The CyberWire Daily Briefing 6.28.17

Summary

By The CyberWire Staff

Today's news is dominated by what we'll call, for convenience sake, the Petya pandemic. The ransomware infestation began in Ukraine, and has still hit that country most severely. It has spread rapidly around the world.

Petya is a familiar strain of ransomware security companies have been tracking at least since March of 2016. It had hitherto appeared mainly in targeted attacks. This time its spread has been fast and indiscriminate. Petya's code has been updated with worm functionality and the EternalBlue exploit the ShadowBrokers released on April 14, 2017. The ShadowBrokers claimed that EternalBlue was obtained from NSA (many, including Microsoft, agreed); their dump prompted widespread concern over zero-day inventories and the US Intelligence Community's Vulnerability Equities Process. It was also used in last month's WannaCry outbreak.

The current Petya infestation spreads as rapidly and indiscriminately as WannaCry did, but it's regarded as better crafted code. It doesn't exhibit WannaCry's botched Bitcoin wallets, and its attack on master boot records renders it more dangerous.

WannaCry has been widely associated with North Korea's Lazarus Group, but speculation about this instance of Petya focuses on Russia. Ukraine, the original and principal victim, thinks the ransomware is Russia's work. And like WannaCry, the return on the hackers' investment has been trivial in comparison with the scope of the attack: less than $10,000, according to recent reports.

Early reports said this time Petya spread by phishing with malicious Word files, but that seems incorrect. Tanium says the initial vector was a Ukrainian software update.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Australia, Canada, Denmark, European Union, Germany, India, Italy, Republic of Korea, Mexico, New Zealand, Norway, Pakistan, Poland, Russia, Ukraine, United Kingdom, and United States.

A note to our readers: we'll be posting periodic updates on the Petya pandemic, including industry reactions, to our website. The first installment may be found here.

On the Podcast

In today's podcast we hear from our partners at the University of Maryland's Center for Health and Homeland Security, as legal expert Ben Yelin discusses a recent supreme court ruling on restricting access to social media. Out guest, Ryan Kazanciyan, CSO at Tanium, describes what they've learned about the Petya ransomware pandemic that broke out worldwide yesterday after infecting its patient zero in Ukraine.

Sponsored Events

BSides Las Vegas (Las Vegas, Nevada, USA, July 25 - 26, 2017) BSides Las Vegas isn’t another “talk at you” conference. Everyone at BSides is a participant. Track after track, year after year, the security researchers, engineers, analysts and managers that present at BSidesLV are looking to engage our participants and be engaged by them. Our presenters don’t talk at you, they converse with you. Come join the conversation!

8th Annual Billington CyberSecurity Summit (Washington, DC, USA, September 13, 2017) The 8th Annual Billington CyberSecurity Summit September 13 in Washington D.C. brings together world-class cybersecurity thought leaders for high-level information sharing, unparalleled networking and public-private partnerships from a cross-section of civilian, military and intelligence agencies, industry and academia.

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

Cyber Attack Sweeps Globe, Researchers See 'WannaCry' Link (New York Times) A major global cyber attack on Tuesday disrupted computers at Russia's biggest oil company, Ukrainian banks and multinational firms with a virus similar to the ransomware that last month infected more than 300,000 computers.

Petya-inspired ransomware is déjà vu for still-vulnerable businesses (CSO) It’s déjà vu all over again as the aggressive Petrwrap global ransomware outbreak causes new headaches in Australia and abroad – and the global security community again excoriates businesses for poor patching and remediation strategies that make them sitting ducks for ransomware perpetrators.

A massive new ransomware attack is spreading around the globe (TechCrunch) A month after the WannaCry ransomware attack paralyzed connected systems worldwide, a new threat appears to be spreading quickly. As reports emerge, today's..

Ukraine Hit by Massive Cyberattack (Foreign Policy) It’s unclear who or what is behind it.

Cyber Attack Strikes Banks and Oil Giants in Russia and Ukraine (Fortune) Analysts suggest it could be a coordinated attack.

Neue Cyber-Attacke legt Dutzende Firmen lahm - deutsche Unternehmen betroffen (Tagesspiegel) Erneut hat ein Erpressungstrojaner in großem Stil zugeschlagen. Diesmal traf es viele Firmen in der Ukraine und die Sperrzone in Tschernobyl. Betroffen sind offenbar auch deutsche Firmen.

