The CyberWire Daily Briefing 04.03.15

Summary

By The CyberWire Staff

As Air France sustains cyber vandalism from Algerian mujahedin and Anonymous continues to out ISIS-sympathizing Twitter handles, Recorded Future outlines indicators that ISIS itself may be going beyond its familiar information operations playbook to develop cyber offensive capabilities. But they conclude the evidence is ambiguous at best, probably more consistent with rioting by sympathizers and wannabes than with any centrally directed campaign. (One tip-off: Cyber Caliphate's co-hacking with Lizard Squad.)

Errata Security points to Great Firewall enabler Unicom China as the fons et origo of the GitHub DDoS attack.

IBM Security warns of "Dyre Wolf," an Eastern European criminal gang with a well-tuned and effective multi-vector toolkit that's robbing large and medium-sized US companies with bogus wire transfers. IBM particularly notes Dyre Wolf's social engineering techniques, "unprecedented" in their sophistication.

ICS security mavens at Control Global seek to play their familiar role of reality principle amid industrial control system FUD and its opposite (which we might call CUD: complacency-unawareness-denial). Other reports, after this week's scare in Turkey, delineate threats to power grids and other infrastructure.

Cisco enhances its software-defined-networking capability by acquiring Embrane. Salesforce picks up mobile security shop Toopher, and Check Point closes its long-anticipated acquisition of Lacoon.

The TrueCrypt audit is complete and finds no backdoors, but many worry about the encryption tool's future.

NIST releases a draft of IR 8050, and invites comment on its recommendations for improving consumer data security and privacy.

The just-enacted US cyber sanctions policy draws skepticism on familiar attribution and due-process grounds.

Notes.

Today's issue includes events affecting Algeria, Estonia, France, Georgia, Iran, Iraq, Democratic Peoples Republic of Korea, Republic of Korea, Lebanon, Luxembourg, Philippines, Poland, Russia, Syria, Ukraine, United Arab Emirates, United States

Selected Reading

Cyber Trends

How Cloud Encryption Has Changed in 2015 — and What the Future Holds (Infosec Institute) When mega-retailer Target was the victim of a data breach during the 2013 holiday season, more than 70 million customers earned that their personal information, including email addresses and credit card numbers, had possibly been compromised. However, there was one small bright spot in the torrent of bad news: Target reported that the PIN numbers for compromised debit cards were encrypted, and therefore useless to the criminals who now had access to them

The biggest cyberthreat to a firm: Employees (Investment News) Internal hacking is an emerging danger for advisers

Midsized Companies, Supersized Network Security Needs (SecurityWeek) Small and midsized businesses (SMBs) are the engine of the recovering economy. According to recent U.S. government numbers, just over 60 percent of the U.S. private sector workforce is now employed by companies with fewer than 1,000 employees. Not only are SMBs significant employers, they are also among the earliest adopters of new technologies

10 Facts About Cybersecurity and How They Impact You (Social Times) Cybersecurity is one of the most pressing concerns for business and consumers, especially when it comes to social media. So much personal identifiable information (PII) exists across the internet that it's practically inevitable that malicious forces would try to take it. An infographic from Heimdal Security outlines 10 cybersecurity facts and how they impact your online security

How secure is your online banking app? (IT Pro Portal) People are becoming increasingly concerned about their security. They use two-step authentication, login alerts, and third-party security services to better protect their email and social media accounts. One would hope for a similar — if not more secure — level of protection from our banks. After all, this the place where we put most of our earnings and savings, However, apparently we are all mistaken. Mobile security firm Appvigil is reporting that as many as 70 per cent of the top 100 mobile banking apps on the Android operating system in the APAC region are vulnerable to security attacks and data leaks. Don't live in the said region? That's no reason to relax. The report further pinpoints vulnerabilities in mobile banking apps found in other regions as well

Luxembourg's cyber security landscape is a warzone (Luxemberger Wort) Cyber attack incidents have skyrocketed in Luxembourg in the past year as companies are failing to take appropriate preventative steps, it emerged at an IT security conference

Taiwan ranks third largest cyber attack target in Asia (Focus Taiwan) Taiwanese enterprises have come under mounting threat of targeted attacks on their computer networks, FireEye, Inc., said Thursday, citing 2014 data placing Taiwan in the third place, behind South Korea and Hong Kong, on the volume of advanced persistent threat (APT) activities in the Asia-Pacific region

