Anonymous continues its cyber riot against ISIS, and attracts some grudging love from many who deeply disapprove of the anarchist collective.
India's government acknowledges that someone has accessed and exfiltrated classified information from its networks. Suspects remain unidentified.
The lovelorn are warned to beware Valentine cyberscamming.
As credit monitoring and identity-theft protection services begin for customers affected by the Anthem breach, the Insurance Insider's sources lead it to believe that Anthem's cyber coverage (said to be provided by AIG, and said to amount to $100M) will soon be exceeded by its liabilities. Anthem's travails spur other companies to think hard about encryption, privileged access, and value-at-risk.
Anthem's response provides an interesting case study in attack information disclosure: the company shared indicators of compromise (including MD5 hashes, IP addresses, and the email addresses used by attackers) with HITRUST's Cyber Threat Intelligence and Incidence Coordination Center. This may provide a useful comparison with the role envisioned for the new US Cyber Threat Intelligence Integration Center. That Center appears central to President Obama's information-sharing policy as he opens the California cyber summit today. Reaction to Center and summit remain mixed (the Hill calls some CEOs' decision to stay home a "snub;" the Electronic Frontier Foundation summarizes the skeptical take on the CTIIC) but significant executive orders are expected shortly.
Cyber security story stocks continue to rise post-Anthem.
The NIST framework turns one year old, and receives positive reviews.
Russia appears ready to ban VPNs and Tor as it continues to ratchet up censorship.