The CyberWire Daily Briefing 3.1.17

Summary

By The CyberWire Staff

Contrary to some initial alarmist screamers, yesterday's Internet outages (or more properly outages experienced by a large number of sites and apps) weren't caused by an attack, but rather by problems in Amazon's S3 cloud storage service. Ars Technica calls the incident "sputtering." It originated with errors in Amazon servers in the US state of Virginia. Outages were widespread, but were particularly severe on the North American East Coast. The incident is a reminder of how much infrastructure is in the hands of the private sector, especially in the US. Wired sees the outages as evidence that industry consolidation can compromise resilience. Services appear to have returned to normal last night.

IBM's X-Force looks at the venerable Dridex banking Trojan and notices that it's been updated to incorporate a more evasive injection technique, "AtomBombing." The new edition of Dridex (version 4) is active in the wild against banks in the UK and is expected to spread rapidly.BitSight's Anubis Labs warns that the Necurs spam botnet has been upgraded with a distributed denial-of-service capability that could outstrip the capacity Mirai demonstrated.

In industry news, Palo Alto Networks has announced its acquisition of behavioral analytics shop LightCyber.

Companies that collect data internationally (essentially any businesses working online) have yet to come to grips with GDPR compliance. The European Union's data protection regime will take full effect on May 25th, 2018, a date that will arrive with indecent haste.

The US Congress is thinking about how cyber attacks might constitute acts of war.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Australia, Austria, Bahrain, China, Denmark, European Union, Iran, Israel, Kuwait, Oman, Russia, Saudi Arabia, Singapore, Turkey, United Arab Emirates, United Kingdom, and United States.

On the Podcast

In today's podcast we hear from our partners at the University of Maryland, as Jonathan Katz reviews encryption schemes. We'll also have a guest who'll give us an expert perspective on the Snake Wine campaign recently discovered in Japan: Jon Gross of Cylance will give us the inside word.

Our special edition looking at the security uses of artificial intelligence is also up. Give it a listen if you're interested in hearing what experts at RSA 2017 had to say on the topic.

We're pleased to note that Digital Guardian has added the CyberWIre to its list of the thirty-five best information security podcasts.

Sponsored Events

Jailbreak Security Summit - Insecurity Tools (Laurel, Maryland, USA, April 28, 2017) Join some of the world's best security researchers as they talk about vulnerabilities in security tools at the only computer security event held at a production brewery. Attendance is limited to 100 to keep the Security Summit small and encourage conversation between speakers, attendees, and sponsors.

2nd Annual Cyber Investing Summit (New York, New York, USA, May 23, 2017) The 2nd Annual Cyber Investing Summit is an all-day conference focusing on investing in the cyber security industry. Attendees will explore the financial opportunities, trends, challenges, and investment strategies available in the high growth cyber security sector.

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

Amazon cloud sputters for hours, and a boatload of websites go offline (Ars Technica) IoT devices and even “Is it down right now”? went down during Amazon S3 outage.

Major outage on AWS S3 causes havoc for millions (Computing) Websites, apps and IoT services all knocked offline,Cloud and Infrastructure,Storage ,Amazon,Cloud Computing,smb-services,SMB Spotlight

The Amazon S3 Outage Is What Happens When One Site Hosts Too Much of the Internet (WIRED) Corporate consolidation in tech has implications for competition—but it also affects the resilience of the internet itself.

Amazon Web Services outage downs major websites (CRN Australia) S3 fault lasted roughly four hours.

Amazon cloud service outage breaks parts of the Internet (Los Angeles Times) Amazon's cloud-hosting service, Amazon Web Services, was experiencing problems in its eastern U.S. region on Tuesday, causing widespread problems for websites and apps.

Amazon AWS S3 outage is breaking things for a lot of websites and apps (TechCrunch) Amazon's S3 web-based storage service is experiencing widespread issues, leading to service that's either partially or fully broken on websites, apps and..

Massive East Coast Internet Outage Pinned On Amazon Cloud Failure (Zero Hedge) Update 2: according to the latest, at 11:35 AM PST: "We have now repaired the ability to update the service health dashboard. The service updates are below. We continue to experience high error rates with S3 in US-EAST-1, which is impacting various AWS services. We are working hard at repairing S3, believe we understand root cause, and are working on implementing what we believe will remediate the issue."

There Will Always Be Internet Outages, So Buckle Up (Motherboard) Cloud computing providers even make their customers sign agreements allowing them to have downtime.

