The US Intelligence Community releases its report on Russian election hacking and the US Government announces its first retaliatory round.
Yesterday, as the US Intelligence Community reported on Russian election hacking—it's calling the campaign "Grizzly Steppe"—the Government announced its first round of sanctions against Russian individuals and organizations. President Obama amended Executive Order 13964 (April 2015) to "address the national emergency with respect to significant malicious cyber-enabled activities," authorizing sanctions against those who interfere with elections. Two intelligence services (GRU and FSB), three companies supporting those services (STLC Ltd., Zorsecurity, and ANO PO KSI), and four named GRU officers were immediately sanctioned.
The State Department declared thirty-five Russian diplomats from the Washington embassy and San Francisco consulate persona non grata for actions "inconsistent with their diplomatic and consular status." State says the expulsions are prompted both by attempts to interfere with US elections and by "harassment" of US diplomatic personnel and activities.
Russian Foreign Minister Lavrov publicly recommended retaliation against a like number of US diplomats, but early this morning President Putin turned the recommendation down (for now), not wishing, he says, to descend to the Americans' low level.
The joint FBI-DHS report on Grizzly Steppe describes the campaign as the culmination of a decade of Russian intelligence services' hacking. US citizens are urged to be on the lookout for Bears.
Russian authorities deny hacking charges—RT sniffs at US evidence, citing in support of Russian innocence various IC-skeptical tweets and the alleged puerility of names like Fancy Bear and Cozy Bear.
A Guardian op-ed sums up by saying we're in the midst of an unacknowledged world cyberwar.
Notes.
Today's issue includes events affecting Australia, Brazil, France, Germany, India, Israel, Democratic Peoples Republic of Korea, Republic of Korea, Lithuania, Pakistan, Russia, Singapore, Ukraine, United Kingdom, United States, and and Vietnam.
A note to our readers: New Year's Day falls on Sunday, and so we'll take a break this Monday, January 2nd. We'll be back as usual on the 3rd. Best wishes for the new year from all of us at the CyberWire.
You can find information security lessons everywhere. We think we see some in the new Star Wars flick, "Rogue One." Here's a thought: the Empire's contractors on Eadu were apparently less than fully NISPOM compliant. Didn't Director Krennic require them to self-certify? (For background on NISPOM, see this account of a CRTC symposium, and lawyer up, padawans. Even the Empire has privacy and employment laws. We're pretty sure...although Krennic's HR policies seem a little strict...)
The CyberWire podcast this week offers a series of end-of-year long-form (but still brief) episodes. We're running extended interviews that include never-before aired conversations with some of our most interesting partners and guests. Our normal programming returns on January 3rd. If you've been enjoying the podcasts, please consider giving us an iTunes review.
Today we also have a new special edition of our Podcast. The topic is buying cyber security. Every day there seems to be a new security product on the market, with many of them claiming to provide something that you simply can’t live without. Companies appear and disappear, and businesses are faced with difficult, confusing, and often expensive choices. In this CyberWire special edition, we explore how businesses are navigating the process of choosing products and technologies in a crowded marketplace. We talk to some key stakeholders to find out what drives their purchasing decisions, and what they wished their vendors knew before they came knocking on their doors.