Everything to Know About The Latest Worldwide Ransomware Attack (Fortune) What it is, how it spreads and how to stay safe

Complex Petya-Like Ransomware Outbreak Worse than WannaCry (Threatpost) Today’s global ransomware attack is spreading via EternalBlue and through local networks using PSEXEC and WMIC.

Petya: The Sophisticated and Multi-Pronged Ransomware Attack (Recorded Future) A new cyber attack that is quickly spreading throughout the world appears to be delivering ransomware and a trojan information stealer. Learn more.

GoldenEye/Petya Ransomware (eSentire) A widespread ransomware outbreak is affecting numerous organizations in Europe, particularly in the Ukraine.

New Ransomworm Follows WannaCry Exploits (Fortinet Blog) We are currently tracking a new ransomware variant sweeping across the globe known as Petya. It is currently having an impact...

'NotPetya' ransomware hits '2,000 organisations' in WannaCry-style global outbreak (Computing) Attack uses multiple vectors, including NSA exploit EternalBlue

Ukraine hit first as banks, trains and power firms swamped by computer virus (Times (London)) It began with banks and power companies in Ukraine saying they were under cyberattack. Soon the claims flooded in from every corner of the country. Card payment systems failed on the Kiev Metro...

Ukraine Hit by Massive Cyberattack (Foreign Policy) It’s unclear who or what is behind it.

A Scary New Ransomware Outbreak Uses WannaCry's Old Tricks (WIRED) A type of ransomware researchers have identified as Petya (also called Petrwrap) began spreading internationally on Tuesday.

Explosive global attack delivers destructive Petya ransomware (Help Net Security) A variant of the Petya ransomware dubbed PetrWrap has started hitting companies across Ukraine, Russia and Europe.

Petya ransomworm's rapid spread: What the experts know right now (Security Brief) The Petya ransomware uses the EternalBlue exploit to not only infect files, but an entire system's drive. We get the latest from the experts.

New Ransomware Attack Targets Europe, U.S. Bracing (SIGNAL Magazine) Cyber experts in the United States are bracing for the effects of a massive cyber attack hitting Ukraine, primarily, and other European nations Tuesday.

Beyond WannaCry: The Next Evolution (Jask) Reports earlier today, spread of a widespread infectious Ransomware named Petya, targeting the Ukraine infrastructure (Power, Transportation, Finance) and other big companies around the world. It later came to light, that this attack could possibly…

Cylance Prevents Petya-Like Ransomware (Cylance) While analysis continues to identify the key aspects of this ransomware, know for now that if you use our endpoint protection product CylancePROTECT®, you were already protected from this attack.

‘Petya’ Ransomware Outbreak Goes Global (KrebsOnSecurity) A new strain of ransomware dubbed “Petya” is worming its way around the world with alarming speed. The malware is spreading using a vulnerability in Microsoft Windows that the software giant patched in March 2017 — the same bug that was exploited by the recent and prolific WannaCry ransomware strain.

Petya Or Not? Global Ransomware Outbreak Hits Europe's Industrial Sector, Thousands More (Dark Reading) With echoes of WannaCry, infections spread fast. Some security researchers describe malware as variant of Petya; others say it's a brand new sample.

Global Petya ransomware attack: Update 2 (SC Media US) Petya ransomware is spreading rapidly across the globe, in an attack that is reminiscent of the May 2017 WannaCry incident, multiple news sources are reporting.

U.S. hospitals have been hit by the global ransomware attack (Recode) The ransomware is linked to a leaked vulnerability originally kept by the National Security Agency.

Cyberattack: Ransomware hits Jawaharlal Nehru port operations in Mumbai (Hindustan Times) AP Moller-Maersk, one of the affected entities globally, operates the Gateway Terminals India at JNPT.

Global cyber attack hits UK firms as WPP reports hack (City A.M.) A massive cyber attack which has hit a number of institutions in Ukraine appears to be spreading across Europe.

Tasmanian Cadbury factory hit by Goldeneye ransomware (CRN Australia) Chocolate factory operations suspended as systems go down.

Global Companies Hit as Ransomware Attack Continues (Infosecurity Magazine) Companies in the UK, USA and across Europe are reported to have been infected with the widely-reported ransomware.

