The CyberWire Daily Briefing 8.2.17

Summary

By The CyberWire Staff

Sweden's government struggles to lock down information security in the wake of the very large data exposure originating in the transport ministry.

Ukraine, facing continued Russian pressure in cyberspace, is also beefing up its defenses, probably with a significant degree of Western help.

BrickerBot is back, its author claiming responsibility for an attack on modems and routers in India.

FireEye confirms, again, that its own systems weren't penetrated by Hacker Group 31337 in Operation #LeakTheAnalyst, but does disclose that information about two customers was exposed in the successful hack of a Mandiant analyst.

Citing reports of spyware in their firmware, Amazon is stopping sales of low-cost Android phones produced by Blu Products.

Observers worry that the HBO hack (involving Game of Thrones among other properties) will prove a bellwether: a cheap way for a hacking group to gain publicity.

Bitcoin's hard fork occurred yesterday as expected, splitting into Bitcoin and Bitcoin cash. If the latter, smaller currency is successful, observers see positive competition. They also see jockeying for the legacy of legendary Bitcoin creator Satoshi Nakamoto, whoever he is.

The US Department of Justice has issued guidelines and best practices for setting up vulnerability disclosure programs, including bug bounties.

A bipartisan bill, the Internet of Things Cybersecurity Improvement Act of 2017, has been introduced into the US Senate. It will require vendors to meet certain IoT security standards before they can sell to the US Government. Supporters see it as an improvement over the "overly broad" legislation currently in effect.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Afghanistan, Australia, Canada, China, India, Kazakhstan, Oman, Russia, Sweden, Syria, Ukraine, United Arab Emirates, United Kingdom, and United States.

Get Smart on the Politics of Cyberspace

The future of an open, secure, and resilient internet is anything but certain. CFR’s Digital and Cyberspace Policy program cuts through the rhetoric to help you understand the politics of cyberspace. Through their “Net Politics” blog, reports, briefings, and interactive tools, the program’s leading cyber experts analyze the emerging global rules of cyberspace. Subscribe to their bimonthly newsletter to get their insights in your inbox.

On the Podcast

In today's podcast, we hear from our partners at Dragos, as Robert M. Lee reviews the basics of industrial control system attacks. Our guest is David Murray from Corvil, who talks about security in the financial markets.

Sponsored Events

The Cyber Security Summit: Chicago & NYC (Chicago, Illinois, USA, August 8, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from the U.S. Dept of Justice, Cybraics, CenturyLink, Alert Logic and more. Register with promo code cyberwire50 for half off your admission (Regular price $350).

Security In the Boardroom (Palo Alto, CA, USA, August 23, 2017) Cybersecurity is a boardroom topic in nearly every organization. For many boards, security has evolved from a technical risk to a top business risk. Cybersecurity is also a growth opportunity. Proper integration of security and privacy concerns can drive far more effective digital transformation efforts. However, the mystique around cybersecurity can prevent board members and management from improving their cyber fluency and driving required improvements. Please join The Chertoff Group for our Security in the Boardroom event where we will demystify cybersecurity technology and policy issues while providing practical tools that board members and management can use to improve their resiliency to cyber risk and drive competitive advantage.

Cyber Security Conference for Executives (Baltimore, MD, USA, September 19, 2017) The Johns Hopkins University Information Security Institute and COMPASS Cyber Security are hosting the 4th Annual Cyber Security Conference for Executives on Tuesday, September, 19. It will be held on the Homewood Campus of Johns Hopkins University. This year’s theme is, “Emerging Global Cyber Threats.” The conference will feature thought leaders across a variety of industries to address current cyber security threats to organizations and how executives can work to better protect their data.

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

The Islamic State’s Shock-and-Bore Terrorism (Foreign Policy) The "caliphate" has figured out how to make committing acts of terror easy. It's also made them boring.

Taliban video details takeover of eastern Afghan district (FDD's Long War Journal) The Taliban displayed US-supplied HUMVEES and Ranger pickup trucks used by the police and military that were captured or destroyed. The Taliban also seized a large quantity of rocket propelled grenade launchers, machine guns, rifles, mortars, and other weapons.

‘Our Future Will Be Violent Extremism’ (Foreign Policy) Kazakhstan — Central Asia’s most stable state — is waking up to the fact that Islamic extremism has planted its roots and is here to…

BrickerBot Dev Claims Cyber-Attack That Affected Over 60,000 Indian Modems (BleepingComputer) The author of the BrickerBot malware has claimed a cyber-attack that took place in various Indian states and has caused over 60,000 modems and routers to lose Internet connectivity.

