-encryption keys to Microsoft
Microsoft may have your encryption key; here’s how to take it back (Ars Technica) It doesn't require you to buy a new copy of Windows.
Users No Longer Need to Jailbreak Apple iOS To Load Rogue Apps (Dark Reading) 'DarkSideLoader' app stores can side-load apps and circumvent official app stores on any iOS device.
Actor using Rig EK to deliver Qbot - update - SANS Internet Storm Center (SANS Internet Storm Center) SANS Internet Storm Center - A global cooperative cyber threat / internet security monitor and alert system. Featuring daily handler diaries with summarizing and analyzing new threats to networks and internet security events.
ProxyBack Malware Converts Your PC Into Proxy (HackRead) Palo Alto Networks researchers have identified a unique malware that infects home PCs and transforms them into internet proxies using HTTP tunnel. As per
Android Malware Poses As Google App To Ditch Security Apps (HackRead) Android Malware poses as Google app to infect Android Devices and to Block Security Apps. Recently, security researchers at Symantec Corp identified a
Hacked Website of Connecticut University Caught Spreading Malware (HackRead) Simple DNS hijacking enables attackers to distribute Fake Infected Flash Player at UConn website. On Sunday, the official web portal of the University of
Hyatt Hotels Confirm Security Breach in Payments System (Payment Week) Hyatt Hotels is the latest large-scale brand to fall victim to crippling security attacks.
Someone Hacked A Freeway Sign To Display Pro-Donald Trump Message (HackRead) On Christmas Day Caltrans Freeway sign in Corona Displayed Especial Message for Donald Trump. On Christmas Day, Caltrans Freeway sign in Corona
In A Cyber Attack, Dead ATMs Would Be The Least Of It (Forbes) The electrical grid is vulnerable to cyberattacks and it may be impossible to know where one came from, so it would be very hard to deter.
Vulnerability Summary for the Week of December 21, 2015 (US-CERT) Vulnerability Summary for the Week of December 21, 2015
Security Patches, Mitigations, and Software Updates
Microsoft security advisory: Update for vulnerabilities in Adobe Flash Player in Internet Explorer and Microsoft Edge: December 29, 2015 (Microsoft Support) Microsoft has released a security advisory for IT professionals about vulnerabilities in Adobe Flash Player in the following web browsers: Internet Explorer in Windows 8, Windows Server 2012, Windows 8.1, Windows Server 2012 R2, Windows 10, and Windows 10 version 1511 Microsoft Edge in Windows 10 and Windows 10 version 1511…
As Internet Gets Faster, Volume of DDoS Attacks Grows, Akamai Reports (eWEEK) Broadband speeds aren't the only thing on the rise. The volume of security risks are also increasing, says Akamai's 3Q15 State of the Internet report.
Your Next Big Break: 2016 Data Breach Predictions (Legaltech News) LightCyber's David Thompson breaks down past breaches to find the trends for the year ahead.
The weird and wacky of 2015: strange security and privacy stories (Naked Security) These wacky stories remind us how important cybersecurity and online privacy have become in all areas of our lives.
Security's Biggest Winners and Losers in 2015 (WIRED) 2015 had several wins for privacy and security—but they were kept in check by losses and failures.
Consumers Facing New Cyber Security Challenges In Upcoming Year (WSPA) Cyber security experts are predicting what kind of hacks we might face in 2016.
This Was the Year the Media Started Doubting the Web (WIRED) As ad-blockers made publishers doubt the web, the media industry has become dependent on Facebook, Twitter, and Apple to reach readers.
Crystal Ball for Software in 2016; M&A, Growth, Cloud Spending—and Another Ring for Curry? (FBR Capital Industry Update) Although we expect many of the same next-generation software technologies from the past couple of years to continue garnering investor interest in 2016, we believe the vendors disproportionately poised to benefit from increasing adoption and more broad-based consumption will be front and center as these technologies inch toward becoming the core DNA of next-generation data centers for enterprises/governments worldwide. To this point, with the ongoing explosion of data, we expect vendors with strong cloud, security, and big data analytics offerings to be well positioned to capitalize on robust market growth in 2016
A New Cyber Security ETF from Global X Is on Its Way (Revised) (Zacks Investment Research) It remains to be seen whether the porposed ETF willl be able to compete with HACK and CIBR.