Legislation, Policy and Regulation

The Normalization of Cyber-International Relations (ISN) Has the gradual transition to cyber-based international relations had unintended consequences? Myriam Dunn Cavelty thinks so. By focusing exclusively on state-to-state relations and defending against cyber-attacks, state actors have given short shrift to other voices and the possibility of large-scale cyber-exploitation

The Problem with Hybrid Warfare (War on the Rocks) Europe is now a petri dish for hybrid war. Events of the past decade, not to mention the last few years, have reaffirmed the value of a concept that sought to explain a range of diverse, coercive instruments across the operational spectrum of war. Hybrid warfare is a term that sought to capture the blurring and blending of previously separate categories of conflict. It uses a blend of military, economic, diplomatic, criminal, and informational means to achieve desired political goals. The Chairman of the Joint Chiefs of Staff, General Martin Dempsey, has referred to these hybrid threats as an "inflection point" in modern war. Indeed, in the disordered post-Cold War world, hybrid warfare remains an excellent framework for understanding the changing character of war

In the cyber domain, US ready to take offense (Defense Systems) Is the U.S. ready to go on offense in the cyber domain? It is certainly taking incremental steps in that direction. Exclusively focusing on defensive measures will not deter malicious behavior such as theft of intellectual property or manipulation of data, Adm. Michael Rogers, commander of U.S. Cyber Command and the director of the National Security Agency, said at the AFCEA Cybersecurity Technology Summit in Washington today. According to Rogers, the United States right now is reacting rather than acting

Don't let America be boxed in by its own computers (Washington Post) As director of the National Security Agency and then the Central Intelligence Agency after the Sept. 11, 2001, attacks, I fought to provide our intelligence officers with every possible advantage in their work to detect and confront threats from our enemies

Executive order could lead to severe sanctions against foreign hackers, if they can be identified (FierceITSecurity) President Barack Obama's new executive order could mean severe sanctions against foreign hackers, if they can be clearly identified

Obama's Cyberthreat Sanctions Aimed at Bigger Targets (US News and World Report) The new measures could prevent trade theft, but have also sparked concern

ABA Statement on White House Executive Order on Cyberattacks (American Bankers Association) "The executive order issued today sends a strong signal to cybercriminals and foreign entities that America is committed to fighting this increasing threat. U.S. businesses are committed to working with the government to help protect our critical infrastructure and the economic security of our country"

Obama cyberattacker sanctions raise due process, attribution concerns (IDG via CSO) New U.S. government sanctions targeting the bank accounts of suspected cyberattackers raise questions about due process for people who feel they're wrongly accused and about how agencies will identify the source of attacks

Making the world safe for Sony (Al Jazeera America) With the stroke of a pen Wednesday, President Barack Obama christened his country's latest national emergency, issuing an Executive Order he said was necessary to address "an unusual and extraordinary threat" from malicious hackers abroad

EFF General Counsel Takes On NSA Spying (Dark Reading) Kurt Opsahl talks to Dark Reading about government surveillance and privacy in anticipation of his Interop keynote

Tech companies leery of sharing cyber threats with feds (USA TODAY) U.S. tech companies still don't trust the federal government enough to share information about cyber threats, the top cybersecurity official at the Department of Homeland Security said Thursday

Why We Have Breach Notification All Wrong (Security Current) The recent $10 million settlement of the Target data breach demonstrates why we have data breach notification all wrong

Net Neutrality Ruling Missed Chance to Improve Security (Dark Matters) Net Neutrality is the principle that applies "common carrier" rules to the Internet in order to preserve its freedom and openness

Brace Yourselves, The Net Neutrality Legal Challenges Are Coming (TechCrunch) On Wednesday afternoon the Federal Communications Commission filed its net neutrality order to the Federal Register, an FCC official confirmed to TechCrunch. Once published by the Register, the filing opens the gates to an inevitable outpouring of legal challenges from net neutrality opponents

Products, Services, and Solutions

Google Report Lauds Android Security Enhancements (Threatpost) Google has put some hard numbers behind the effectiveness of the security enhancements it has dropped into Android in the past year, and results show that things such as SE Linux (SE Android), Verify Apps and Safety Net have cut down on successful attacks against the Android operating system, significantly lowered the number of potentially harmful apps allowed onto mobile devices, and reduced the opportunity for network-level attacks leveraging Android devices