A Look at JS_POWMET, a Completely Fileless Malware (TrendLabs Security Intelligence Blog) As cybercriminals start to focus on pulling off attacks without leaving a trace, fileless malware will become a more common attack method.

FireEye Confirm Two Customer's Details Exposed (Infosecurity Magazine) FireEye has confirmed that business documents related to two separate customers in Israel have been ‘exposed’.

Hacker Group 31337 Dumps Data Stolen From Mandiant Analyst (BankInfo Security) FireEye has confirmed that one of its Mandiant breach investigation employee's personal laptops was breached by hackers, and corporate data dumped. The hackers say

Amazon Halts Sale of Android Blu Phone Amid Spyware Concerns (Threatpost) Amazon said it will halt sale of popular low-cost Android phones made by Blu Products because of reports software on the phone is collecting and sharing user data without owner consent.

HBO hackers upload Games of Thrones episodes & other data on their site (HackRead) On 31st July, it was reported that HBO (Home Box Office) suffered a massive data breach in which hackers claimed to have stolen 1.5 terabytes of data from

Next week’s Game of Thrones script might have leaked online. Here’s why that’s so worrying (The Independent) A leaked Game of Thrones script appears set to show what's going to happen next week.

HBO hack: Game of Thrones & the cyber war on culture (The Memo) HBO hack: The Mother of Dragons is unimpressed. (Don't worry - no spoilers here).

HBO Hack Highlights Importance of Encryption, Data Governance (eSecurity Planet) Hackers recently claimed to have breached HBO's systems and stolen 1.5 TB of data including upcoming episodes of Ballers and Room 104, Entertainment Weekly reports.

Why you should view torrents as a threat (WeLiveSecurity) Despite their popularity among users, torrents are a very risky “business”. Apart from the obvious legal trouble you could face for violating the copyright of musicians, filmmakers or software developers, there are security issues as well.

Zscaler ThreatLabZ Reveals Malicious Content Delivered Over SSL/TLS Has More Than Doubled in Six Months (Cloud Security Solutions | Zscaler) Researchers share latest findings from the Zscaler Cloud showing increasingly sophisticated malware strains using SSL to encrypt activity

WTB: Wallet-snatch hack: ApplePay ‘vulnerable to attack’, claim researchers (Anomali) The intelligence in this week’s iteration discuss the following threats: Android Trojans, ApplePay, CowerSnail, Lipizzan, Ransomware, UniCredit Breach, Ursnif, Veritaseum, and Windows Vulnerabilities.

Threat Spotlight: Cryptocurrency Malware (Cylance) Cryptocurrencies such as Bitcoin have seen a recent increase in popularity among users and service providers.

'Anonymous' browsing data can be easily exposed, researchers reveal (the Guardian) A journalist and a data scientist secured data from three million users easily by creating a fake marketing company, and were able to de-anonymise many users

Anatomy of a privacy fail – when “Dark Data” gives away your identity (Naked Security) This week’s super-scary security topic is deanonymisation – we explain how it works.

MantisBT Input Validation Flaws in '/admin/install.php' and 'manage_user_page.php' Let Remote Users Conduct Cross-Site Scripting Attacks (Security Tracker) Version(s): prior to versions 1.3.12, 2.5.2, 2.6.0. Description: Two vulnerabilities were reported in MantisBT. A remote user can conduct cross-site scripting attacks.

Shark or not? 3 real-life security scenarios and how to tell which will really bite (Help Net Security) Let’s look at three real-life security scenarios. In each case, it wasn’t clear whether there was an incident, or a set of coincidences and false positives.

Here’s the ‘horrible stuff’ on the dark web: child sn*ff videos, WMD recipes, your phone number (miamiherald) Private cybersecurity firms increasingly collaborate with FBI as they scour the dark web for stolen credit card data. What they find is ‘varying degrees of shocking.’

IBM Security takes us on a tour of the Dark Web (TechRepublic) As the Dark Web becomes easier to access and use, cybercrime continues to rapidly grow.

CoinDash crowdfunding hack further dents trust in crypto-trading world (Register) $7m pilfered from investors, white hats on the trail

DDoS Attacks Come in Small Packages (TechCo) Too many websites are inadequately prepared to deal with small attacks. Learn how to protect your company's data from attacks.

Most damaging threat vector for companies? Malicious insiders (Help Net Security) According to SANS, 40% of respondents rated malicious insiders (insiders who intentionally do harm) as the most damaging threat vector they faced.