The 'Petya' cyber attack could be worse than the hack that crippled the NHS (The Independent) The ‘Petya’ cyber attack currently spreading around the world could be “bigger” than WannaCry, a cyber security expert says. The ransomware initially hit Ukraine, but the WPP has confirmed that several of its companies have also been affected by it.

#Petya Ransomware Spreading Beyond Ukraine, Expert Claims (Infosecurity Magazine) Attack appears to have spread to Spain, Russia, India and UK

Petya Ransomware Cripples Systems Like WannaCry – Worldwide (BeyondTrust) It is another week, and another widespread report of a significant cyber-attack across Ukraine which is also affecting organizations in Russia and througho

Wide-scale Petya variant ransomware attack noted (SANS Internet Storm Center) Sent from a reader earlier today: Hearing some rumors that the company Merck is having a major virus outbreak with something new and their Europe networks are affected more than their US offices. Have you heard anything on this?

Checking out the new Petya variant (SANS Internet Storm Center) This is a follow-up from our previous diary about today's ransomware attacks using the new Petya variant. So far, we've noted:

Latest Ransomware Hackers Didn't Make WannaCry's Mistakes (WIRED) The latest sweeping ransomware assault bares some similarity to the WannaCry crisis that struck seven weeks ago. Both spread quickly, and both hit high-profile targets like large multinational companies and critical infrastructure providers. But while WannaCry's many design flaws caused it to flame out after a few days, this latest ransomware threat doesn't make the same mistakes.

Today’s huge ransomware attack has only made about $7,500 so far (TechCrunch) Ransomware attacks are bigger than ever, but the payouts appear to be shrinking. While the ransomware suspected to be a variant of Petya makes headlines..

PETYA – Darwinism applied to cyberspace (CSO Online) PETYA ransomware struck on 27 June. The cure was released in April. Why did anyone get infected?

Hacker Behind Massive Ransomware Outbreak Can't Get Emails from Victims Who Paid (Motherboard) A German email provider has closed the account of a hacker behind the new ransomware outbreak, meaning victims can't get decryption keys.

Who is behind the latest cyber attack? (Financial Times) Ransomware exploiting same vulnerability as WannaCry hits computers around the world

‘Petya’ ransomware attack stems from NSA exploit - Snowden, security experts (RT International) The Petya ransomware that spread across the globe Tuesday was made possible thanks to EternalBlue – a hacking tool used by the NSA to exploit a Windows vulnerability it left open for five years, Edward Snowden and security experts have said.

Search on for source of cyberattack that crippled systems in Europe, U.S. (CBS News) Cybersecurity expert tells CBS News latest attack has "criminal motive" because suspects are asking for money

Policy, conflict, attribution, and preparing for more to come. (The CyberWire) Ukrainian authorities have their suspect, but attribution isn't going to be simple. What's clear, however, is that more such attacks can be expected.

Cylance vs. AES-NI aka SOREBRECT (Cylance) On the heels of WannaCry, or even in parallel, another type of ransomware is making the rounds: AES-NI. Over the past three months, researchers have identified three different versions – or generations – which have been detected in the wild and found at impacted organizations.

Hackers Demand Banks $315k Ransom or Face DDoS Attacks (HackRead) Armada Collective, a group of online attackers, is demanding a ransom payment of $315,000 from South Korean banks - In the case of refusal, the group has t

South Korean banks threatened with DDoS attacks unless they pay $315,000 (Help Net Security) South Korean banks are being threatened with crippling DDoS attacks unless they pay $315,000 in bitcoin to the Armada Collective.

No-Name Security Incidents Caused as Many Tears as WannaCry, Pros Say (Dark Reading) Half of security pros say they've worked just as frantically this year to fix other incidents that the public never heard about.

WannaCry Just Another Day at the Office Confirms Cybersecurity Professionals (GlobeNewswire News Room) 49% have experienced other similar cyberattacks

Cyberattackers Kick Down a Few Parliament Email Doors (TechNewsWorld) The United Kingdom's Parliament on Monday reported a cyberattack on its email system over the weekend, when hackers attempted to access user accounts without authorization.

Tory minister blames 'sloppy passwords' for Westminster cyber attack (Mirror) About 90 Westminster accounts were hacked, with the senior Minister blaming users for failing to beef-up their passwords to deter would-be hackers

Existing security can't handle DNS attacks (Computing.) All businesses agree that DNS protection is important - but few are doing it.