Cyber Attacks, Threats, and Vulnerabilities
OSCE victim of ‘major’ cyber attack (Guardian) The Organization for Security and Co-operation in Europe, an international election and war monitor, said Wednesday it had become the latest global institution to suffer a “major” cyber attack
Ukraine hit by 6,500 hack attacks, sees Russian 'cyberwar' (Reuters) Hackers have targeted Ukrainian state institutions about 6,500 times in the past two months, including incidents that showed Russian security services were waging a cyberwar against the country, President Petro Poroshenko said on Thursday
Lithuania says Russian spyware infected government computers (Graham Cluley) Lithuanian officials call it “part of psychological warfare”
Report Shows Kim Jong-Un’s Cyber Squads Could ‘Paralyze’ US Pacific Command (Daily Caller) A full-scale North Korean cyber attack could leave the U.S. Pacific Fleet, as well as parts of the continental U.S., in the dark, a South Korean defense agency revealed
Cyber experts from Kerala unleash 'surgical strikes' on Pakistan cyberspace (India Times) After Pakistani cyber attackers hacked Thiruvananthapuram airport's website yesterday, a group of cyber experts from Kerala - the 'Mallu Cyber Soldiers' - decided to respond in kind: by hacking the website of a Pakistani airport
KillDisk Disk-Wiping Malware Adds Ransomware Component (Bleeping Computer) A malware family previously used to sabotage computers by deleting and rewriting files has added a ransomware component, now encrypting files and demanding a huge ransom
Threat Actors Bring Ransomware To Industrial Sector With New Version of KillDisk (Dark Reading) Disk-erasing malware has been tweaked to encrypt data instead and to ask for a Bitcoin payment
Recent Spam Runs in Germany Show How Threats Intend to Stay in the Game (TrendLabs Security Intelligence Blog) In early December, GoldenEye ransomware (detected by Trend Micro as RANSOM_GOLDENEYE.A) was observed targeting German-speaking users—particularly those belonging to the human resource department. GoldenEye, a relabeled version of the Petya (RANSOM_PETYA) and Mischa (RANSOM_MISCHA) ransomware combo, GoldenEye not only kept to the James Bond theme of its earlier iteration, but also its attack vector
Microsoft Reports Cerber Ransomware Staging Holiday Onslaught (eWeek) Microsoft security researchers warn that after a brief quiet period, the Cerber ransomware family has reemerged with a vengeance to target holiday shoppers and enterprise business data files
Steganography Is Very Popular with Exploit Kits All of a Sudden (Bleeping Computer) Steganography, the technique of embedding hidden messages inside public files, has become very popular with exploit kit operators in 2016
Meet the Leet DDoS Botnet, Just as Powerful as Mirai (HackRead) Security experts from Imperva Security are describing Leet Botnet as more powerful than its counterpart botnet Mirai. In fact, Leet is being regarded as the winner of the title of most powerful DDoS (distributed denial of service) attack of 2016 with a humongous speed of 650 GBPS (gigabit per second) noticed recently by Imperva network. The attack launched through Leet on Imperva displayed this overwhelming traffic and thus, Mirai’s title as the most powerful DDoS attack was claimed by Leet
It's Almost 2017 and Users Are Still Getting Infected with Malware via Fake AV Software (Bleeping Computer) You'd expect that by now, users should be aware that downloading "cracks" for any kind of software would come with inherent dangers, such as adware, infostealers, backdoors, and even ransomware. Sadly, this isn't the case and a fairly decent amount of users are still get infected with all sort of nasties this way
State IT chief says human error allowed DHHS data breach (Manchester Union Leader) A patient at the state psychiatric hospital was able to access confidential information on 15,000 clients of Health and Human Services because of human error, according to Denis Goulet, the state’s chief technology officer - See more at: http://www.unionleader.com/state-government/state-it-chief-says-human-error-allowed-dhhs-data-breach--20161229#sthash.oFEqC3Ly.dpuf
All at Sea (Infosecurity Magazine) When you watch Netflix, deal with your email or make a Skype call, the traffic travels along a relatively small number of routes to its destination. Like most of the world’s internet traffic, it travels via submarine cables, typically the width of a garden hose. Today, there are 356 of these cables spread across the world. How safe are they from attack or disruption?
Security Patches, Mitigations, and Software Updates
PHPMailer, Swiftmailer Updates Resolve Critical Remote Code Execution Vulnerabilities (Threatpost) Critical remote code execution vulnerabilities in two different libraries used to send emails via PHP were patched this week.