FAQ: How MINDEF's Internet system could have been breached and by whom (Channel NewsAsia) Professionals with substantial resources and skills likely carried out the breach - although MINDEF may never get to the bottom of why it had been attacked, or by whom exactly, a cyber security expert says.

Web Cache Deception Attack Tricks Servers Into Caching Pages with Personal Data (BleepingComputer) Caching servers commonly deployed with big-name services will often cache the incorrect page content, including personal details, when the user accesses a non-existent resource, such as CSS or JavaScript files.

Unpatched SMB Zero Day Easily Exploitable (Threatpost) Researchers claim the unpatched SMB zero day that affects Windows can be exploited a number of ways.

ESET antivirus opens Macs to remote code execution (Help Net Security) Like any other software, security software is sure to have some vulnerabilities that can be exploited by attackers. antivirus macs remote code execution

Google Security Researcher Finds Security Hole in ESET's Mac Antivirus (BleepingComputer) Mac users utilizing ESET's endpoint antivirus are advised to update to version 6.4.168.0 as soon as possible in order to mitigate a serious issue that allows attackers to execute arbitrary code on their machines.

Dear Kaspersky Lab: Yours is a very bad installer [Updated] (Ars Technica) Installing Kaspersky Internet Security reveals some gaps in software security practices.

Torvalds Downplays SHA-1 Threat to Git (Threatpost) The ramifications of the recent SHA-1 collision attack have extended to Git and the Apache Subversion repository, both of which rely on the outdated and vulnerable hashing algorithm.

Dridex Trojan Gets A Major ‘AtomBombing’ Update (Threatpost) Dridex has undergone a massive update and now sports a new injection method for evading detection based on the technique known as AtomBombing.

Massive Necurs Spam Botnet Now Equipped to Launch DDoS Attacks (Dark Reading) With more than one million active bots at any time, a Necurs-enabled DDoS attack could dwarf such an attack by the Mirai botnet.

Almost all Windows vulnerabilities are enabled by liberal 'admin rights' (Inquirer) Windows 10 shamed as 'having the highest proportion of flaws of any OS'

Siemens RUGGEDCOM NMS Equipment Vulnerable to CSRF, XSS (Threatpost) Siemens line RUGGEDCOM NMS products suffers from vulnerabilities that could allow an attacker to perform administrative actions.

White Hat Hackers Warn Of Easy To Hack Household Robots (Motherboard) Your friendly house robot is probably trivially easy to hack.

"Internet of things" makes us vulnerable to cyber-attack - Imperial expert (IT Business Net) We must look to supercomputing to protect our privacy and security in an ever more connected world, says Professor Nick Jennings.

The ABC’s of APTs: Shamoon (CyberWatch) Welcome to the grey zone where politics and cyber meet. APTs or advanced persistent threats, are one of my favourite acronyms (but then you know how I am intrigued by Stuxnet and cartels), and esse…

Gulf cyber attacks on rise, conference told (The Nation) Gulf countries must tighten coordination to fight an increasing number of cyber attacks, experts said on Monday, as one official blamed hackers in

Saudi facilities sustained nearly 1,000 cyber attacks in 2016 (Arab News) Saudi Arabia’s institutions and facilities sustained nearly 1,000 cyberattacks in 2016 from hackers seeking to prevent services, steal data and target infrastructure, according Saleh Ibrahim Al-Motairi, director general of the National Cyber Security Center.

With 1.2 million phishing attacks, 2016 was a success for cybercriminals (Help Net Security) The total number of phishing attacks in 2016 was 1,220,523. This number represents the highest ever recorded, and fully a 65 percent increase over 2015.

Cyber espionage seen expanding to grasp Trump policy changes (The Star) US government agencies, think tanks and political groups should expect an increase in cyber espionage as countries like Iran try to grasp changing foreign and military policies under the new Trump administration, according to FireEye Inc.

Cyberattacks on global democracy among regional fears, says IBM: Malaysia security interview (MIS Asia) 'There is no doubt that security is now a board level issue and organisations are realising that security is not just about risk management,' says IBM Security's Jean-Claude Broido.

Security Alert: New TorrentLocker Variant Targets Denmark in Ransomware Attacks - Heimdal Security Blog (Heimdal Security Blog) This new TorrentLocker variant not only encrypts your data and asks for ransomware, but it also steals your confidential login data:

Trend Micro report: Ransomware booming (CSO Online) The profitability of ransomware made it the top cyber threat last year in two categories: the number of attacks and the amount of money generated for crooks, according to a Trend Micro lookback on data it collected from its customers.