Michael Dell Tweets His Own Horn Ahead Of SecureWorks IPO (Forbes) Billionaire tech entrepreneur Michael Dell recently tweeted this out to his 910,000 plus followers: "My business card in 1984, year I started. 1st space 1000 sq ft, lasted 30 days. Never forget where you came from."
Mercury Systems Eyes National Security Sector With Newly Acquired Electronics Firm (GovCon Wire) Mercury Systems (Nasdaq: MRCY) has acquired privately held electronics company Lewis Innovative Tech
Avecto Wins $49M from JMI Equity to Grow Endpoint Security Strategy (Channel Futures) Endpoint security software firm Avecto has received its first external funding with $49 million in investment from JMI Equity.
Palantir and Investors Spar Over How to Cash In (WSJ) The data-mining firm has no interest in an IPO, but some employees and even co-founders are trying to sell shares anyway.
Products, Services, and Solutions
Protect your Android for free – here’s a present for your new present! (Naked Security) Got a new Droid as a present? Why not protect it with our free Android anti-virus and security app?
Technologies, Techniques, and Standards
Threat Information Sharing Is Easier With STIX (Security Intelligence) STIX is the language used to share cyberthreats, and all security professionals and organizations should know how to use it effectively.
5 Tips For Getting The Most Out Of Your Firewall (Dark Reading) Despite concerns over the effectiveness of perimeter technologies, firewalls remain a staple in the enterprise security arsenal.
Using surveys to gauge employees' security perceptions (SecurityInfoWatch.com) Despite their perceived downsides, employee security surveys can be quite beneficial
10 Tips To Protect Your Business From a Cyber Security Attack (Lawley Insurance) Follow these tips to help potentially avoid a cyber security attack and keep your business data safe from hackers during Cyber Security Awareness Month
Design and Innovation
Open Source Software's Role in Breach Prevention and Detection (eSecurity Planet) While proprietary vendors dominate the intrusion prevention and detection market, open source software plays a key role.
John McAfee Wants to Make Passwords Obsolete (Time) He's manufacturing a device that “unlocks” everything from your smartphone to your front door
Research and Development
IBM (NASDAQ:IBM) And Alphabet Move Towards Practical Quantum Computers (Amigobulls : Technology Stock Analysis) While IBM has been awarded multi-year IARPA quantum computing contract, Google has made significant steps towards developing practical quantum computers.
Legislation, Policy, and Regulation
International cyber security law developments in 2015 (Economic Times Blog) The year 2015 saw the strengthening of cyber security thought process by nations. Nations very quickly realized in 2015 that there were no international treaties, arrangements which would prevent breaches of cyber security. The absence...
The terrorist in the data (The Economist) How to balance security with privacy after the Paris attacks
North Korea’s dissident-tracking computer software is a dictator’s wet dream (Quartz) The system secretly watermarks files to show who's accessed them.
Parliament: Store Critical Data in India (InfoRiskToday) To ensure cybersecurity, a Parliamentary panel urged DeitY to relocate Internet servers for critical sectors to India. Security critics discuss the legal and
Is India Ready for an Information Sharing Act? (InfoRiskToday) As the US government enacts its Cybersecurity Information Sharing Act, the question becomes: Is India ready for such legislation? What bottlenecks await, and how
Why Tech Companies Need to Follow China's New Anti-Terrorism Law (Legaltech News) While the law “creates the duty” without defining how it will be “exercised” companies should watch how it will be written into regulation
White House finally delivers on cyber deterrence policy (FederalNewsRadio.com) The Obama administration will use law enforcement and even military force to deter cyber attacks in new policy.
Landmark Cybersecurity Legislation Included in Omnibus Package (JD Supra) Action Item: Congress included the Cybersecurity Act of 2015 (the “Act”) in the Consolidated Appropriations Act, 2016 (P.L. 114-113), passing...
Will a new cybersecurity law make us safer? (PBS NewsHour) Folded into the massive spending and tax cut bill was a significant and controversial new law on cybersecurity. The act encourages private companies to share data about hacks with the government, but it's raising questions among security advocates and privacy groups alike. Jeffrey Brown talks to James Lewis of the Center for Strategic and International Studies and Elissa Shevinsky of JeKuDo.