Best free Android antivirus comparison (Softonic) Our phones house our most personal data like our address, photos, and banking information. Cyber criminals know this and are targeting our phones, especially Android devices since they make up almost 80% of the smartphone market

Tresorit for Business (Help Net Security) In the cloud computing era, companies need to be proactive on secure collaboration and file sharing. Tresorit for Business is a solution that, among other things, helps organizations with managing, protecting and preventing leaks of their corporate data

Avast Antivirus makes it easy to assists friends and family with computer issues (Myce) Antivirus company Avast has posted about a feature that makes it possible for expert users that are often asked by family and friends, to solve issues by remotely assisting them. The antivirus software contains a feature called "Remote Assistance" which allows Avast users to help others

Real-Time Software solves enterprise application security challenges. (Thomasnet) Leveraging distributed agents, Contrast Enterprise enables vulnerability identification as applications run at enterprise scale. REST API and scriptable zero-configuration installers provide complete automation of application security into any software development life cycle, while 10+ information sources are used to discover vulnerabilities while eliminating false positives. Deployed and operating within 7 min, solution supports Java 8 and legacy versions of Microsoft .NET

Mobile Call Interception is Affecting You (Charon Technologies) If your job involves security or intelligence, trade secrets, or research and development, you are a target for mobile call interception. When you use your mobile phone, either at work or in your personal life, you can't guarantee that you're actually connecting with a legitimate cell tower. While you might think your phone is connected to a secure AT&T or Verizon network, it's possible that your phone is connecting to a "rogue tower" without you knowing it — and that your calls and data are under surveillance

Internet-of-Things solutions enabled by Gemalto win 2015 Connected World Awards (CSO) Gemalto, the world leader in digital security, is enabling two Internet of Things (IoT) solutions that won the prestigious 2015 Connected World Awards. Gemalto contributed its ruggedized M2M connectivity and security technology for these award-winning solutions designed by Airo Wireless, and by SOLARKIOSK. The awards highlight Gemalto's industry leading Cinterion(R) technology, which delivers high-speed, low latency wireless connectivity and security for Airo's first-to-market 4G intrinsically safe industrial PDA as well as SOLARKIOSK's E-HUBB, a solar powered autonomous energy system and business hub that enables sustainable local entrepreneurship and economic development in communities throughout several emerging economies in Africa and Asia

Vorstack Wins Computer Technology Review MVP Award for Protecting Organizations Against Cyber Threats (Marketwired) Vorstack threat intelligence platform wins most valuable product for reducing discovery time and complexity of identifying online security risks

SANS Institute Honors LogRhythm in "Best of 2014 Awards" (BusinessWire) LogRhythm wins "Best SIEM" category for 2014

Technologies, Techniques, and Standards

Open Crypto Audit Project: TrueCrypt Cryptographic Review (NCC Group) During the engagement, CS identified four (4) issues, and none led to a complete bypass of confidentiality in common usage scenarios. The standard workflow of creating a volume and making use of it was reviewed, and no significant flaws were found that would impact it

Truecrypt report (A Few Thoughts on Cryptographic Engineering) A few weeks back I wrote an update on the Truecrypt audit promising that we'd have some concrete results to show you soon. Thanks to some hard work by the NCC Crypto Services group, soon is now. We're grateful to Alex, Sean and Tom, and to Kenn White at OCAP for making this all happen

Crack security team finishes TrueCrypt audit — and the results are in (Register) Disk encryption wonder-tool probed amid developer disappearing act

TrueCrypt security audit is good news, so why all the glum faces? (Ars Technica) No fatal flaws found but troubling questions about TrueCrypt's future remain

NIST Invites Comments on Challenges in Protecting Consumer Data (NIST Tech Beat) The National Institute of Standards and Technology (NIST) invites the public to comment on a report from the Feb. 12, 2015, Executive Technical Workshop on Improving Cybersecurity and Consumer Privacy. The workshop, a collaboration with Stanford University, brought together chief technology officers, information officers and security executives to discuss the challenges their organizations and industrial sectors face in implementing advanced cybersecurity and privacy technologies