Cyber Trends
Threatpost 2016 Year in Review (Threatpost) Mike Mimoso, Tom Spring, and Chris Brook recap 2016’s biggest news stories, including the proliferation of IoT botnets, the rise of ransomware, the FBI vs. Apple battle, Yahoo, and a rash of old password breaches
5 signs we're finally getting our act together on security (cio) Despite all the bad news in information security in 2016, some positive developments may finally shift momentum
Marketplace
The Next Sector To Invest In: Cybersecurity (BW Disrupt) “Global spending on cybersecurity products and services for defending against cybercrime is projected to exceed $1 trillion cumulatively over the next five years, from 2017 to 2021.” The Israeli startups are rushing to the Silicon Valley in search of funds for their cutting edge digital defense ideas. And the VCs are waiting with arms wide open
Tech stocks for your portfolio: FireEye, Inc. (FEYE), Brocade Communications Systems, Inc. (BRCD) (Independent Republic) FireEye, Inc. (FEYE) ended last trading session with a change of -3.51 percent. It trades at an average volume of 4.14M shares versus 3.83M shares recorded at the end of last trading session. The share price of $11.95 is at a distance of 9.94 percent from its 52-week low and down -46.84 percent versus its peak. The company has a market cap of $2.03B and currently has 170.25M shares outstanding. The share price is currently -7.93 percent versus its SMA20, -7.29 percent versus its SMA50, and -20.71 percent versus its SMA200. The stock has a weekly performance of -7.94 percent and is -42.38 percent year-to-date as of the recent close
How Symantec Transformed in 2016 (Investopedia) Shares of cybersecurity pioneer Symantec Corp. (SYMC) are trading up about 16% year to date (YTD) at a price of $24.17 per share on Thursday afternoon
Siemens will sich neu erfinden und Software-Konzern werden (Deutsche Wirtschafts Nachrichten) Siemens will den Trend der Industrie 4.0 nutzen und Software-Lösungen anbieten - auch, um zu verhindern, dass der Konzern von anderen Anbietern ausgebremst wird
Louisville's Swimlane raises $3M in private offering (Daily Camera) Louisville software company, Swimlane LLC, has raised $3 million of a scheduled $3,175,000 private offering, according to documents filed with the U.S. Securities and Exchange Commission
Products, Services, and Solutions
Good Guy Hacker Launches 'Security Without Borders' to Defend At-Risk Dissidents (Motherboard) Some hackers have lost their way. Today, countless techies have entered the for-profit cybersecurity business, potentially neglecting what one security researcher calls their responsibility to civil society: helping at-risk users like dissidents with the security of their work, for example
Quick Heal launches ad campaign focusing on the risks of free antivirus solutions (exchange4media News Service) Quick Heal Technologies Limited has released an ad campaign to draw consumers’ attention towards the risks associated with free antivirus solutions. Targeting the youth and working professionals in its TVCs, Quick Heal aims to create awareness on the security threats, which a free antivirus product is not capable to mitigate, as compared to the protection guaranteed by a purchased antivirus solution for safe banking, privacy protection, anti-ransomware, anti-phishing, enhanced firewall, and web security
Technologies, Techniques, and Standards
Your new year’s resolution: get ready for GDPR (Naked Security) By 2018, the General Data Protection Regulation (GDPR) will require any company doing business in the European Union to more securely collect, store and use personal information
What to do if your data is taken hostage (CSO) Find out how to respond to ransomware threats
Cash for Bugs: should you crowdsource your application security? (IT Pro Portal) A bug bounty programme can be quite effective if managed properly
Making Bugs Bountiful (Infosecurity Magazine) Apple recently joined the growing number of corporates to launch a vulnerability reward program, better known as a bug bounty scheme. Initially limited to a couple of dozen researchers already known to Apple, it will pay as much as $200,000 for a critical security vulnerability, which sounds a lot, until you learn that a small private firm called Exodus Intelligence offers as much as $500,000 for zero-day vulnerabilities in iOS
Defending Against the Unknown (Economic Times) Insights on the need for multi-layered protection
Skills Gap: How to Attract the Best Staff (Infosecurity Magazine) As the cybersecurity skills gap continues to plague the industry, it has never been more important for organizations to have a sound understanding of how to attract and retain the best staff
Academia
University Of Maryland Francis King Carey School Of Law Launches Online Masters Programs (HS Today) Two new online Master's degree programs designed primarily for non-lawyers, a Master of Science in Cybersecurity Law and a Master of Science in Homeland Security & Crisis Management Law, are now being offered by the University of Maryland Francis King Carey School of Law