Cybersecurity Act of 2015 is Ineffective, Warns DB Networks (PRNewswire) Act is based on fundamentally flawed assumptions, obsolete Cybersecurity technologies
A Wake-Up Call To Fight Government Surveillance (TechCrunch) Look around any crowded place nowadays and it’s quite clear that many of us have literally become prisoners of our own devices: smartphones, tablets, laptops -- anything and everything with an Internet connection. Our lifestyles practically require us to always be on, and connected to everyone else.
Congress wants to strengthen financial sanctions against Islamic State (Stars and Stripes) With Washington at loggerheads over how to counter the Islamic State on the ground, both parties are proposing expanded financial sanctions as a strategy to assail the terrorist group's operations.
Killing the Islamic State Softly (Foreign Policy) Military power will win battles in Syria and Iraq, but only soft power can win the war.
ISIS is Not a Terrorist Organization (Small Wars Journal) The term “terrorist organization” offers little insight and limits our understanding and approach. ISIS is an insurgent organization using terrorism as a tactic.
Fighting While Friending: The Grey War Advantage of ISIS, Russia, and China (Defense One) Can democracies compete 'where powers can be fighting each other with one hand and shaking hands with the other?'
FBI Seeks to Reframe Encryption Debate (WSJ) The FBI is issuing a more direct challenge to technology companies in the wake of terror attacks in Paris and California, urging them in blunter terms to allow investigators to decrypt private communications during terror probes.
Spy agencies resist push for expanded scrutiny of top employees (Washington Post) A move by Congress to demand more details about senior spies is watered down in final bill.
Litigation, Investigation, and Law Enforcement
Pakistan launches crackdown on Isis (Financial Times) Pakistan has arrested eight alleged members of Isis near Sialkot in Punjab province, in the latest move by a south Asian government to counter the widening influence of the extremist Sunni Muslim group based in Iraq and Syria
'Silent bomber' couple guilty of plot (BBC News) A husband and wife are found guilty of plotting a terror attack in London ahead of the 10th anniversary of the 7 July bombings.
Editorial: Terrorism details can hide in plain sight (Dallas News) As Garland and San Bernardino cases reveal, what we know rises exponentially after the fact. What should we have known before?
For a complete running list of events, please visit the Event Tracker.
cybergamut Tech Tuesday: The Threat Landscape and the Path Forward: Fundamentals of a Risk-Aware Orgnaization (Elkridge, Maryland, USA, Jan 5, 2016) John McLaughlin of IBM Security provides a quantitative analysis of the attacks seen by IBM and the thousands of IBM customers in the preceding year. Specific attention will be paid to the protocols engaged, attack patterns, and trends seen in these attacks. In addition, these attacks are characterized by targets, time, and degree of success. Following the quantitative reporting, the remainder of the presentation focuses on an actionable plan for securing the enterprise. Simply describing the problem is no longer sufficient. This plan consists of a multi-step roadmap, a product independent approach to securing the enterprise against the previously described attack vectors
cybergamut Tech Tuesday: The Threat Landscape and the Path Forward: Fundamentals of a Risk-Aware Organization (Elkridge, Maryland, USA, Jan 5, 2016) John McLaughlin of IBM Security provides a quantitative analysis of the attacks seen by IBM and the thousands of IBM customers in the preceding year. Specific attention will be paid to the protocols engaged, attack patterns, and trends seen in these attacks. In addition, these attacks are characterized by targets, time, and degree of success. Following the quantitative reporting, the remainder of the presentation focuses on an actionable plan for securing the enterprise. Simply describing the problem is no longer sufficient. This plan consists of a multi-step roadmap, a product independent approach to securing the enterprise against the previously described attack vectors
CES CyberSecurity Forum (Las Vegas, Nevada, USA, Jan 6, 2016) Premiering at CES 2016 — the global stage for next generation technologies — The CyberSecurity Forum will bring together security experts and technology visionaries with executives and policymakers to tackle current and looming cyber security challenges. Registration is limited to ensure a highly interactive experience and opportunities for networking
FloCon 2016 (Daytona Beach, Florida, USA, Jan 11 - 14, 2016) The FloCon network security conference provides a forum for large-scale network flow analytics. Showcasing next-generation analytic techniques, FloCon is geared toward operational analysts, tool developers, researchers, and others interested in applying the latest analytics against large volumes of traffic