Metropolitan Police STILL using Windows XP on 18,000 PCs (Computing) And just EIGHT Met Police PCs upgraded to Windows 10

Practical ways to misuse a router (PT Security) Wi-Fi and 3G routers are all around us. Yet in just one recent month, approximately 10 root shell and administrator account vulnerabilities...

The Amazon Echo (Horror) Show (Graham Cluley) Well done. You just paid $299 for the benefit of having a Peeping Tom in your kitchen.

I Could Kill You with a Consumer Drone (Defense One) As a former intelligence soldier who now sells drones for a living, I can tell you that this problem is bigger than almost anyone realizes.

Oops: Microsoft's "Super-secure" Windows 10 S Hacked In 3 Hours (Fossbytes) To test the claims, folks at ZDNet hired a security firm. As a result, the hackers were able to breach Windows 10 S within 3 hours by using Microsoft Word's handling of macros.

Security Patches, Mitigations, and Software Updates

Google researcher uncovers another RCE in Microsoft Malware Protection Engine (Help Net Security) Google researcher Tavis Ormandy has unearthed yet another critical remote code execution vulnerability affecting the Microsoft Malware Protection Engine.

Microsoft plugs another critical hole in Windows Defender (CSO Online) Microsoft patched a critical RCE vulnerability in its Malware Protection Engine that could have been exploited without any user interaction.

Microsoft Quietly Kills Another Gaping Hole in Windows Defender (BleepingComputer) On Friday, Microsoft rolled out an out-of-band security update that patched a major security flaw in the Microsoft Malware Protection Engine (MsMpEng), a core security service part of the Microsoft ecosystem.

Microsoft: We'll beef up security in Windows 10 Creators Edition Fall Update (Register) EMETs? I've had a few

Major Hole Plugged in Secure File Transfer Tool (Threatpost) Biscom recently patched a stored cross-site scripting vulnerability in its secure file transfer product.

This Chrome Extension Scrubs Your Internet of Offensive Material (Motherboard) It's like an extra-effective trigger warning.

Cyber Trends

Criminalization of DNS for phishing continues to advance (Help Net Security) Cybercriminals have been shifting their tactics by registering more and more domain names, rather using web servers and domains they have hacked into.

A Discussion with Jeremy King, Founder & President of Benchmark Executive Search, On Why the Cybersecurity Sector Is Vitally Important to Securing Our Future (Hunt Scanlon) Corporate cybersecurity attacks are growing in magnitude, complexity and frequency, and these massive security lapses left an expanding list of major businesses compromised, including Yahoo Inc., Banner Health, Department of Justice, Snapchat, Democratic National Committee and LinkedIn, to name just a few. Demand for cybersecurity executives to bolster defenses and hold down the corporate fort, it turns out, is picking up.

New Zealanders’ Security Concerns Reach New Peak (Scoop) Identity theft, credit card fraud and natural disasters are top concerns for Kiwis

Marketplace

2017 State of Bug Bounty (Bugcrowd) Top trends in crowdsourced cybersecurity. Download the report to full report to learn the most reported vulnerabilities, average payout amounts, and industry adoption trends.

If you get hacked, your cybersecurity company may compensate you (MIT Technology Review) A small but growing number of cybersecurity companies are introducing warranty programs that can serve as insurance against the cost of a potential data breach.

JASK raises $12M in funding to help security pros prioritize threats with a crowdsourced AI model (GeekWire) Enterprise security is a much more labor-intensive task that a lot of people realize, and a new cybersecurity startup intends to use an artificial intelligence model to help security teams decide…

Sumo Logic Completes $75 Million Funding Round (Marketwired) Total funding approaches a quarter billion dollars; cements company's position as the SaaS machine data analytics solution of choice and category leader for the digital rra

SonicWall thrives after Dell split (CRN Australia) Company says channel strategy key to growth.

3 Reasons Palo Alto Networks Inc. Stock Could Rise (Motley Fool) The data-security provider wowed investors last quarter. What does it need to do to keep the ball rolling?

Trudeau says national security not jeopardized in China takeover of Norsat (The Globe and Mail) Prime Minister attests Canada would not move forward with Norsat deal if security risks were present

Thycotic Listed as One of the World's Hottest and Most Innovative Cybersecurity Companies to Watch in 2017 (PRNewswire) Thycotic, a provider of privileged account management (PAM) solutions for...