NIST IR 8050: Executive Technical Workshop on Improving Cybersecurity and Consumer Privacy (National Cybersecurity Center of Excellence) Cybersecurity incidents have grown swiftly from conceivable to realized risks that regularly threaten national and economic security of the United States. These risks threaten the financial security of companies and the public, weaken consumer confidence, erode individual privacy protections, and damage the brand value and reputation of businesses. On February 12, 2015 the National Institute of Standards and Technology (NIST) and Stanford University hosted an executive technical workshop, held in coordination with the White House Summit on Cybersecurity and Consumer Protection, to discuss how to increase the use of advanced cybersecurity and privacy technologies in consumer-facing organizations. This document details the discussion and ideas presented at the workshop and serves as a platform to receive broader feedback on the relevance of projects and suggestions discussed at that event

4 ways to balance health privacy, data sharing (FierceHealthIT) Robert Wood Johnson Foundation report calls for better data governance policies, more public education

Data for Health: Learning What Works (Robert Wood Johnson Foundation) The Robert Wood Johnson Foundation (RWJF) initiative, Data for Health, explores how data can be collected, shared, protected, and translated in ways that are useful to individuals, organizations and communities. With the opportunity of exponentially increasing amounts of data about almost every aspect of our lives, we face the challenge of how to effectively harness it, share it, and use it to guide public policy, as well as help efforts aimed at improving health

This tool can warn you about evil access points nearby (IDG via Computerworld) It can even attack rogue Wi-Fi access points for you, the developer says

Cyber threat intelligence is crucial for effective defense (CSO) It's impossible to defend against every possible exploit and threat vector. Businesses have to allocate limited resources to provide the best possible defense against the most probable threats. That requires threat intelligence. A new report titled Importance of Cyber Threat Intelligence to a Strong Security Posture illustrates how crucial threat intelligence is for effective security

Red Teams (Medium) When you can't find the bad guys, make some up

Make it stop!: Data breaches (SC Magazine) Sharing lessons learned with managers and staff is key to halting breaches, says Lena Smart, CIO, New York Power Authority

Marketplace

Beirut's Bright Future As A Tech Hub For MENA, If Its Politicians Will Allow It (TechCrunch) As my flight out of Beirut reached cruising altitude, and the seat buckle lights flickered off, I leant back in my chair and wondered if I had, in fact left the country just in time. Admittedly, it wasn't quite an 'Argo-esue' escape from another Middle Eastern country, but labelling a controversial government minister on a conference stage as an "idiot" maybe wasn't the wisest of moves. Beirut is not a town known for its placid history, after all. Furthermore, my comment had made the front page of the Beirut Daily Star the next day. Perhaps it was just as well that I left the next day

The Internet of Things businesses taking the sector by storm (Guardian) The small and innovative firms leading the way can be grouped into three categories — pioneers, enablers and utilisers

Cisco to buy SDN startup Embrane (IDG via Network World) Cisco plans to beef up its SDN [software-defined networking] technology by acquiring Embrane, a startup with an architecture for virtualized network appliances

Mobile security concerns behind Salesforce purchase of Toopher (FierceMobileIT) Mobile security has become an increasing concern for enterprises and IT staffs

Check Point Snags Israeli Mobile Security Company Lacoon (TechCrunch) Check Point Software Technologies announced it has purchased Lacoon Mobile Security today. Reports surfaced last month that the company was in talks to buy the Israeli company for $80M

Is FireEye (FEYE) Stock a Solid Choice Right Now? (Zacks Equity Research) One stock that might be an intriguing choice for investors right now is FireEye, Inc. (FEYE - Snapshot Report). This is because this security in the internet software industry space is seeing solid earnings estimate revision activity, and is in great company from a Zacks Industry Rank perspective

Damballa Named to JMP Securities Fast 50 List of Hottest Privately Held Companies (BusinessWire) Damballa, a leader in advanced threat detection and containment, has been named one of the "Fast 50" hottest privately held security and networking companies by JMP Securities, a full-service investment bank. The first annual Fast 50 report identifies the hottest, most strategically positioned private companies in the Internet security and networking spaces. JMP Securities notes that the Fast 50 companies are harnessing innovation and competitive advantage to disrupt technology giants, and that they have the ability to dominate their respective markets

Lunarline and Damballa partner to help the government fight back against advanced cyber attacks (GSN) Lunarline and Damballa have announced a strategic partnership to bring Damballa's advanced threat detection technology to Lunarline's government clients in the Intelligence, DoD and Federal Civilian communities. Globally deployed in some of the largest and most complex private and public networks, Damballa Failsafe is ideally suited to the Federal government's unique security challenges