For Sale: W-2s and the GozNym Botnet (Wapack Labs) On February 17, 2017 Wapack Analysts observed a deep web market vendor advertising 2016 U.S. W-2’s with dates of birth (DOB) and U.S./EU ba...

Smart teddy bear maker faces scrutiny over data breach response (CSO Online) Did a toymaker ignore warnings about a data breach? That’s a key question swirling around Spiral Toys, a company behind a line of smart stuffed animals that security researchers worry can be easily hacked.

In the Wrong Hands: Child Identity Theft (KSTP) It’s a crime that happens in the Twin Cities: children’s financial identities are being stolen and parents often don’t know it’s even happened until much later, according to law enforcement...

Security Patches, Mitigations, and Software Updates

Gatekeeper-like feature for Windows 10 only allows apps to be installed from the Microsoft Store (Graham Cluley) A new feature could see Windows 10 behaving like Apple's Gatekeeper by blocking app installations that occur outside the Microsoft Store.

Cyber Trends

The Internet Of Things Takes Shape (SIGNAL Magazine) U.S. Defense Department researchers are meeting some goals ahead of schedule in their work on a program that may help make the Internet of Things a reality for the military and the rest of the world.

Clouding the Vision Of the Internet of Things (SIGNAL Magazine) The move to cloud computing is daunting enough for corporations and governments, but add in the advancing Internet of Things, and any hopes of simple solutions to challenges vanish.

Security Concerns Rising in the Age of IoT (SIGNAL Magazine) Behind the headlines of these gee-whiz cyber technologies lurks a shortcoming. It is one that poses significant threats to national security but could be remedied fairly easily, some experts offer.

Responding to cyber threats in the terabit era (TechRepublic) Prepare for a new wave of cutting-edge cyber attacks linked to emerging technologies like networked IoT devices. Deloitte vice chairman Paul Sallomi explains how hacks are evolving in the terabit era.

Apple's macOS is the safer choice – but not for the reason you think (Register) Eugene Kaspersky looks forward to a new darker dawn

Marketing Is Ravaging Cybersecurity (Command Line) It’s an interesting thing to see an industry approach a dangerous inflection point. If you focus closely, you can actually smell the vapor…

RSA Security Conference 2017 and the Cloud (SecureSpeak) Last week, I once again had the pleasure and privilege of attending the RSA Conference in San Francisco. I heard estimates of a record breaking 40,000 attendees. It didn’t seem much busier than previous years but as another participant pointed out to me, that might be... #cloud #rsa #rsa2017

87% of Millennials Engage in Password Reuse (BleepingComputer) Password reuse is rampant among people aged 18 to 31, a category also referred to as millennials, according to a recent survey carried out by Keeper, the company behind the eponymous password manager application.

Nearly 60 Percent of Mobile Device Users had to Reset a Password in the Past Two Months (Yahoo! Finance) Today, Keeper Security, Inc., the world's leading password manager and secure digital vault, announced the results of a survey analyzing mobile device usage and security. Sponsored by Keeper Security, the study found that nearly 60% of mobile device users have

Retail Cyberattacks Down In Q4 | PYMNTS.com (PYMNTS.com) According to a new report from content delivery network and web security firm Akamai Technologies Inc., cyberattacks against retailers were on the decline in the fourth quarter of 2016, though that doesn’t mean retailers were free from major security events during the holiday season. Here are some of the key findings. Akamai analyzed web security...

Marketplace

Healthcare End Users to Boost IT Security Spending, Report Says (Security Sales & Integration) A majority of U.S. healthcare survey respondents reported deploying to cloud, big data and IoT environments without adequate data security controls.

Global cloud security market to reach $13.93 billion by 2024 (Help Net Security) The global cloud security market is expected to reach a staggering $13.93 billion by 2024, according to Grand View Research.

Cisco, Fortinet, VMware 'Major Players' in Skyrocketing Cloud Security Market (Chanel Partners) A study by Grand View Research found that the cloud security industry will reach $13.9 billion by 2024.

Palo Alto Networks Acquires LightCyber (Dark Reading) Company will integrate LightCyber technology into its Next-Generation Security Platform.

Palo Alto adds behavioral analytics to offering (Infosecurity Magazine) Palo Alto adds behavioral analytics to offering with LightCyber acquisition

Why Palo Alto Is On The Fast Track To Success (Seeking Alpha) Traps module gaining traction. Increased security spending. Unique offering.