Breach at Third Party Contractor Affects 18,000 Anthem Members (Threatpost) Anthem last week began notifying 18,000 members affected by a data breach unrelated to 2015’s.

Scottish government suffered two ransomware attacks in the past 12 months (Computing) More attacks making it through Scottish government cyber defences without being detected

Data Breach Digest: Ransomware rising to the top of the nation-state threat vector list (SecurityInfoWatch) Motives for ransomware attacks now extend well beyond the traditional cybercriminal ploy for payout

DDoS attacks on gaming providers are causing mayhem for players everywhere (Future Five) The gaming industry is feeling the pressure of DDoS attacks, and none more so than over the last several weeks.

DDoS victims are often willing to pay out ransoms, says study (FierceTelecom) The threat that a business could become the victim of a ransomware-based Distributed Denial of Service (DDoS) attack continues to rise, with some security experts predicting that worldwide or large regional outages could take place.

Online gambling parasites must be curbed (Times (London)) When Dostoyevsky’s addiction to roulette left him deeply in debt, his money gone, his watch pawned, he wrote a novella in a matter of weeks to pay it all off: The Gambler. It captures well the...

Hackers hijack central Cardiff billboard to display swastikas and more... (Graham Cluley) Someone managed to seize control of a large digital advertising billboard on Cardiff’s main shopping street, forcing it to display a series of swastikas and far-right images.

Cyber Trends

Cyber Threats to Small and Medium Businesses in 2017 (Webroot) In 2017, the evolving cybersecurity landscape presents small- to medium-sized businesses (SMBs) with a host of new threats to their clients, their data, and their bottom line.

Medical device makers wake up to cyber security threat (Financial Times) Ethical hackers have warned of potentially lethal vulnerabilities in key equipment for years

Defending Against the Wrong Enemy (Haystax) It is easy, while evaluating attack vectors, researching competitors and gauging the threat from organized crime or foreign adversaries, to conclude that external attacks should be the primary focus of defense.

Only 36% of Global Financial Organizations are Confident about their Security Posture (Netwrix) Even though the financial industry has been a target for attackers for a long time, it is still struggling to protect against various IT risks, according to the Netwrix IT Risks Survey.

Most SMBs plan to outsource IT security this year (Help Net Security) SMB IT security is in danger. Most are not ready to address cybersecurity threats, and 80% will likely use a third-party IT security provider in 2017.

The rise of remote risk: Three trends increasing your threat profile (Computerworld) Technology has fundamentally changed the face of our workplaces.

Study: Majority of retailers feel 'vulnerable' to a data breach (Chain Store Age) While the number of cyber-attacks have declined in the last year, a majority of companies still feel susceptible to data threats.

Palo Alto Networks: Australia is resilient but overconfident about cybersecurity abilities (Security Brief) 36% of respondents lost at least $130,000 in data breaches in 2015-2016, and 40% have lost money in the last year alone.

Are Words Harming the Security Industry? (Infosecurity Magazine) To make claims that oversell and clearly cannot be substantiated is harming the credibility of the security industry.

Black Hat 2017: Insightful, but too much hype (CSO Online) Black Hat 2017 was a busy show, highlighting a healthy cybersecurity industry. But there was too much hype, misunderstanding, and proprietary agendas.

Marketplace

Despite Frequency and Awareness, Cyberinsurance Market Lags (Daily Business Review) Cybercrimes have been dominating our politics, our finances and our national security. Not a day goes by without news of another cyberattack, hacking scheme or massive data breach.

GuardiCore Extends Series B Funding Round to $35 Million Adding TPG Growth as a New Investor (GuardiCore) Funding to Accelerate Growth in Large Enterprise Accounts and Expand Further into Global Markets San Francisco, CA and Tel Aviv, Israel – GuardiCore, a leader in internal data center and cloud security, today announced that the company has raised an additional $15 million as an extension to its Series B funding round.

Verisk Analytics agrees to acquire G2 Web Services (Commercial Banking Business Review) Verisk Analytics has agreed to acquire Washington-based G2 Web Services for an amount of $112m.