Cyber Security Breakdown: Chicago (Chicago, Illinois, USA, Jan 12, 2016) This half day session will provide you with the critical information you need to start formulating an effective response in the eventuality of a cyber security event. Rather than try and handle the breach during the chaos of the event, you'll understand how to build in advance, the best practices to respond effectively. Attend the Cyber Security Breakdown event that is focused on the unique issues and threats facing legal professionals
Breach Planning & Incident Response Summit: Proactive Collaboration Between Private Industry and Law Enforcement to Mitigate Damage (Odenton, Maryland, USA, Jan 12, 2016) The Cybersecurity Association of Maryland, Inc.(CAMI), Chesapeake Regional Tech Council, Maryland Chamber of Commerce, Chesapeake Innovation Center, Tech Council of Maryland are partnering together to host this event designed to attract and educate CIO's, CISO's, CEO and Compliance officials from small to mid-sized commercial firms on the practical actions taken by the government, firms and organizations post-hack
Insider Threat Program Development Training Course — Georgia (Atlanta, Georgia, USA, Jan 12 - 14, 2016) The National Insider Threat Special Interest Group website has some very "eye opening" examples of how "damaging and costly" an "insider threat incident" can be. The FBI Insider Threat Alert states companies victimized by current or former employees incur costs from $5,000 to $3 million. bring? Is your company required to establish an Insider Threat Program per the requirements of NISPOM Conforming Change 2? Insider Threat Defense has trained a substantial number of U.S. Government Agencies (DoD, IC), Defense Contractors, Critical Infrastructure Providers, Aviation Security Professionals, large and small businesses on Insider Threat Program Development and Insider Threat Risk Mitigation
FTC PrivacyCon (Washington, DC, USA, Jan 14, 2016) The Federal Trade Commission will in January hold a wide-ranging conference on security and privacy issues lead by all manner of whitehat security researchers and academics, industry representatives, consumer advocates
POPL 2016 (St. Petersburg, Florida, USA, Jan 20 - 22, 2016) The annual Symposium on Principles of Programming Languages is a forum for the discussion of all aspects of programming languages and programming systems. Both theoretical and experimental papers are welcome, on topics ranging from formal frameworks to experience reports
Automotive Cyber Security Summit — Shanghai (Shanghai, China, Jan 21 - 22, 2016) The conference, which brings together automakers, suppliers, various connected-services providers and security specialists, will focus on government regulations, emerging automotive cyber security standards and new products and solutions designed to deal with the growing threats
CyberTech 2016 (Tel Aviv, Israel, Jan 26 - 27, 2016) Cybertech is the most significant conference and exhibition of cyber technologies outside of the United States. Cybertech provided attendees with a unique and special opportunity to get acquainted with the latest innovations and solutions featured by the international cyber community. The conference's main focuses are on networking, strengthening alliances and forming new connections. Cybertech also provided an incredible platform for Business to Business interaction
Global Cybersecurity Innovation Summit (London, England, UK, Jan 26 - 27, 2016) SINET presents the Global Cybersecurity Innovation Summit, which focuses on providing thought leadership and building international public-private partnerships that will improve the protection of our respective homeland's critical infrastructures, national security and economic interests. Our objective is to advance innovation and the growth of the cybersecurity sector by providing a platform for cybersecurity businesses, particularly small and medium enterprises (SMEs), to connect with key UK, US, and international decision makers, system integrators, investors, government policy makers, academia and other influential business executives
Fort Meade IT & Cyber Day (Fort Meade, Maryland, USA, Jan 27, 2016) The Ft. Meade IT and Cyber Day is a one-day event held at the Officers' Club (Club Meade) on base. The event is held on-site, where industry vendors will have the opportunity to display their products and services to IT, Communications, Cyber and Intelligence personnel
ESA 2016 Leadership Summit (Chandler, Arizona, USA, Jan 31 - Feb 3, 2016) The electronic security industry is rapidly changing and continuously evolving. It's not enough to just survive. Businesses looking to thrive need to adapt to ensure their people, products, services and practices stay ahead of the curve. The Summit is a three-day conference filled with networking and educational opportunities dedicated to delivering business intelligence to electronic security companies and professionals that are ready to embrace innovation and grow