WhiteHawk swoops on investors in pre-IPO raising (Australian Business Review) American cyber security firm WhiteHawk is doing the rounds of Australian investors as it prepares to list on the local stock exchange by the end of the year.

Fortscale Secures $7 Million in Latest Round of Funding Led by Evolution Equity Partners and Valor Capital Group (Yahoo! Finance) Fortscale Security Ltd., the innovator in machine learning-based User & Entity Behavior Analytics for security, today announced it has secured $7 million dollars in its latest round of funding led by Evolution Equity Partners and Valor Capital Group.

A District 'memory augmentation' firm landed $3.5M from local VCs (Washington Business Journal) D.C.-based Polarity has developed technology to beef up a company’s institutional memory – and now it has landed $3.5 million in funding from some Greater Washington venture capitalists to help expand its staff and sell to more customers.

The latest hot start-ups to emerge from Israel’s cybersecurity war machine (CNBC) Israel is home to two Upstart 25 cybersecurity companies founded by former Israeli Defense Forces members

Q&A: Former FireEye CEO DeWalt On Why He's Joining IoT Security Startups (CRN) Since leaving FireEye, Dave DeWalt has dove headfirst into the Internet of Things security market with positions on three boards of directors. Here's why he thinks the opportunity is sky-high for these companies.

Global FMCG heavyweight signs $1m-plus deal with Darktrace (Business Weekly) A top five global player in the fast moving consumer goods (FMCG) space has chosen Cambridge technology to protect its systems against cyber attacks.

Podcast: How to hack the Pentagon (The Christian Science Monitor) The Cybersecurity Podcast crew interviews Chris Lynch, the director of the Defense Digital Service, and Lisa Wiswell, the group’s digital security lead, about the Pentagon's bug bounty programs.

Infoblox to double size of Tacoma operation (Business Examiner) Bay Area-based Infoblox, which acquired Tacoma cybersecurity company IID last year, has announced the expansion of its operation in the City of Destiny.

Bitglass Recognized as the Best Cybersecurity Startup by Cybersecurity Excellence Awards (Yahoo! Finance) Bitglass, the total data protection company, today announced that it has been recognized as the best cybersecurity startup by the Cybersecurity Excellence Awards. Bitglass' industry-leading cloud security ...

Products, Services, and Solutions

FourV Systems Announces GreySpark Central™ (Yahoo! Finance) FourV Systems, a provider of information technology risk intelligence for the enterprise, today announced GreySpark Central™ for consolidated cyber risk management. This enhancement to GreySpark enables Managed Security Service Providers to centrally manage deployments and view risk and performance indicators

VIPRE® Offers Small and Medium Businesses Top-Rated Endpoint Protection for as Low as $12 per Seat/Year (PRNewswire) VIPRE® today announced it is making it easier for small and medium...

Datrium Introduces Industry-First Blanket Encryption for Private Clouds (PRNewswire) Datrium, the leading provider of Open Convergence for cloud builders, today announced Datrium Blanket Encryption, an industry-first software product that combines always-on efficient deduplication and compression technology with high-speed, end-to-end encryption: in use at the host, in flight across the network and at rest on persistent storage.

How Cisco wants to become the Switzerland of the cloud (Network World) After years of juggling with different strategies of how to pursue the cloud computing market, Cisco now has what it believes will be a winning one: Become a so-called Switzerland of the cloud. A range of offerings will help customers manage multiple types of clouds – public or private, and the apps that run on them.

Appian and Blue Prism Team Up to Drive Digital Transformation (Yahoo! Finance) Appian and Blue Prism, the pioneer of Robotic Process Automation software, today announced a technology alliance to better serve enterprises with their digital transformation initiatives. Reacting quickly ...

Illumio Named 'Best Product' By Cyber Defense Magazine (Yahoo! Finance) Illumio today announced that Cyber Defense Magazine, a leading information security magazine and media partner of the annual RSA® Conference, named the company a winner of two 2017 industry awards: "Best Product in Data Center Security Solutions"

Exostar's Enterprise Collaboration Solution Now Supports DFARS Cybersecurity Provisions Compliance (BusinessWire) Exostar extends leadership position for cybersecurity solutions. Enterprise collaboration w/digital rights management helps orgs comply with DFARS/NIS

Arxan Cryptographic Key and Data Protection Awarded FIPS 140-2 Certification (Yahoo! Finance) Arxan Technologies, the trusted provider of application self-protection and management solutions, today announced its completion of the Federal Information Processing Standard 140-2 validation process ...