Pulse Secure, LLC completes acquisition of the virtual Application Delivery Controller (vADC) Business from Brocade Communications Systems, Inc. (GlobeNewswire News Room) Acquisition will further strengthen Pulse Secure’s leadership position in Secure Access Solutions by adding a virtual ADC portfolio with software and virtualization capabilities supporting hybrid IT and Cloud deployments

Qualys Announces Agreement to Acquire Assets of Nevis Networks (markets.businessinsider.com) Qualys, Inc. (NASDAQ: QLYS), a pioneer and leading provider of cloud-based security and compliance solutions, today announced that it has entered into an asset purchase agreement with Nevis Networks, pursuant to which Qualys will acquire certain assets of Nevis Networks in a cash transaction.

Constellis buys Omniplex for investigation, intelligence community footprints (Washington Technology) Security services outfit Constellis picks up Omniplex World Services to combine technology and consulting work and grow in the intelligence community.

Wayne Rehberger: TASC’s Intell Business Main Driver Behind Merger With Engility (ExecutiveBiz) Wayne Rehberger, chief financial officer of Engility Holdings, has said the company’s decision to acquire professional services provider TASC in 2014 through a $1.3 billion stock deal was driven by the latter’s intelligence business...

TechBytes with Rami Essaid, Co-Founder and CEO at Distil Networks (MarTechSeries) In May, global leader in bot detection and mitigation, Distil acquired real-time human detection company Are You A Human (AYAH).

Mysterious company Palantir identifies potential crimes before they happen, like 'Minority Report' (One World Identity) Backed by PayPal cofounder and billionaire Peter Thiel, a secretive CIA-supported startup called Palantir specializes in predicting potential crimes with sophisticated data mining techniques.

What is Darktrace? (IT PRO) Meet one of the most innovative companies you’ve never heard of

Famed Jeep hackers and ex-Uber security chiefs join GM's Cruise Automation (TribLIVE.com) If you can't beat them, hire them. Perhaps two of the most famous vehicle hackers are again joining forces to tackle cyber security for self-driving ...

Cyber firm Blue Ridge promotes Gray to COO (Washington Technology) Government and commercial cyber outfit Blue Ridge Networks moves Maureen Gray from the vice president ranks up to chief operating officer.

Netronome Announces the Appointment Dr. Nils Rix as Senior Vice President of Sales (Businesswire) Netronome Announces the Appointment Dr. Nils Rix as Senior Vice President of Sales

Discover Financial Services CISO Jim McJunkin Joins NTSC Board of Directors (Payment Week) James W. McJunkin, Vice President & CISO, Corporate Security for Discover Financial Services, has been appointed to serve on the National Technology Security Coalition’s (NTSC) Board of Directors...

ThreatQuotient Appoints Gigi Schumm as SVP World Wide Sales (BusinessWire) ThreatQuotient today announced that Gigi Schumm has joined the company’s executive management team as Senior Vice President of World Wide Sales.

Products, Services, and Solutions

OBB: increasing quality and value (Open Bug Bounty Forum) So far, you have helped fixing over 40k vulnerabilities - an impressive and outstanding number you should deservedly be proud of!

Republican And Democratic Groups In Talks With Encrypted Messaging Company (BuzzFeed) After hacks during the 2016 election, the Democratic Congressional Campaign Committee moved to Wickr, an end-to-end encrypted messaging service for internal communications. The company says it's

Nmap 7.60 released: SSH support, SMB2/SMB3 improvements, 14 more scripts (Help Net Security) Nmap scripts can now perform brute force SSH password cracking, query servers about what auth methods and public keys they accept, and even log in.

JASK Unveils AI-Enabled Platform for Cyber-Security Threat Identification (Database Trends and Applications) JASK, which supports security analysts with artificial intelligence (AI), has announced the general availability of Trident, a new platform to help increase operational efficiency in security operations.

San Marcos keeps Kaspersky software despite U.S. agency warnings (Austin American Statesman) The city of San Marcos continues to use a Russian cyber security company’s software despite concerns about the Moscow-based firm.

Experian Uses Alternative Data to Help Verify International Identities (Payment Week) Today more and more people are transient and are moving to a new country for extended periods of time. In fact, latest statistics show that there are nearly 250 million international migrants worldwide…

Avast Integrates Security Assessment into its RMM Platform for Managed Service Providers (BusinessWire) With new SMB security assessment from AVG Business by Avast, MSPs can easily do real-time security assessments, present the data, and resolve issues.

Ixia's Active SSL Sheds Light On Encrypted Traffic (No Jitter) By employing a network packet broker, tool can handle decryption/encryption without negatively impacting performance.