Army seeks to fill in cyber gaps in Korean Theater through new solicitation (FierceGovernmentIT) To fill in gaps left by U.S. and South Korean militaries, the U.S. Army is looking for Joint Cyber Center support services, according to a new solicitation

Turning Hackers into InfoSec Pros (Trend Micro: Simply Security) We recently attended the South by Southwest (SXSW) Conference in Austin, Texas and were pleased to discover cybersecurity and privacy were popular topics this year. One session in particular given by a panel including the Secret Service caught our attention, and focused on why hackers hack and what we, as a society, can do about it

Dance Of The 'Next-Gen' CISO (Dark Reading) Classical ballerina-turned hacker-turned CISO Justine Bone talks old-school hacking, biometric authentication, coding in stilettos, Kristin Wiig — and finishing her kids' leftover mac and cheese

Uber Just Poached Facebook's Security Chief Joe Sullivan (Wired) Joe Sullivan, the Facebook executive in charge of keeping the social network's 1.3 billion users safe, is leaving to become Uber's first chief security officer

Two IT Security Visionaries Named to Pwnie Express Advisory Board (Marketwired) Distinguished Industry Veterans From Norwich University Applied Research Institutes and Veracode Join Pwnie Express' Deep Bench of Expert Security Advisors

Cyber Attacks, Threats, and Vulnerabilities

Cyber Caliphate: ISIS Plays Offense on the Web (Recorded Future) Cyber Caliphate's attack of US Central Command's Twitter page on January 12, 2015, got the attention of the United States and the world, and brought the cyber threat of ISIS to the forefront. Questions about ISIS's cyber capabilities have been asked since summer 2014

Anonymous Reveals 26,000+ Twitter Handles Allegedly having Links with ISIS (HackRead) Anonymous hacktivist group continues its efforts to expose social media profiles of the notorious rebel group Islamic State of Iraq and Syria/ISIS militants and its supporters by gathering a list of 26,000 plus Twitter handles of alleged connections of the extremist group

Air France cyberattack: Who is the Moujahidin Team and why are they waging cyber-jihad? (International Business Times) On 30 March 2015, a little-known hacking group calling itself the 'Moujahidin Team' (aka El Moujahidin) claimed credit for a cyberattack on Air France. The defacement on the website showed the group's logo and contained the message

Cyberwar heats up in the Middle East (CSO) Two malware campaigns have been spotted in the Middle East

DDoS attacks that crippled GitHub linked to Great Firewall of China (Ars Technica) Whitehat hacker's traceroute wizzardry pinpoints origin of denial-of-service code

IBM uncovers new, sophisticated bank transfer cyber scam (Reuters) IBM has uncovered a sophisticated fraud scheme run by a well- funded Eastern European gang of cyber criminals that uses a combination of phishing, malware and phone calls that the technology company says has netted more than $1 million from large and medium-sized U.S. companies

Multicast DNS Vulnerability Could Lead to DDoS Amplification Attacks (Threatpost) The Department of Homeland Security sponsored CERT at Carnegie Mellon University on Tuesday released an advisory warning infrastructure providers of a vulnerability in Multicast DNS, or mDNS, that could leak device information that could be leveraged in high volume DDoS amplification attacks

The Fine Line Between Ad and Adware: A Closer Look at the MDash SDK (TrendLabs Security Intelligence Blog) Just last month, there were reports that Google removed three apps from its Play Store as they were discovered to be adware in disguise. At the time of the discovery, the apps were said to have been downloaded into millions of devices, based on data from the app stores. However, these were not the only apps with similar behavior. During their investigation in early March, our researchers believe that there were over 2,000 apps with similar behavior on Google Play. However, this number has decreased to the hundreds, if not fewer

Crypto ransomware sightings and trends for Q1 2015 (Help Net Security) It seems that cybercriminals have yet to tire of creating crypto-ransomware malware

More Proof That You Should Never Use Hotel Wifi (Fiscal Times) Do not use hotel WiFi. That is the takeaway of the recent disclosure by security firm Cylance that it had found a devastating vulnerability in an Internet router that it said is in use at eight of the world's top ten hotel chains. Not only can the router be hijacked to cough up a user's details — your details — in some cases, said Cylance, the router is directly interfaced with the hotel's so-called Property Management system (PMS) which tracks everything from billing to room keys and in-room temperature. In a worse case scenario, a hacker could seize control of the vulnerable router, hop into the PMS, copy all available credit cards and their owner's details, and perhaps for mirth change the locks on a few doors — rendering the plastic keycards useless — and dialing the temperature up to 105 degrees in victim rooms