Legislation, Policy, and Regulation
We're living through the first world cyberwar – but just haven’t called it that (Guardian) he job of the historian is often to pull together broad themes and trends, then give them a snappy title that people will easily recognise and understand. That’s how we end up with labels like “The decline and fall of the Roman Empire” or “The Rise of Hitler and the Third Reich"
Obama Strikes Back at Russia for Election Hacking (New York Times) President Obama struck back at Russia on Thursday for its efforts to influence the 2016 election, ejecting 35 suspected Russian intelligence operatives from the United States and imposing sanctions on Russia’s two leading intelligence services
US expels Russian diplomats over cyber attack allegations (BBC) The US has expelled 35 Russian diplomats as punishment for alleged interference into the presidential election
Obama retaliates against Russia for election hacking (AP via Federal News Radio) In a sweeping response to election hacking and other meddlesome behavior, President Barack Obama on Thursday sanctioned Russian intelligence services and their top officials, kicked out 35 Russian officials and closed down two Russian-owned compounds in the U.S. It was the strongest action the Obama administration has taken to date to retaliate for a cyberattack
Obama’s Russian Hacking Retaliation Is Biggest “Since the Cold War” (Wired) Since US intelligence agencies in October identified the Russian government as the source of hacker attacks that breached the Democratic party organizations and leaked private email conversations, President’s Obama’s White House has been searching for an appropriate response. Now, the administration has finally shot back, deporting Russian officials and calling out the individuals and organizations responsible for that hacking, in a set of measures never before seen in America’s digital diplomacy
Obama announces sanctions for Russian election hacking (TechCrunch) The Obama administration announced today that it will impose sanctions on Russian intelligence services and officials in response to the hacks of American political institutions during the election season
Obama imposes sanctions on Russia over hack, expels 35 diplomats; Trump says time 'to move on' (Chicago Tribune) The United States struck back Thursday at Russia for hacking the U.S. presidential campaign with a sweeping set of punishments targeting Russia's spy agencies and diplomats. The U.S. said Russia must bear costs for its actions, but Moscow called the Obama administration "losers" and threatened retaliation
McConnell: New Russia sanctions an 'initial step' (The Hill) Senate Majority Leader Mitch McConnell (R-Ky.) on Thursday called new sanctions against Russia an "initial step" but reiterated that lawmakers will review Moscow's meddling in the U.S. presidential election next year
Obama tosses 35 Russians out of US, sanctions others for election meddling (Ars Technica) Intelligence dump from DHS and FBI bolsters claims of Russian election interference
US reportedly plans retaliation against Russian election hacks soon [Update: sanctions announced] (Ars Technica) A “proportional response” won't deter future meddling, says one security expert
FACT SHEET: Actions in Response to Russian Malicious Cyber Activity and Harassment (The White House) Today, President Obama authorized a number of actions in response to the Russian government’s aggressive harassment of U.S. officials and cyber operations aimed at the U.S. election in 2016. Russia’s cyber activities were intended to influence the election, erode faith in U.S. democratic institutions, sow doubt about the integrity of our electoral process, and undermine confidence in the institutions of the U.S. government. These actions are unacceptable and will not be tolerated
Statement by the President on Actions in Response to Russian Malicious Cyber Activity and Harassment (The White House) Today, I have ordered a number of actions in response to the Russian government’s aggressive harassment of U.S. officials and cyber operations aimed at the U.S. election. These actions follow repeated private and public warnings that we have issued to the Russian government, and are a necessary and appropriate response to efforts to harm U.S. interests in violation of established international norms of behavior
Executive Order -- Taking Additional Steps to Address the National Emergency with Respect to Significant Malicious Cyber-Enabled Activities (The White House) By the authority vested in me as President by the Constitution and the laws of the United States of America, including the International Emergency Economic Powers Act (50 U.S.C. 1701 et seq.) (IEEPA), the National Emergencies Act (50 U.S.C. 1601 et seq.) (NEA), and section 301 of title 3, United States Code