Databarracks launches Business Continuity as a Service (BCaaS) to make credible continuity finally affordable for SMEs (RealWire) UK disaster recovery specialist today announces the launch of managed business continuity service. The service is aimed at UK SMEs, many of whom until now have struggled to implement and maintain cred

Forcepoint Simplifies Cybersecurity Through Cloud-Based Behavior Analytics (markets.businessinsider.com) Global cybersecurity leader Forcepoint today fortified its cloud security portfolio to empower security teams with new behavior-driven controls that simplify protection of employees, critical business data and intellectual property (IP).

Sumo Logic Launches Certification Program for Users of All Knowledge Levels (Marketwired) Sumo Logic, the leading cloud-native, machine data analytics platform delivering continuous intelligence, today announced the launch of the Sumo Logic Certification Program.

Karma’s next device is a Wi-Fi hotspot with built in Tor and a VPN (TechCrunch) Wi-Fi hotspot maker Karma Mobility will this fall unveil a specialized version of its KarmaGo hotspot device that includes built-in security features,..

Technologies, Techniques, and Standards

US DOJ publishes guidelines for setting up a vulnerability disclosure program (Help Net Security) The US Department of Justice has just released a guidance document for adopting a vulnerability disclosure program for online systems.

Bitcoin Just Split Into Two Different Versions (Motherboard) The first "hard fork" in bitcoin's history just occurred.

Why the Bitcoin network just split in half and why it matters (Ars Technica) Two rival versions of Bitcoin might be better than one.

6.32pm, Tuesday 1 August: First block mined for Bitcoin 'hard fork' Bitcoin Cash (Computing) Virtual windfall for Bitcoin holders - but only if they also hold their private key

Most GDPR-compliant organisations are actually not (Computing) Only two per cent of 'GDPR-ready' organisations are actually compliant

Weaponizing machine learning to improve cyber defenses (Help Net Security) As machine learning cyber defense technologies become increasingly numerous, so will offensive ones - whether wielded by attackers or pentesters.

Unpacking and Exploring the Relationship between Crisis Management and Social Media in the Era of ‘Smart Devices’ (Homeland Security Affairs) The rise of social media and the broad diffusion of ‘smart devices’ in contemporary society have profound implications for crisis management...

Preventing Petya and Other Types of Ransomware (BeyondTrust) The recent ransomware events have a few things in common – they target Windows operating systems and are largely preventable, but IT organizations have to

What is the Army doing to secure and defend its cyber terrain? (Fifth Domain) This is part six of a series exploring the differences between military cyber forces, capabilities, mission sets and needs.

It’s time for security leaders to challenge dogma (CSO Online) Jason Brvenik, CTO of NSS Labs, discusses why security leaders need to challenge dogma and replace outsized assumptions with evidence and better action.

Security Leadership: 5 Habits of Highly Effective CISOs (Bricata) The CISO faces something of a paradox in information security (infosec): While charged with keeping an organization’s networks and data safe, the CISO usually doesn’t control all the resources required to protect it.

Smart, safe and secure… (Oman Tribune) With smart city projects dotting towns and smart buildings becoming very prevalent, preparing them to tackle cyber risks has become equally important.

UAE smart bUAE smart building industry needs a to develop a cohesive ecosystem to safeguard against potential cyber risks (Wealth Monitor) As smart cities become a reality in the GCC, smart buildings are increasingly becoming more prevalent because of the optimized efficiency and convenience they offer, …

What You Should Know Before Selecting a Wireless Modem (Electronics 360) Wireless modems are entering a new arena. As manufacturers hit the market with newer devices that feature the latest wireless standards, the list of devices supported by internet service providers (ISPs) is growing.

12 signs you've been hacked -- and how to fight back (CSO Online) Redirected internet searches, unexpected installs, rogue mouse pointers: Here's what to do when you've been 0wned.

Design and Innovation

New Pilot Offers Anonymous Secure Data Transfers, from Chronicled (IoT Evolution) In a recent press release, Chronicled, a security developer, has announced the completion of a technical pilot demonstrating a cryptographic method of anonymously transferring a Serialized Global Trade Item Number (SGTIN).

Research and Development

Abine receives broad patent for privacy and identity protection (PRNewswire) Abine Inc., The Online Privacy Company, today announced that the United States...

Peter Cochrane: The 'war of the wireless antennas' won't be won without a fundamental rethink (Computing) The release of wireless spectrum is one thing, but how can antenna technology efficiently manage the many different bands and technologies? Peter Cochrane suggests that it can't.