Spirent extends security and performance testing leadership with CyberFlood (Telecom Tiger) Spirent Communications, on Tuesday extended its lead in security and performance testing by introducing the industry’s first server-response fuzzing capability within CyberFlood, its premier security test solution.

Cobalt takes the wraps off its indoor security robots (TechCrunch) Palo Alto-based Cobalt Robotics Inc. today introduced a new line of robot security guards for indoor use. The roving robots use the same kind of components..

Fortinet makes security training and certification program available for free | Networks Asia (Networks Asia) Fortinet is providing universal access to their Network Security Expert (NSE) training and certification program making it broadly available and free of charge.

Visa, Mastercard beef up mobile payment tech at Mobile World Congress (CSO Online) Visa on Monday announced one of the most unusual approaches, one that relies primarily on older QR code technology through its mVisa payment service.

Flowmon and Ixia Join Forces to Simplify Monitoring and Enhance Security of Large Heterogeneous Networks (BusinessWire) Ixia partners with Flowmon Networks to simplify monitoring and enhance security of large heterogeneous networks.

Here’s a new way to prevent cyberattacks on home devices (CSO Online) Homeowners worried about cybersecurity attacks on IP-connected devices like lights, baby monitors, home security systems and cameras, will soon be able to take advantage of a $200 network monitoring device called Dojo.

CyberArk advances insider threat detection to accelerate incident response (IT Web) New CyberArk capabilities detect and alert on high-risk privileged activity during user sessions to help security teams better prioritise threat response.

Sophos Announces Unified Security and Control for Mobile Devices, Laptops and IoT devices with Sophos Mobile 7 Enterprise Mobile Management Solution (Yahoo! Finance) Sophos ( LSE : SOPH ), a global leader in network and endpoint security, today announced Sophos Mobile 7, the latest version of its Enterprise Mobility Management (EMM) solution.

Enhanced Avast Wi-Fi Finder Helps Android Users Secure their Personal Internet of Things (Yahoo! Finance) Avast, the leader in digital security products for consumers and businesses, today announced a new feature of the Avast Wi-Fi Finder app for Android that will help users secure their networks and protect their Internet of Things devices.

New online help for seniors to avoid financial scams (The Patriot Ledger) To help seniors better understand their risks for financial scams online, Home Instead Senior Care has launched Protect Seniors Online with the National

35 of the Best Information Security Podcasts to Follow (Digital Guardian) Podcasts are a go-to resource for security professionals – here's our roundup of 35 of the top podcasts covering information security.

Technologies, Techniques, and Standards

GDPR Compliance: Time to Face Mission Impossible? (Infosecurity Magazine) A roundtable of security professionals discuss GDPR realities

GDPR: Firms outline the compliance challenge - data discovery and consent (Computing) IT leaders from Ladbrokes Coral, University College London and Forcepoint explain what's currently keeping them up at night when it comes to the impending General Data Protection Regulation,Cloud and Infrastructure,Legislation and Regulation ,GDPR,Cloud,Cyber security,Privacy

Tens of thousands of firms will be caught up in GDPR's mandatory breach notification requirements, warns Forcepoint's Neil Thacker (Computing) When the Netherlands introduced breach notification requirements, more than 4,000 companies were caught in the dragnet,Security,Cloud and Infrastructure ,GDPR,Security,Cloud,Forcepoint,IT Leaders Forum,ICO,Bristows

Businesses still confused about GDPR (Help Net Security) GDPR confusion is an all time high. Almost 78% of IT decision makers either lack understanding about GDPR impact or are completely unaware of it.

HITRUST Announces HITRUST CSF Roadmap Including a New Simplified Program for Small Healthcare Organizations and NIST Cybersecurity Framework Certification (Yahoo! Finance) HITRUST announced today its 2017 roadmap for key enhancements to the HITRUST CSF as well as a new CSF initiative targeting smaller healthcare organizations to support their information risk management programs and improve their cyber resilience.

Army revises functional concept of intelligence (C4ISRNET) The Army is coming to grips with the notion that with a rapidly changing world and threat environment, intelligence must adapt in kind.

How to recover from the OSX/Filecoder.E ransomware on your Mac (Graham Cluley) Buggy Mac ransomware didn't offer a method of recovery even if you paid the extortionists. Until now.

Privileged Accounts Explained (Computer Business Review) CyberArk’s Matt Middleton-Leal is next in the Tech Express hot seat, tackling the cyber security issue of Privileged Accounts.

Flood of threat intelligence overwhelming for many firms | Networks Asia (Networks Asia) The amount of threat information coming in from security systems is overwhelming for many companies.