Annex to Executive Order -- Taking Additional Steps to Address the National Emergency with Respect to Significant Malicious Cyber-Enabled Activities (The White House) Entities[:] 1. Main Intelligence Directorate (a.k.a. Glavnoe Razvedyvatel’noe Upravlenie) (a.k.a. GRU); Moscow, Russia
Letter from the President -- Taking Additional Steps to Address the National Emergency with Respect to Significant Malicious Cyber-Enabled Activities (The White House) Dear Mr. Speaker: (Dear Mr. President:) Pursuant to the International Emergency Economic Powers Act (50 U.S.C. 1701 et seq.) (IEEPA), I hereby report that I have issued an Executive Order (the "order") that takes additional steps to address the increasing use of significant malicious cyber-enabled activities to undermine democratic processes or institutions. These steps have been taken with respect to the national emergency declared in Executive Order 13694 of April 1, 2015
Department of State Actions in Response to Russian Harassment (US Department of State) The State Department today declared persona non grata 35 Russian officials operating in the United States who were acting in a manner inconsistent with their diplomatic or consular status. The Department also informed the Russian Government that it would deny Russian personnel access to two recreational compounds in the United States owned by the Russian Government
Treasury Sanctions Two Individuals for Malicious Cyber-Enabled Activities (US Department of the Treasury) Building on the authority previously provided to the Secretary of the Treasury, the President amended Executive Order 13694, “Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Enabled Activities,” which was issued by President Obama on April 1, 2015 to authorize sanctions against individuals and entities that threaten the national security, foreign policy, or economic health or financial stability of the United States through involvement in malicious cyber-enabled activities that constitute tampering with, altering, or causing a misappropriation of information with the purpose or effect of interfering with or undermining election processes or institutions. In an Annex to the amended E.O., the President imposed sanctions on five entities and four individuals in response to the Government of Russia’s interference with U.S. elections and processes in recent months
Putin says Russia won't expel US diplomats in tit-for-tat measure (Guardian) ‘We will not drop to this level of irresponsible diplomacy,’ says Russian president in response to US move to kick out 35 Russian officials
Russia moves to expel US diplomats in response to sanctions (BBC) The Russian foreign ministry has called for the expulsion of 35 US diplomats in response to a similar move by Washington
Russia Set to Expel 35 U.S. Diplomats in Response to Move by Obama (New York Times) Russia moved on Friday to impose tit-for-tat measures against the United States in the latest crisis in relations between the two countries, with the foreign minister recommending that the country expel 35 American diplomats and close two diplomatic facilities
How Russia Recruited Elite Hackers for Its Cyberwar (New York Times) Aleksandr B. Vyarya thought his job was to defend people from cyberattacks until, he says, his government approached him with a request to do the opposite
Brazil announces establishment of new cyber defence command (IHS Jane's 360) The Brazilian Army has approved the establishment of a cyber defence command, known as Comando de Defesa Cibernética (ComDCiber), to help protect the country's online infrastructure
The cybersecurity priority for DHS in 2017 (Federal Times) As one of his first national security appointments, President-elect Donald Trump has selected retired Marine Gen. John F. Kelly to lead the Department of Homeland Security. Gen. Kelly is widely recognized for his expertise in counterterrorism, his dedication, composure and intellect. He is especially known for his excellent leadership skills honed by over 40 years of military service, including as the commander of U.S Southern Command
Litigation, Investigation, and Law Enforcement
Joint DHS, ODNI, FBI Statement on Russian Malicious Cyber Activity (US Department of Homeland Security) On October 7, 2016, Secretary Johnson and Director Clapper issued a joint statement that the intelligence community is confident the Russian Government directed the recent compromises of e-mails from U.S. persons and institutions, including from U.S. political organizations, and that the disclosures of alleged hacked e-mails on sites like DCLeaks.com and WikiLeaks are consistent with the Russian-directed efforts. The statement also noted that the Russians have used similar tactics and techniques across Europe and Eurasia to influence public opinion there