Academia

Carnegie Mellon hacking team emerges as strongest in DefCon history with fourth win (New Kerala) At a time when the need and demand for cybersecurity expertise is at its highest, Carnegie Mellon University's hacking team won its fourth "World Series of Hacking" title this weekend at the DefCon security conference in Las Vegas.

CSU Computer Science Researchers Earn Federal Grant To Develop Cybersecurity Training Tool (Columbus State News) The National Security Agency has awarded Columbus State University researchers a $174,000 grant to develop an intelligent tool for rapid cybersecurity training and curriculum development.

Prime partners with Australian university (Defence Connect) The University of Sydney will look to capitalise on new opportunities in the aerospace, defene, security and transportation fields with its new partnership with global technology leader, Thales...

Legislation, Policy and Regulation

New Bill Seeks Basic IoT Security Standards (KrebsOnSecurity) Lawmakers in the U.S. Senate today introduced a bill that would set baseline security standards for the government’s purchase and use of a broad range of Internet-connected devices, including computers, routers and security cameras.

Internet of Things Cybersecurity Improvement Act of 2017 (Scribd) U.S. Sens. Mark R. Warner (D-VA) and Cory Gardner (R-CO), co-chairs of the Senate Cybersecurity Caucus, along with Sens. Ron Wyden (D-WA) and Steve Daines (R-MT) today introduced bipartisan legislation to improve the cybersecurity of Internet-connected devices.

Sweden scrambles to tighten data security as scandal claims two ministers (Guardian) Six state agencies being checked after leak of sensitive data potentially including information on people in witness protection

Ukraine finally battens down its leaky cyber hatches after attacks (Reuters) When the chief of Microsoft Ukraine switched jobs to work for President Petro Poroshenko, he found that everyone in the office used the same login password. It wasn't the only symptom of lax IT security in a country suffering crippling cyber attacks.

Latest Diplomatic Rift Places US, Russia on Edge of ‘Tipping Point’ (Russia Matters) The Russian government’s recent announcement of its decision to eject American diplomats and block access to two diplomatic properties may signal an approaching tipping point in the United States-Russia relationship.

Tillerson: I've told Russia our relationship can get worse, 'and it just did' (POLITICO) "The situation’s bad, but believe me, it can get worse’ — and it just did,” Rex Tillerson told reporters.

Should governments keep vulnerabilities secret? (Naked Security) The ‘secret vulnerability stash’ debate rages on.

What do DoD officials think of splitting NSA/CYBERCOM dual hat? (C4ISRNET) A new wide-ranging Government Accountability Office report presents advantages and disadvantages expressed by officials canvased in regard to the leadership arrangement of these two agencies.

Senate confirms Trump nominee Christopher Wray as next FBI director (Washington Examiner) Wray's nomination has been seemingly drama free, despite the drama that led to the nomination.

Trump reportedly considering AG Jeff Sessions to lead Homeland Security Department (AL.com) President Donald Trump is considering naming embattled Attorney General Jeff Session to lead the Department of Homeland Security, according to reports.

SECURITY: White House shakeup leaves gap in U.S. cyber leadership (EE News) President Trump's latest reboot of the chaotic White House operations includes a new, conflict-tested chief of staff in former Marine Corps Gen. and Secretary of Homeland Security John Kelly.

Creepy Canadian App Gives Citizens Points for Making Government-Approved Choices (FEE) Ontario announced earlier this month that it will become the fourth Canadian government to fund a behavioral modification application that rewards users for making “good choices” in regards to health, finance, and the environment.

Litigation, Investigation, and Enforcement

Former Obama Aide Ben Rhodes now a person of interest in unmasking investigation (Circa) Former Obama White House National Security Adviser Ben Rhodes is now an emerging as a person of interest in the House Intelligence Committee’s unmasking investigation.

Spy agencies changed rules, making it easier to unmask members of Congress (TheHill) The procedures issued by former Director of National Intelligence James Clapper formally supplanted a 1992 set of rules.

Robert Mueller enlists former DOJ official who worked on foreign bribery cases: Report (Washington Examiner) Greg Andres is the 16th lawyer to join Mueller's team.

Appeals court allows lawsuit against CareFirst to advance (Washington Business Journal) A court said CareFirst Inc. customers can proceed with a lawsuit they've filed against the Owings Mills, Maryland, insurer over a 2014 data breach that affected more than 1 million members.

Lawsuit accuses DoD of not securing millions of troops' personal info (Military Times) Vietnam Veterans of America is suing the Defense Department for potentially exposing personal information of millions of current and former service members through lax oversight of its Servicemembers Civil Relief Act website.