Products, Services, and Solutions

Barracuda Sentinel: AI for Real-Time Spearphishing and Cyber Fraud Defense (Barracuda) Barracuda Sentinel’s artificial intelligence engine learns organizations’ unique communications patterns to identify and block real-time spear phishing attempts.

Waratek Introduces New Security Features in June Release (PRNewswire) Waratek, the virtualization-based application security company, has added new critical protection features along with a security feature improvement to its existing solution.

NIKSUN Awarded Three Cryptographic Validations (BusinessWire) National Institute of Standards and Technology issues three cryptographic algorithm certificates to NIKSUN

SafeSwiss' world-leading encrypted messaging app extends support for a further four x Languages (MENAFN) SafeSwiss' world-leading encrypted messaging app extends support for a further four x Languages Fast-growing SafeSwiss™ platform improves support for users in HongKong, Japan,Taiwan, India,...

Technologies, Techniques, and Standards

Vaccine, not Killswitch, Found for Petya (NotPetya) Ransomware Outbreak (BleepingComputer) Cybereason security researcher Amit Serper has found a way to prevent the Petya (NotPetya) ransomware from infecting computers.

WannaCry and the Elephant in the Room (Security Compass) After the recent news of “WannaCry” Ransomware crippling systems worldwide, people have started to opine on the host of reasons this attack…

Why WannaCry Was a Wake Up Call for Critical Infrastructure Security (Security Week) Many OT networks are susceptible to threats like WannaCry

How to secure your CMS without patching (ITworld) In as little as four hours, the bad guys can reverse engineer a software patch for an open-source content management system (CMS) and build an exploit capable of turning millions of websites into spammers, malware hosts or DDoS attackers. A German project aims to beat the bad guys to it, without a patch.

Organizations are intimidated by global privacy and data security regulations (Help Net Security) While companies are intimidated by global privacy and data security regulations, they fail to understand necessary organizational changes to comply.

Security leaders need to focus on minimum effort, not minimum compliance (CSO Online) Experian's Michael Bruemmer takes a Security Slap Shot on the need to harness regulations to drive better security and not just minimum compliance.

Using Cyber War Games to Improve Incident Response (Security Week) When the financial services industry undertook a cyber attack simulation called Quantum Dawn in 2013, the exercise shined a spotlight on the importance of cyber war games in helping organizations improve incident response.

Cyber threats have been evolving, why hasn’t security education? (TECHSEEN) Parvinder Walia of ESET talks about the concerns of cyber threat in the industry and how it can be countered with security education and training

Research and Development

CipherLoc Patent's New Stealth Key Encryption Technology (Bay Street) CipherLoc Corporation (OTCQB: CLOK), a leading provider of highly secure data protection technology, today announced a set of innovations that could potentially eliminate the need to share cryptographic keys in certain environments.

Academia

Training the cyber Sherlocks (Herald Bulletin) With cyberattacks on the rise, so too is the need for experts to protect companies, government agencies and individuals from those attacks and the damage they can cause.

Students put cybersecurity skills to the test in cybertruck challenge (Detroit Free Press) How do cyber sleuths go about making security systems more secure?

Legislation, Policy and Regulation

Britain prepared to use air strikes or send in troops as retaliation against future cyber attack (The Telegraph) Britain could launch military retaliation such as air strikes against a future cyber attack, the Defence Secretary has suggested.

Trump, Modi call on Pakistan to stem terrorist attacks (Dawn) The two leaders "called on all nations to resolve territorial and maritime disputes".

US adds emir of Hizbul Mujahideen to list of global terrorists (FDD's Long War Journal) The US Department of State added Syed Salahuddin, leader of the Pakistan-supported Hizbul Mujahideen jihadist group, to its list of Specially Designated Global terrorists. State specifically designated Salahuddin for his activities in Kashmir, however he is part of the jihadist alliance which wages war throughout Afghanistan and India. Salahuddin, who is also known as Mohammad Yusuf Shah, is the emir of Hizbul Mujahideen, a jihadist group with close ties to other Pakistani terror groups that focuses on fighting in Indian Jammu and Kashmir, but also supports al Qaeda and other jihadist groups in Pakistan, Afghanistan, and India.