Joint DHS, ODNI, FBI Statement on Russian Malicious Cyber Activity (IC on the Record) On October 7, 2016, Secretary Johnson and Director Clapper issued a joint statement that the intelligence community is confident the Russian Government directed the recent compromises of e-mails from U.S. persons and institutions, including from U.S. political organizations, and that the disclosures of alleged hacked e-mails on sites like DCLeaks.com and WikiLeaks are consistent with the Russian-directed efforts. The statement also noted that the Russians have used similar tactics and techniques across Europe and Eurasia to influence public opinion there
GRIZZLY STEPPE – Russian Malicious Cyber Activity (US-CERT) This Joint Analysis Report (JAR) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). This document provides technical details regarding the tools and infrastructure used by the Russian civilian and military intelligence Services (RIS) to compromise and exploit networks and endpoints associated with the U.S. election, as well as a range of U.S. Government, political, and private sector entities. The U.S. Government is referring to this malicious cyber activity by RIS as GRIZZLY STEPPE
FBI, DHS release report on Russia hacking (The Hill) The FBI and the Department of Homeland Security (DHS) on Thursday released a joint report detailing how federal investigators linked the Russian government to hacks of Democratic Party organizations
FBI, Department of Homeland Security outline conclusion that Russian agencies, military hacked U.S. election (Daily News) The feds on Thursday detailed how U.S. officials concluded Russian military and intelligence services were behind a massive election-related cyber assault on the U.S
Full List of All Gov’t Docs in US Response to Russian Election Hacking–with summaries (Just Security) Below is a list of all the U.S. government documents released on Thursday as part of the Obama administration’s announced response to Russian interference in the U.S. election process. See also Kristen Eichensehr’s initial post in response to the announcement and released documents. And stay tuned for more coverage and analysis by Eichensehr and others at Just Security
FBI and Homeland Security detail Russian hacking campaign in new report (Guardian) Experts say report is too little too late and comes after several others from private sector detailing alleged exploits of groups Fancy Bear and Cozy Bear
Who helped Russia "hack" the US election? It might have been you... (Graham Cluley) USA kicks out 35 Russian intelligence officers after election-related hacks
Report on ‘Russian hacking’ offers disclaimers, barely mentions Russia (RT) As the White House and Treasury Department announced new sanctions against Russia over the alleged hacking of US elections, the FBI and Homeland Security released a report that offered supposed proof amid an abundance of disclaimers
The shocking failure in how the FBI warned the DNC that it had been hacked (Graham Cluley) Not having your warnings taken seriously? Visit the victims!
Snowden doc shows NSA blamed Russia for hack of murdered journalist: report (The Hill) The National Security Agency (NSA) knew that the Russian government hacked the email account of a prominent journalist the year before she was killed in Moscow, documents published by The Intercept show
Here’s what a “digital Miranda warning” might look like (Ars Technica) Smartphone owners need to know if—and when—they need to reveal their passcodes
Op-ed: Five unexpected lessons from the Ashley Madison breach (Ars Technica) This is the first FTC complaint involving lying bots—there will be more
DOJ won’t prosecute Redflex in exchange for restitution and cooperation (Ars Technica) Red light firm adds “rigorous anti-bribery and anti-corruption compliance code”
Facebook stalls in lawsuit alleging its facial recognition tech violates Illinois law (TechCrunch) An Illinois law is proving a thorn in Facebook’s side as a class action lawsuit, alleging mishandling of biometric information, moves toward trial. The latest developments in the case have the social network objecting against releasing or even admitting the existence of all manner of data, but the plaintiffs aren’t taking “objection” for an answer
Former BlackRock Manager Sentenced in Insider Trading Case (New York Times) A former fund manager at BlackRock was sentenced to one year in prison on Wednesday after he pleaded guilty to insider trading charges in November
For a complete running list of events, please visit the Event Tracker.
Upcoming Events
CES® CyberSecurity Forum (Las Vegas, Nevada, USA, Jan 5, 2017) Now in its second year, the CES® CyberSecurity Forum presented by CyberVista is designed to ensure all stakeholders in developing high tech solutions understand the complexity and the need for action in the cybersecurity arena. The IoT, connected cars, new payment systems, VR and AR, wearables and our mobile devices all add new levels of concern to protecting our personal and corporate data. In this day-long conference, we’ll tackle the world of cybersecurity that demands we go far beyond the simple passwords and anti-virus protection of yesterday.