Centripetal Networks Files Patent Infringement Complaint Against Keysight Technologies and Ixia (PRNewswire) Centripetal Networks, the first company in the cybersecurity market to...

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

newly Noted Events

4th Annual Industrial Control Cybersecurity Europe (London, England, UK, September 19 - 20, 2017) Against a backdrop of targeted Industrial Control System cyber attacks against energy firms in the Ukraine power industry, the massive attacks against the Norway oil and gas industry, cyber attacks on Saudi Aramco and the new and continued threats such as Crash Override malware, Stuxnet, Havex, Dragonfly, Black Energy, and the potential impact of ransomware like #Wannacry on industrial control systems, the Cyber Senate return for the 4th Annual Industrial Control Cybersecurity Europe meeting to bring key stakeholders together to address our responsibility in ensuring the safety, reliability and stability of our Critical National Infrastructure.

2017 Washington, D.C. CISO Executive Leadership Summit (Washington, DC, USA, September 21, 2017) Highly interactive sessions will provide many opportunities for attendees, speakers and panelists to be engaged in both learning and discussion. The objective for the day is to deliver high quality useful information that attendees can develop into an action plan. Key Areas of Focus Include: Strategy, Process Improvement and Alignment, Innovation and Technology; Career Management and Leadership Development.

4th Annual Industrial Control Cyber Security USA Summit (Sacramento, California, USA, October 3 - 4, 2017) Against a backdrop of targeted Industrial Control System cyber attacks, such as those against energy firms in the Ukraine power industry, the massive attacks against the Norway oil and gas industry, cyber attacks on Saudi Aramco and the new and continued threats such as Crash Override malware, Stuxnet, Havex, Dragonfly, Black Energy, and the potential impact of ransomware like #Wannacry on industrial control systems, the Cyber Senate return for the 4th Annual Industrial Control Cybersecurity USA meeting to bring key stakeholders together to address our responsibility in ensuring the safety, reliability and stability of our Critical National Infrastructure

Aviation Cyber Security (London, England, UK, November 21 - 22, 2017) Join us on November 21/22 in London, England for the Cyber Senate Aviation Cyber Security Summit. We will address key issues such as the importance of information sharing and collaboration, supply chain and third party risk, incident response, integrating of cyber security and safety, IT and OT convergence, Security Operations Centres and much more as we further develop our collective insight in how we can mitigate risk and develop resilient end to end networks capable of delivering safety and value to all stakeholders.

upcoming Events

Cyber Security Summit: Chicago (Chicago, Illinois, USA, August 8, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Chicago Receive 50% off of a Full Summit Pass when you register with code CYBERWIRE50 (standard price of $350, now only $175 with code). Register at CyberSummitUSA.com. The Cyber Security Summit: Chicago is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts. for details visit CyberSummitUSA.com.

PCI Security Standards Council: 2017 Latin America Forum (Sao Paulo, Brazil, August 9, 2017) Join your industry colleagues for a full day of networking and one-of-a-kind partnership opportunities. Whether you want to learn more about updates in the payment industry or showcase a new product, you’ll find it all at the 2017 Latin America Forum (LAF).

2017 DoDIIS Worldwide Conference (St. Louis, Missouri, USA, August 13 - 16, 2017) Hosted annually by the DIA Chief Information Officer, the DoDIIS Worldwide Conference features a distinguished line-up of speakers and an extensive selection of breakout sessions allowing attendees to gain insight and interact with experts in smaller settings. This year’s conference presents an exciting and unique opportunity to directly engage with senior leaders from the Intelligence Community, Department of Defense, and industry about the IT complexities and challenges impacting the mission user.

SANS New York City 2017 (New York, New York, USA, August 14 - 19, 2017) Be better prepared for cyber-attacks and data breaches. At SANS New York City 2017 (August 14-19), we offer training with applicable tools and techniques for effective cybersecurity practices. Gain the skills and tools you need to win the battle against the wide range of cyber adversaries who want to harm your environment.

Information Security Summit 2017 (Hong Kong, August 15 - 16, 2017) Effective Use of Analytics and Threat Intelligence to Secure Organizations: The Information Security Summit 2017 is a Regional Event with the aim to give participants from the Asia Pacific region an update on the latest development, trends and status in information security.

TechFest (Louisville, Kentucky, USA, August 16 - 17, 2017) TechFest is a biannual summit designed to bring together technology professionals for learning and networking. Attendees will have opportunities to explore economic development avenues for their businesses, connect with regional IT leaders, and learn about emerging technology. Among the topics addressed will be cybersecurity- hacking, malware, exploits, skimmers, new standards and policies in key industries.