Pakistan comes out in support of militant designated as global terrorist by US, says he is a freedom fighter (The Straits Times) Pakistan came out in defence of militants fighting Indian security forces in Kashmir on Tuesday (June 27), saying it was a legitimate struggle for freedom, after the United States put the head of one of the groups on its list of global terrorists.. Read more at straitstimes.com.

Russia's Perpetual Geopolitics (Foreign Affairs) For centuries, Russia has been haunted by geopolitical ambitions that exceed its capabilities, and President Vladimir Putin’s recent attempts to secure Moscow a prominent place on the world stage represent a return to this historical pattern. Western leaders should respond to his efforts carefully, holding a firm line when necessary while avoiding unnecessary confrontations.

Opinion | Obama Choked on Russia Long Before the 2016 Election (Bloomberg) It's no wonder Putin thought he could meddle in the U.S. He had gotten away with everything else he tried.

Things to know about Germany's recent surveillance laws (Deutsche Welle) Germany has passed an unprecedented spate of new surveillance and security laws, often with impossibly long and hard to understand names. DW guides you through the most important of them.

Under Fire: Cipher Brief Wargame Shows Difficulty of Deterrence in Cyberspace (The Cipher Brief) It’s Labor Day, September 4, 2017, and the National Security Agency has just intercepted communications between the senior leadership of the Iranian Revolutionary Guard Corps, the militant purveyors of the 1979 Iranian Revolution, and employees of the Iranian companies ITSecTeam and Mersad.

HHS' Cyber Info Sharing Center: Is It Needed? (GovInfo Security) Does the healthcare sector need another cyber threat information sharing center? That’s a question some U.S. senators and others are asking as HHS prepares to

Litigation, Investigation, and Enforcement

Ukrainian military intelligence officer killed by car bomb in Kiev (the Guardian) Col Maksim Shapoval, who was head of a special forces unit, killed and passersby injured in terrorist act, government says

Shin Bet Chief: ‘We located over 2,000 potential terrorist threats since 2016’ (JerusalemOnline) Shin Bet Chief Nadav Argaman spoke at the Tel Aviv University Cyber Week conference and addressed how his organization deals with cybersecurity threats.

Gingrich: Congress has 'obligation' to call Obama to testify on Russia (POLITICO) "How can you be told the president of the United States knew last August the Russians were, in fact, involved in this and not ask him and ask him under oath?" he asks.

The ‘international man of mystery’ linked to Flynn’s lobbying deal (POLITICO) David Zaikin made Russian energy deals, advised Eastern European parties, brokered condos at Toronto’s Trump Tower, and teamed up with the man who hired Michael Flynn.

N.S.A. Warrantless Surveillance Aided Turks After Attack, Officials Say (New York Times) The National Security Agency used its warrantless surveillance program to help Turkey find the suspect in a terrorist attack at an Istanbul nightclub on Dec. 31 that killed 39 people and wounded dozens more, including an American who was shot, a senior F.B.I. official said Tuesday.

Guide to Posted Documents Regarding Use of National Security Authorities – as of June 2017 (IC on the Record) Set forth below are links to certain officially released documents related to the use by the Intelligence Community (IC) of national security authorities.

FBI, other agencies will be tapped to help spyware probe (Mexico News Daily) The Attorney General will seek assistance from the FBI and other agencies in its probe of spyware on the phones of lawyers, journalists and activists.

EU hammers Google with record $2.7 billion antitrust fine for illegal search manipulation (AppleInsider) The European Commission has wrapped up its antitrust investigation against Google, and has decreed that it must pay $2.72 billion to settle charges related to it favoring its own products over rivals in search results.

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

SIA GovSummit (Washington, DC, USA, June 28 - 29, 2017) The 2017 SIA GovSummit focuses on how government leverages security technologies to drive success across a wide spectrum of missions. Held annually in Washington, the Security Industry Association's government summit examines emerging policy trends, technology needs of the government and changes in the risk environment that shape development of products and advanced systems integration to meet evolving security challenges.

2017 Community College Cyber Summit (C3S) (National Harbor, Maryland, USA, June 28 - 30, 2017) 3CS is the only national academic conference focused on cybersecurity education at community colleges. Four tracks are available for college faculty and administrators, IT faculty who are involved or who would like to become involved in cybersecurity education, non-IT faculty in critical infrastructure fields who are interested in incorporating cybersecurity topics into their curricula, decision makers in positions that influence cybersecurity education programs, and community college students interested in learning about security or expanding their current knowledge.