ICS cyber incidents — What relevant information actually exists? (Control Global) March 12, 2015, DHS's ICS-CERT issued the ICS CERT Monitor. The ICS-CERT report identified 245 total incidents in 2014. The report broke out the incidents by sector and by access vector. The report stated that the majority of incidents had an "unknown" access vector which implies lack of appropriate monitoring. The report identified network access vector categorization which made up 62% of the incidents were traditional IT attack vectors which can affect control systems but doesn't address control system-unique vectors such as unauthorized control system logic changes, unauthorized breaker control, etc.

Once Every Four Days, The US Power Grid Is Under Attack (Tripwire: the State of Security) According to a recent analysis of federal energy records, the nation's power grid experiences cyber and physical attacks nearly once every four days

How vulnerable is our critical national infrastructure? (Help Net Security) Considered the backbone of the nation's economy, security and health; critical infrastructure provides power, water, transportation, and communications systems relied on to connect us with our friends and family to our communities

Incident Response/Vulnerability Coordination in 2014 (ICS-CERT) In Fiscal Year 2014, the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) received and responded to 245 incidents reported by asset owners and industry partners

Smart home hacking is easier than you think (IT World) Scary stories of hacking Internet of Things devices are emerging, but how realistic is the threat?

Enterprises Fail to Weigh Risks of Sharing Data With Cloud Partners (eWeek) Employees' use of cloud applications and data storage services connects companies to risky partners, a Skyhigh Networks report finds

MCS PKI Incident Report (Scribd) This is the MCS PKI incident report that caused the eventual removal of CNNIC root certificate from Chrome and Firefox

NYSE Arca exchange glitch hampers trading in popular ETFs (Reuters) Intercontinental Exchange Inc's NYSE Arca had a technical glitch on Tuesday that resulted in some of the most popular exchange-traded funds being temporarily unavailable for trading and some investors paying more for stocks than they otherwise may have

The Cyber Attack on Frontpage (Frontpage) You may have noticed that our site is still under cyber-attack from computers based in Iran and Iraq causing delays in loading Frontpagemag.com

Hackers Knockdown Indiana Right to Life Website for Supporting RFRA (HackRead) After attacking Indiana government website for passing Religious Freedom Restoration Act (RFRA), hackers have now started attacking anyone supporting the RFRA

I'm not a racist homophobe, my Facebook was hacked! says UKIP candidate ( Graham Cluley) Here in the UK we're gearing up for a general election next month

Academia

Cyber Patriot program encourages Moore County students to study STEM (Fayetteville Observer) A national program is encouraging Moore County high school students to consider careers in cybersecurity

Litigation, Investigation, and Enforcement

Philippines mulls cybercrime courts across the country (Gulf News) Justice department says it has already submitted a proposal to the Supreme Court

NSA touts role in cyber investigations (FCW) The National Security Agency has helped investigate every major cyber intrusion in the private sector in the last six months, Director Adm. Michael Rogers said, adding that he wants that collaboration to get faster and more anticipatory

Fourth Hacker Stealing Sensitive Data from Game Companies Pleads Guilty (Softpedia) Hacker faces a maximum prison penalty of 5 years

Design and Innovation

Coding for cars: The next generation of mobile apps (IT World) Developers will need to rethink UIs, connection strategies, and how to capitalize on new data streams — especially as autonomous cars start rolling off the lots

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

Centers for Medicare and Medicaid Services (CMS) CISO Security & Privacy Forum (Woodlawn, Maryland, USA, April 7, 2015) The CISO Security & Privacy Forum is hosted by the Information Security Privacy Group (ISPG) at CMS. The Vision for ISPG is to provide leadership to CMS in managing information security and privacy risks appropriate for evolving cyber threats. The Mission is to enable the safe use of sensitive and privacy data while servicing the healthcare needs of the nation. The format for this event will include briefings from government and industry. Our featured speaker is from the Interagency OPSEC Support Staff and will present on "TRASHINT: Dumpster Diving", a very popular topic which teaches attendees how one person's trash can be another person's treasure