The Chertoff Group Security Series: Security In The Boardroom (Palo Alto, California, USA, August 23, 2017) The Chertoff Group Security Series will aim to enhance and add to the Security in the Boardroom conversation by applying our insights into technology, threat, and policy to help executives respond to the evolving threat environment.

U.S. Department of Commerce Cybersecurity Awareness Day (Washington, DC, USA, August 24, 2017) On August 24, 2017, the Department of Commerce headquarters is planning the Cybersecurity Awareness Day event which will host guest speakers from throughout the Cybersecurity community. The 2017 Cybersecurity Awareness Day and Expo will feature timely, topical, and thought-provoking presentations, bringing together cybersecurity workforce, training, and educational leaders from academia, business, and government for one day of focused discussions. In light of current events involving unauthorized disclosures, sensitive and/or classified information leaks, and breaches of personally identifiable information in cyberspace, it is imperative that sound practices are incorporated. The agenda will include speakers from Industry and Government.

7th Annual Cybersecurity Training and Technology Forum (Colorado Springs, Colorado, USA, August 30 - 31, 2017) CSTTF is designed to further educate Cybersecurity, Information Management, Information Technology, and Communications Professionals by providing a platform to explore and enhance cyber resilience, collaboration, threat intelligence, information sharing, workforce development, and risk management. This will be accomplished through a number of in-depth sessions and panel discussions, along with cybersecurity exhibits provided by industry and government partners.

SANS Network Security 2017 (Las Vegas, Nevada, USA, September 10 - 17, 2017) SANS is recognized around the world as the best place to develop the deep, hands-on cybersecurity skills most in need right now. SANS Network Security 2017 offers more than 45 information security courses taught by SANS' world-class instructors, with dynamic content on the hottest information security issues. Join us for immersion training that will provide you with the cutting-edge skills to defend your organization against security breaches and prevent future attacks.

Finovate Fall 2017 (New York, New York, USA, September 11 - 14, 2017) FinovateFall 2017 will begin with the traditional short-form, demo-only presentations that more than 20,000 attendees from 3,000+ companies have enjoyed for the past decade. After two days of Finovate’s inspiring short-form demos, stay on for another day and a half of practical advice from your peers and industry gurus alike. Determine just how you will incorporate the latest fintech innovations into your product road map.

PCI Security Standards Council: 2017 North America Community Meeting (Orlando, Florida, USA, September 12 - 14, 2017) Join your industry colleagues for three days of networking and one-of-a-kind partnership opportunities. Whether you want to learn more about updates in the payment industry or showcase a new product, you’ll find it all at the 2017 Community Meetings.

8th Annual Billington CyberSecurity Summit (Washington, DC, USA, September 13, 2017) The 8th Annual Billington CyberSecurity Summit September 13 in Washington D.C. brings together world-class cybersecurity thought leaders for high-level information sharing, unparalleled networking and public-private partnerships from a cross-section of civilian, military and intelligence agencies, industry and academia. Keynotes from The Honorable Daniel Coats, Director of National Intelligence, Representative William Hurd, R-Texas, General Joseph Votel, Commander, United States Central Command, Robert Joyce, Special Assistant to the President and Cybersecurity Coordinator, The White House, Grant Schneider, Acting CISO, Office of Management and Budget, (invited), plus CISOs from DHS, DoD, HHS and the CIO for USCYBERSOM. Full agenda <a href="http://www.billingtoncybersecurity.com/8th-annual-billington-cybersecurity-summit/agenda/" target="_blank">here</a>.

Cyber Security Summit: New York (New York, New York, USA, September 15, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: New York. Receive 50% off of a Full Summit Pass when you register with code CYBERWIRE50 (standard price of $350, now only $175 with code). Register at CyberSummitUSA.com. The Cyber Security Summit: New York is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts. for details visit CyberSummitUSA.com.

Sponsor & Support

Grow your brand, generate leads, and fill your funnel.

With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listens all over the world, companies trust the CyberWire to get the message out. Learn more.

Sweden, Ukraine, shore up cybersecurity. BrickerBot is back. Operation #LeakTheAnalyst update. Amazon halts sales of Blu Android phones. HBO hack updates. Bitcoin's hard fork occurred yesterday. US DoJ issues bug bounty guidelines. US Senators introduce IoT security legislation.