7 universal rules of threat intelligence (CSO Online) Levi Gundert, vice president of intelligence and strategy at Recorded Future, will go over the seven universal rules of threat intelligence – what you should be doing no matter what, whether you use a platform or not.

Training Can Help in Cybersecurity’s ‘Weak Link Game,’ Akamai Expert Says (Meritalk) People, not new systems, are the single most consistent impediment to improving cybersecurity practices, according to R.H. Powell, senior director of security services at Akamai Technologies.

RSA Conference is a timesaver (Computerworld) For our manager, the annual security gathering is a great way to get quality time with vendors.

'Shark Tank' investor Robert Herjavec: 7 simple steps to protect yourself from hackers (CNBC) The cybersecurity expert explains how you can keep yourself and your business safe.

Design and Innovation

After 3 Years, Why Gmail’s End-to-End Encryption Is Still Vapor (WIRED) Is the effort to end-to-end encrypt Gmail dead, or just a lot harder than it looks?

Malware: Neue Erkennungsmethoden notwendig (Trojaner-info) Ohne eine Antiviren-Software zur Abwehr von Schädlingen kommt man heute nicht mehr aus. Dabei ist es wichtig, dass die Schadabwehr immer weiter entwickelt wird, um kriminellen Angriffen zu trotzen. Die bisher übliche Signatur-basierte Malware-Erkennung genügt nach neuen Erkenntnissen aus den USA den aktuellen Anforderungen nicht mehr.

Blitzkrieg Redux: The Coming Warbot Revolution (Strategy Bridge) In May 1940, the Allied and German Armies squared off in what was expected to be an extended campaign for the conquest of France.

For IBM’s CTO for Watson, not a lot of value in replicating the human mind in a computer (TechCrunch) "Everybody and their mother is out to create their own specialized voice-activated devices," IBM fellow and CTO for its Watson project Rob High told me during..

Five Terminator movies have taught us nothing (CSO Online) In a new study of leading robot manufacturers, most had serious security vulnerabilities which could allow hackers to take over and reprogram the robots to spy on their owners, cause property damage, or even attack humans.

Research and Development

Singapore university taps Verizon’s cyber security knowhow (ComputerWeekly) Nanyang Technological University will use the Veris Community Database in research project to enable more accurate cyber risk assessment

Legislation, Policy and Regulation

Legislators grapple with cyber war rules (TheHill) Members of Congress are grappling with the new era of cyber warfare as the government works to define what acts in cyberspace should warrant a military response.

New York’s cyber security regulations aren’t perfect, but other states should pay attention to them (Recode) The new rules, which go into effect March 1, call for banks and insurers to scrutinize security at third-party vendors that provide them goods and services.

Top talent leaves NSA amid Trump fears and morale slump (Newsweek) Half-a-dozen cybersecurity executives told Reuters they had witnessed a marked increase in the number of U.S. intelligence officers and government contractors seeking employment in the private sector since Trump took office on Jan. 20.

Incoming: Cutting the Gordian Knot of Privacy (SIGNAL Magazine) I feel a sense of disappointment as I think about how much the cyberspace landscape has changed over the last 40-plus years and how little our nation’s privacy laws have done to keep up with this digital transformation.

Trump Names New Head of Economic Council for Cybersecurity, Technology (Dark Reading) Grace Koh will be special assistant to the President for technology, telecom, and cybersecurity.

Litigation, Investigation, and Enforcement

Turkish suspect identified in Vienna airport cyber attack (The Local (Austria)) An investigation into a failed cyber attack on Vienna airport has found that the main suspect is based in the US.

A Murder Case Tests Alexa’s Devotion to Your Privacy (WIRED) Opinion: Can Alexa Betray Your Privacy? Not If Amazon Has Its Way.

TSP board lagging behind on cyber updates, closing audit recommendations (FederalNewsRadio) Cybersecurity remains a challenge for FRTIB, the board responsible for TSP. An auditor found the board lagging on risk management and access strategies.