Cyber Security Summit: DC (Washington, DC, USA, June 29, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: DC. Receive 50% off of a Full Summit Pass when you register with code CYBERWIRE50 (standard price of $350, now only $175 with code). Register at CyberSummitUSA.com. The Cyber Security Summit: DC is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts. for details visit CyberSummitUSA.com.

SINET New York connects the United States’ three most powerful institutions and evangelizes the importance of industry, government and academic collaboration on security initiatives. (New York, New York, USA, June 29, 2017) SINET New York connects the United States’ three most powerful institutions and evangelizes the importance of industry, government and academic collaboration on security initiatives.

CyberSecurity International Symposium (Chcago, Illinois, USA, July 10 - 11, 2017) The Symposium will take an in-depth look at the latest cyber security threats and trends, as well as real-world strategies for securing critical networks and data in enterprise, commercial, government and industrial environments. The event will bring together several hundred industry practitioners, researchers, regulators and solution providers for two days of in-depth, focused networking and information sharing at the cutting edge of cyber security. Many leading companies in the sector will be presenting.

East Midlands Cyber Security Conference and Expo (Leicester, England, UK, July 11, 2017) The conference and expo will bring together over 150 businesses, information security providers and key influencers to discuss the threats posed by online criminals and the practical ways in which business make themselves more resilient to cybercrime. Core themes will include: the evolving cyber threat; cyber resilience in the supply chain; and essential cyber skills.

Electronic Warfare Olympics & Symposium (Colorado Springs, Colorado, USA, July 13 - 14, 2017) The 2017 Electronic Warfare Olympics & Symposium will improve the capability, and marketability, of spectrum warriors by building the local EW/IO community. and bringing awareness to the capabilities in the region. The event will consist of speakers, government and industry exhibits, and Electronic Warfare Olympics.

3rd Edition CISO Summit India 2017 (Mumbai, India, July 14, 2017) Cyber security has gone through a tremendous change over the last couple of months. Ecosystem disruptions like demonetization, emergence of payment banks and fintech play have put technology as the sine qua non and a savior for banks. But gifts are bundled often with miseries. While technology works as a catalyst for scale and speed, security unpreparedness could play a spoilsport.

CYBERCamp2017 (Herndon, Virginia, USA, July 17 - 28, 2017) Always wondered what “cyber attacks” really are? How a special group of cyber warriors protect and defend our banks, stores, and electric plants every second? Join experts from the FBI and the foremost companies in the nation for an interactive #CYBERcamp in the National Capital Region. Cyber Camp 2017 is a summer camp in which students will have the opportunity to learn about various aspects of cyber security. Students will also gain practical skills through instruction by experienced security and information technology (IT) professionals, and hands-on exercises. The camp is divided into two 1-week segments:

National Insider Threat Special Interest Group - Insider Threat Symposium & Expo (Laurel, Maryland, USA, July 18, 2017) The National Insider Threat Special Interest Group (NITSIG) is excited to announce that it will hold a 1 day Insider Threat Symposium & Expo (ITS&E), on July 18, 2017, at the Johns Hopkins University Applied Physics Laboratory, (JHU-APL) in Laurel, Maryland. This is a MUST ATTEND event if you are involved in Insider Threat Program Management or are interested in Employee Threat Identification and Mitigation.

2nd Annual Billington Automotive Cybersecurity Summit (Detroit, Michigan, USA, July 18, 2017) The 2017 Billington Automotive Cybersecurity summit will build on the 2016 inaugural summit that brought together a who’s who of speakers including the CEO of GM and the Secretary of Transportation, prestigious media coverage from The New York Times and The Wall Street Journal and some 500 attendees. NOTE: Attendees must be citizens of U.S. or allied nations to attend this event.

SANSFIRE 2017 (Washington, DC, USA, July 22 - 29, 2017) Now is the time to advance your career and develop skills to better protect your organization. At SANSFIRE 2017, choose from over 45 hands-on, immersion-style security training courses taught by real-world practitioners. The site of SANSFIRE 2017 (July 22-29) is Washington Marriott Wardman Park.