10th Annual Cyber and Information Security Research Conference (Oak Ridge, Tennessee, USA, April 7 - 9, 2015) Cyberspace is fundamental to our national prosperity, as it has become critical to commerce, research, education, and government. Realizing the benefits of this shared environment requires that we are able to properly balance the risks and rewards, understand and communicate threats to security and privacy, and rapidly adapt any resulting approach to a changing adversarial environment. The 10th Annual Cyber and Information Security Research Conference at Oak Ridge National Laboratory in Oak Ridge, Tennessee will bring together cyber security researchers, program managers, decision makers, security vendors, and practitioners to discuss many challenging tasks and novel solutions pertaining to cyber security

Cyber Risk Wednesday: The future of Iranian cyber threat (Washington, DC, USA, April 8, 2015) Join the Atlantic Council's Cyber Statecraft Initiative on April 8, from 4:00 p.m. to 5:30 p.m. for a panel discussion on the Iranian cyber threat and the potential for a drastic escalation of cyber conflicts between Iran and the West. Few other events have so far dominated 2015 as the P5+1 negotiations to limit Iranian nuclear capabilities. Against the backdrop of the negotiations, it is likely that Iran, Israel, and the United States are gathering their strength for a renewal of cyber conflict of the past several years. The confrontations include attacks both from Iran, such as disruption of the US banking sector and against Gulf energy companies, and against Iran, such as Stuxnet and the Wiper worm. Should the talks fail, what are the chances of an escalating cyber conflict?

Cyber Threats Masterclass (Turin, Italy, April 9 - 11, 2015) The United Nations Interregional Crime and Justice Research Institute (UNICRI) is organizing two new courses on emerging threats towards states and citizens with the aim of promoting an in-depth knowledge of specific issues such as cyber crimes and crimes against the environment. The courses are tailored to journalists and chief information officers, as well as those who want to specialize in this area, offering a unique opportunity to network with renowned international experts

InfoSec Southwest 2015 (Austin, Texas, USA, April 10 - 12, 2015) InfoSec Southwest is an annual information security and hacking conference held in Austin, Texas, one of the most interesting and beautiful cities in the United States. By addressing a broad scope of subject-matter, InfoSec Southwest is intended to both provide a comprehensive and valuable forum to all participants as well as fill a gap for our local attendees left by the other few conferences held here in Texas which are all focused on a narrower scope of subject matter or a narrower slice of audience demographic

Cybergamut Tech Tuesday: Tor and the Deep Dark Web (Elkridge, Maryland, USA, April 14, 2015) This talk will explore the use of Tor and how it relates to garnering useful intelligence. Distinguishing attribution or valuable intelligence from limited event data is difficult. Leveraging external threat data can be helpful in evaluating intelligence but how do you identify relevance? Created as a means of protecting the privacy and anonymity of its users, Tor — the managed network of private computers leveraged by criminal elements to minimize the risk of surveillance and capture — is being exploited by the most technically proficient, aggressive, and organized of criminal syndicates

NIST IT Security Day (Gaithersburg, Maryland, USA, April 8, 2014) The Office of the Chief Information Officer, OCIO, is hosting NIST IT Security Day as a means to heighten awareness for all NIST users on the many aspects of operational information technology security and networking at home and in the office. This event's objective is to educate users on IT security and related topics. The event will feature guest speakers on general and technical IT security topics and tutorials on internal services and products.

Cyber Security Summit: Industrial Sector & Governments (Prague, Czech Republic, April 14 - 15, 2015) Cyber Security Summit Europe — Industrial Sector & Governments brings together cyber security experts who will share their skills and know-how needed to address highly topical issues such as state-sponsored cyber-attacks and SCADA Security Assessment

Cyber Security Summit: Financial Services (Prague, Czech Republic, April 14 - 15, 2015) Cyber Security Summit Europe — Financial Services brings together cyber security experts across the financial sector to discuss topical security vulnerabilities as well as bring forward effective strategies and solutions to effectively mitigate them

INTERPOL World 2015 (Singapore, April 14 - 16, 2015) INTERPOL World is a new biennial international security trade event which will bring police and other law enforcement agencies together with security solution providers and security professionals from around the world to identify future challenges and propose and build innovative solutions