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

newly Noted Events

Integrated Adaptive Cyber Defense (IACD) Community Day (Laurel, Maryland, USA, March 23, 2017) Advancing cyber operations through secure automation & interoperability. Government agencies, commercial firms, research organizations, academic institutions and cyber security experts align in community efforts demonstrating cyber defenses art-of-the-possible, through automation and interoperability. Learn how to dramatically change the timeline and effectiveness of cyber defenses, increase community awareness and defensive capabilities. Free event, registration requested.

upcoming Events

The Cyber Security Summit: Denver (Denver, Colorado, USA, March 1, 2017) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts. Learn from cyber security thought leaders including: Mary McCord, Asst. Attorney General for National Security, U.S. Dept. of Justice & Chad Alvarado, Supervisory Special Agent, Cyber Task Force, FBI Denver Division. Engage in panel discussions focusing on trending cyber topics including Emerging Threats to IoT & Big Data, Insider Threats, and Compliance. Receive half off your admission with promo code cyberwire50 at CyberSummitUSA.com and view details including the full agenda, participating solution providers & confirmed speakers

International Cyber Risk Management Conference (ICRMC) (Toronto, Ontario, Canada, March 2 - 3, 2017) The third annual International Cyber Risk Management Conference (ICRMC) brings together a world class roster of experts with cross-sector, global and multidisciplinary expertise to share knowledge, lessons learned, and methodology on cyber security. We are delighted to build on last year’s very successful ICRMC. Cyber security has grown into a global pandemic and organizations of all sizes are struggling with questions on how to mitigate, manage, and transfer cyber risk. We’ve structured our agenda based on delegate feedback and our exceptional 2017 Advisory Committee is determined to provide engaging high-profile speakers and compelling content to share knowledge, captivate and educate. Visit www.icrmc.com for details.

SANS San Jose 2017 (Milpitas, California, USA, March 6 - 11, 2017) Securing and defending your network has never been more important as attacks and breaches make the news daily. Gain the skills and tools you need to win the battle against the wide range of cyber adversaries who want to harm your environment. SANS San Jose 2017 offers six hands-on, intensive cyber security training courses.

Cybersecurity: Defense Sector Summit (Troy, Michigan, USA, March 7 - 8, 2017) Don’t miss out on the opportunity to be a part of the conversation regarding how cybersecurity is impacting not only ground vehicles, but air and maritime platforms. What are the synergies amony Army, Air Force, Navy, and Marine platform cybersecurity initiatives? What can we learn from connected car and autonomous initiatives in the automotive industry? Who and what is driving acquisition reform to ensure agility and speed? What are the supply chain impacts? What are the “seams” that create vulnerabilities? Who and what is driving cybersecurity platform requirements? What is being done to assess execution readiness? What are platform stakeholders doing technically to address vulnerabilities?

15th annual e-Crime & Cybersecurity Congress (London, England, UK, March 7 - 8, 2017) Europe's largest and most sophisticated gathering of senior cybersecurity professionals from international business, governments, law enforcement and intelligence agencies.

ISSA Mid Atlantic Security Conference (Rockville, Maryland, USA, March 10, 2017) Join us for a full day of training by industry leaders discussing some of the latest topics in tactics and techniques for preparing for cyber-attacks. This conference will feature a variety of presentations and cutting edge training opportunities, including hands-on demonstrations and workshops.

Investing in America’s Security: Cybersecurity Issues (Jersey City, New Jersey, USA, March 10, 2017) Please join us for the 5th Annual Northeast Regional Security Education Symposium hosted by the Professional Security Studies Department at New Jersey City University. The Symposium’s keynote address will be delivered by Milan Patel of K2 Intelligence, formerly the FBI’s Cyber Division Chief Technology Officer. Speakers include NJCCIC Director Michael Geraghty. NJCU students pursuing their D.Sc. degree will present academic research posters and a panel of experts will discuss careers in cyber security.

IAPP Europe Data Protection Intensive 2017 (London, Englan, UK, March 13 - 16, 2017) Set in London, the Data Protection Intensive delivers innovative solutions to today’s top privacy and data protection challenges. Known for its exceptional programming, the Intensive has come into its own as a leading forum for practical data protection education.

Rail Cyber Security Summit (London, England, UK, March 14 - 15, 2017) Now in its second year, the event will take place at the Copthorne Tara Kensington hotel in London between March 14th and 15th 2017 and will feature a range of experts from the rail transport industry, as well as leading Government and global cyber security leaders and academics working in the field.

CyberUK 2017 (Liverpool, England, USA, March 14 - 16, 2017) Announcing the UK government's flagship IA and cyber security event, for 2017. This is a three day event that will bring together cyber security leaders and professionals from across the UK’s information security communities from both the public and private sector. The NCSC’s partnership with information security businesses of all sizes is essential in strengthening the UK’s cyber resilience. CyberUK 2017 will play a key role in defining the role industry must play in achieving this step change, and is expected to attract 1,600 information assurance (IA) and cyber security leaders and professionals.