ISSA CISO Executive Forum: Security Awareness and Training--Enlisting your entire workforce into your security team (Las Vegas, Nevada, USA, July 23 - 24, 2017) The gap in Security skills in the workforce have put the pinch on Security teams. Join us to learn how to get lean by empowering the rest of your organization to understand and manage security risks. We’ll cover secure-by-design concepts inherent in DevSecOps, effective training and awareness practices, and how to lead organizational change management to embed security into your company’s DNA.

AFA CyberCamp (Pittsburgh, Pennsylvania, USA, July 24 - 28, 2017) The AFA CyberCamp program is designed to excite students new to cybersecurity about STEM career opportunities and teach them important cyber defense skills through hands-on instruction and activities. Through the camp, students will learn how to protect their personal devices and information from outside threats, as well as how to harden entire networks running Windows 7 and Ubuntu operating systems. The AFA CyberCamp will culminate in an exciting final team competition that simulates real cybersecurity situations faced by industry professionals and mimics AFA’s CyberPatriot National Youth Cyber Defense Competition.

Cross Domain Support Element Summer Workshop 2017 (Laurel, Maryland, USA, July 25 - 26, 2017) The Unified Cross Domain Services Management Office (UCDSMO) is presenting a two-day workshop for the benefit of the Cross Domain Support Element (CDSE) Offices, and the personnel who support them. Topics will include an update to the Capabilities Portfolio, Baseline and Sunset Lists, the UCDSMO SharePoint sites, Labs and Lab Testing, updates on the CDS Overlays and the Cross Domain Risk Management process.

Black Hat USA 2017 (Las Vegas, Nevada, USA, July 26 - 27, 2017) Now in its 20th year, Black Hat is the world’s leading information security event, providing attendees with the very latest in research, development and trends. Black Hat USA 2017 kicks off with four days of technical Trainings (July 22-25) followed by the two-day main conference (July 26-27) featuring Briefings, Arsenal, Business Hall, and more.

RSA Conference 2017 Asia Pacific & Japan (Singapore, July 26 - 28, 2017) RSA Conference 2017 Asia Pacific & Japan is the leading information security event in the region. Join us for three days of high quality education, engaging content and valuable networking. Get exposure to innovative technologies and leadership that will help secure your organization and your future.

North American International Cyber Summit (Detroit, Michigan, USA, July 30, 2017) In its sixth year, the cyber summit brings together experts from across the globe to address a variety of cybersecurity issues impacting the world of business, education, information technology, economic development, law enforcement and personal use. Highly respected speakers from the public and private sectors will address emerging trends, technology and best practices. The event is open to the public and will feature information for individuals, families, educators, business professionals, law enforcement and government officials. The summit agenda will feature internationally recognized keynote speakers as well as experts from across the county to lead breakout sessions on featured industry topics.

Cyber Texas (San Antonio, Texas, USA, August 1 - 2, 2017) CyberTexas was established to provide expanded access to security developments and resources located in Texas; provide an ongoing platform for the education and skill development of cyber professionals & job creation; build strong relationships with other U.S. and International geographies focused on cyber ecosystem development; bring national and international resources to the region to showcase Texas-based cyber assets; identify and encourage business opportunities within and outside of Texas; and create long-term value for the cyber security ecosystem of San Antonio and the State of Texas.

Cyber Security Summit: Chicago (Chicago, Illinois, USA, August 8, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Chicago Receive 50% off of a Full Summit Pass when you register with code CYBERWIRE50 (standard price of $350, now only $175 with code). Register at CyberSummitUSA.com. The Cyber Security Summit: Chicago is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts. for details visit CyberSummitUSA.com.

PCI Security Standards Council: 2017 Latin America Forum (Sao Paulo, Brazil, August 9, 2017) Join your industry colleagues for a full day of networking and one-of-a-kind partnership opportunities. Whether you want to learn more about updates in the payment industry or showcase a new product, you’ll find it all at the 2017 Latin America Forum (LAF).

Sponsor & Support

Grow your brand, generate leads, and fill your funnel.

With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listens all over the world, companies trust the CyberWire to get the message out. Learn more.

Updates on the Petya/(Not)Petya/PetrWrap/Goldeneye pandemic, from Kiev to Tasmania, with stops in London, Mumbai, Copenhagen, Pittsburgh...(Anaheim, Azusa, Cucamonga...basically everywhere).