Mid-Atlantic ISSA Security Conference 2015 (Gaithersburg, Maryland, USA, April 15, 2015) Meeting at the NIST campus, this all-day event, jointly hosted by the ISSA Baltimore, DC, and Northern Virginia chapters, will have 3 concurrent tracks of security professionals discussing the current state of various information security topics. The cost is $150 per person, including breakfast and lunch; pre-registration is required in order to get onto the NIST campus

Symantec Government Symposium: Secure Government: Manage, Mitigate, Mobilize (Washington, DC, USA, April 15, 2015) The annual Symantec Government Symposium is a one-day event attracting 1,500 government IT security and management professionals. The event is designed to facilitate peer-to-peer dialogue on the challenges facing today's government leaders. This year, former FBI Director Robert Mueller will deliver the keynote address, and the program will also feature sessions on CDM, risk management, security intelligence, secure app management, cyber legislative priorities, and much more. The theme of the 2015 Symposium is "Secure Government: Manage, Mitigate, Mobilize"

Proposer's Day Conference for the Scientific advances to Continuous Insider Threat Evaluation (SCITE) program (Washington, DC, area, April 16, 2015) The Intelligence Advanced Research Projects Activity (IARPA) will host a Proposers' Day conference for the Scientific advances to Continuous Insider Threat Evaluation (SCITE) program, in anticipation of the release of a new solicitation in support of the program. The purpose of the conference will be to provide introductory information on SCITE and the research problems that the program aims to address, to respond to questions from potential proposers, and to provide a forum for potential proposers to present their capabilities and identify potential team partners

IIT Cyber Forensics and Security Conference and Expo (Wheaton, Illinois, USA, April 17, 2015) All are invited to participate in this multi-track, technical conference that attracts more than 200 professionals, 50 speakers, 20 sponsors, for an intensive one and a half day schedule that includes discussion and debate over forensics, security, data/information governance, cyber crime and security, ethical hacking, eDiscovery, cloud forensics, steganography, policy and compliance, privacy, wireless security, cloud computing, identity theft, and more

RSA Conference 2015 (San Francisco, California, USA, April 20 - 24, 2015) Don't miss this opportunity to join thousands of industry professionals at the premier information security event of 2015

Australian Cyber Security Centre Conference (Canberra, Australia, April 22 - 23, 2015) The Australian Cyber Security Centre (ACSC) will be hosting its first cyber security conference in 2015. We are bringing leading cyber security experts from Australia and abroad to share their expertise. This will be your first chance to experience the unique collaboration of the ACSC. Over 700 attendees from the national and international ICT community are expected to attend

Security Forum 2015 (Hagenberg im Mühlkreis, Austria, April 22 - 23, 2015) The Security Forum is the annual IT security conference in Hagenberg that addresses current issues in this domain. Visitors are offered technical as well as management-oriented talks by representatives of business, research and public service

CyberTexas / CyberIOT (San Antonio, Texas, USA, April 23 - 24, 2015) CyberIOT — Securing the Internet of Things. As more everyday devices become connected to the internet, the need for securing those items becomes critical. CyberTexas will explore the intersection of cyber security and the internet of things'

Defensive Cyberspace Operations & Intelligence Conference & Exhibition (Washington, DC, USA, April 27 - 28, 2015) The 5th Annual Defensive Cyberspace Operations & Intelligence (DCOI) conference & exhibition is an Israeli-American partnership promoting the extraordinary developments in the technological, intelligence and policy-making domains of cyberspace. It will be held on April 27-28; the first day will consist of panels and exhibition at the Ronald Reagan Building and International Trade Center, and the second will hold workshops, exhibition and seminars at the George Washington University

INTEROP Las Vegas (Las Vegas, Nevada, USA, April 27 - May 1, 2015) Attend Interop Las Vegas, the leading independent technology conference and expo designed to inspire, inform, and connect the world's IT community. In 2015, look for all new programs, networking opportunities, and classes that will help you set your organization's IT action plan

2015 Synergy Forum (Tysons Corner, Virginia, USA, April 30, 2015) The 2015 Synergy Forum brings together government and industry practitioners driving our collective technology futures. This event is multi-disciplinary, examining the emerging fusion of physical and digital worlds. The event topics include: Big Data, Cyber Security, Internet of Things, Mobility, Strategy and Technology. Attending this event would be beneficial to: Policy-makers, architects, program managers, influencers in the federal government and the most forward thinking engineers, architects and innovators in the DC ecosystem

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.