SANS Security East 2017 (New Orleans, Louisiana, USA, Jan 9 - 14, 2017) Start the year off right by choosing from outstanding, cutting-edge courses presented by our top-rated instructors. SANS is looking forward to an exciting kickoff of 2017 with SANS Security East 2017 in the "Big Easy" in January. Now is the time to improve your information security skills and laissez les bons temps rouler!
Global Institute CISO Series Accelerating the Rise & Evolution of the 21st Century CISO (Scottsdale, Arizona, USA, Jan 11 - 12, 2017) These intimate workshops address the challenges that Board of Directors are placing on security and risk executives, and how to successfully manage and communicate today’s enterprise and organizational threats. These are an intense “roll your sleeves up” thought leadership discussions on How Cyber is Driving the New Board Perspective on Enterprise Risk Management. Attendance is limited to 30 Security and Risk Executives from Global 2000 corporations. For Chief Security Information Officers, Chief Information Officers, and Chief Risk Officers, by invitation only (apply to attend).
Cybersecurity of Critical Infrastructure Summit 2017 (College Station, Texas, USA, Jan 11 - 13, 2017) An inaugural event to convene thought-leaders, experts, and strategic decision makers from government, industry, and academia to discuss the technology and policy implications of the ever-evolving cyber-threats to critical infrastructures. This summit will focus on two sectors that are among those at greatest risk, the energy and manufacturing sectors. Highlighting emerging technologies and policy initiatives, this event will foster the development of high impact strategies to address the many interrelated cybersecurity challenges we face in the protection of our nation’s critical infrastructures.
ShmooCon 2017 (Washington, DC, USA, Jan 15 - 17, 2017) ShmooCon is an annual east coast hacker convention hell-bent on offering three days of an interesting atmosphere for demonstrating technology exploitation, inventive software and hardware solutions, and open discussions of critical infosec issues. The first day is a single track of speed talks called One Track Mind. The next two days bring three tracks: Build It, Belay It, and Bring It On.
SANS Las Vegas 2017 (Las Vegas, Nevada, USA, Jan 23 - 28, 2017) Attend SANS Las Vegas 2017, where SANS will provide outstanding courses in IT security, forensics, and security management presented by the best cybersecurity teachers in the country. At SANS events you get the kind of hands-on, immersion training that you can put to work immediately.
BlueHat IL (Tel Aviv, Israel, Jan 24 - 25, 2017) Announcing BlueHat IL – a special edition of Microsoft's leading cyber security conference for top professionals, to be held for the very first time in Tel Aviv, Israel. Over the past 10 years, BlueHat conferences have drawn the brightest minds in security to discuss key industry challenges. And now, BlueHat IL is here to crank it up by exploring and creating new cyber security thoughts and boundaries. This exclusive, by invitation only, single track event will host top cyber security professionals from around the world, who will come together to tackle the present and peek into the future. It will feature brilliant speakers and focus on breakthrough research, key trends and emerging threats in the field. Registration closes December 28.
SANS Cyber Threat Intelligence Summit & Training 2017 (Arlington, Virginia, USA, Jan 25 - Feb 1, 2017) Join SANS at this innovative Summit as we focus on enabling organizations to build effective cyber threat intelligence analysis capabilities. Most organizations are familiar with threat intelligence, but have no real concept of how to create and produce proper intelligence. The 2017 Summit will focus on specific analysis techniques and capabilities that can be used to properly create and maintain Cyber Threat Intelligence in your organization. Attend this summit to learn and discuss directly with the experts who are doing the CTI analysis in their organizations. What you learn will help you detect and respond to all ranges of adversaries including some of the most sophisticated threats targeting your networks
Blockchain Protocol and Security Engineering (Stanford, California, USA, Jan 26 - 27, 2017) This conference will explore the use of formal methods, empirical analysis, and risk modeling to better understand security and systemic risk in blockchain protocols. The conference aims to foster multidisciplinary collaboration among practitioners and researchers in blockchain protocols, distributed systems, cryptography, computer security, and risk management.