Cybersecurity: The Leadership Imperative (New York, New York, USA, March 16 - 17, 2017) Cyber risk impacts every element of your organization – and even the most brilliant information security expertise must be supported by a cross-functional cybersecurity structure and culture to succeed. Cybersecurity: The Leadership Imperative will provide case studies and actionable insights on building and maintaining a structure in which leaders across the organization are able to work together seamlessly to comprehend, measure and respond to cyber risk challenges.

BSides Canberra (Canberra, Australia, March 17 - 18, 2017) BSidesCbr is a conference designed to advance the body of Information Security knowledge, by providing an annual, two day, open forum for discussion and debate for security engineers and their affiliates. We produce a conference that is a source of education, collaboration, and continued conversation for information technologists and those associated with this field. The technical and academic presentations at BSidesCbr are given in the spirit of peer review and advanced knowledge dissemination. This allows the field of Information Security to grow in breadth and depth, and continue in its pursuit of highly advanced scientifically based knowledge.

Cyber Resilience Summit: Securing Systems inside the Perimeter (Reston, Virginia, USA, March 21, 2017) As the journey to secure our nation’s IT cyber infrastructure gains momentum, it is important to apply proven standards and methodologies that reduce risk and help us meet objectives for acquiring, developing and sustaining secure and reliable software-intensive systems. The theme of our upcoming Cyber Resilience Summit is Securing Systems inside the Perimeter. Defending the network is NOT enough. The most damaging of system failures and security breaches are caused by vulnerabilities lurking inside the network at the application layer.

European Smart Grid Cyber Security (London, England, UK, March 21 - 22, 2017) European Smart Grid Cyber Security 2017 offers a unique opportunity to network with senior experts in cyber security from government, utilities, TSOs, regulators, solution providers, security consultants, senior engineers and more. Join us to hear from a range of European utility companies present what their strategic programmes are doing regarding cyber security. As well as discuss how communication issues between IT and OT departments can be overcome and learn how to make your company compliant.

Maryland Cybersecurity Awards Celebration (Baltimore, Maryland, USA, March 22, 2017) Help us celebrate the best and brightest of the Maryland cyberscurity community as we honor the companies, organizations, and individuals that have protected businesses and government agencies with their cutting-edge technologies; thwarted cyber criminals with their outstanding cybersecurity services; demonstrated exemplary knowledge, expertise, leadership and innovative thinking; or made a significant contribution to Maryland’s cybersecurity ecosystem.

SANS Pen Test Austin 2017 (Austin, Texas, USA, March 27 - April 1, 2017) Every organization needs skilled people who know how to find vulnerabilities, understand risk, and help prioritize resources based on mitigating potential real-world attacks. That's what SANS Pen Test Austin is all about! If you like to break things, put them back together, find out how they work, and mimic the actions of real-world bad guys, all the while providing real business value to your organization, then this event is exactly what you need.

IT Security Entrepreneurs' Forum Bridging the Gap Between Silicon Valley & the Beltway (Mountain View, California, USA, March 28 - 29, 2017) SINET – Silicon Valley provides a venue where entrepreneurs can meet and interact directly with leaders of government, business and the investment community in an open, collaborative environment focused on identifying solutions to Cybersecurity challenges.

Insider Threat 2017 Summit (Monterey, California, USA, March 29 - 30, 2017) The focus of the Insider Threat Summit is to discuss personnel security issues including cyber security challenges and capabilities, continuous evaluation of privileged identities and ethical physical security considerations. A heightened awareness of insider threats due to numerous newsworthy attacks and unauthorized leaks has brought us together for one main purpose: To better understand security challenges in order to better defend against insider threats.

2nd Annual Billington International Cybersecurity Summit (Washington, DC, USA, March 30, 2017) The 2nd Annual Billington International Cybersecurity Summit on March 30, 2017 at the National Press Club in Washington, DC will feature over 300 world class cybersecurity decision-makers from allied nations and the US in an intensive day of knowledge exchange and relationship building. NOTE: Attendees must be citizens of the U.S. or allied nations to attend this event. The summit, which will attract senior influencers in cybersecurity from allied nations across the world, has as its theme: Protecting Critical Infrastructure in a Connected World.

Yale Cyber Leadership Forum: Bridging the divide between law, technology, and business (New Haven, Connecticut, USA, March 30 - April 1, 2017) The Yale Cyber Leadership Forum will take place on Yale University's campus and will focus on bridging the divide between law, technology and business in cybersecurity. With McKinsey & Company as our knowledge partner, the Forum will integrate McKinsey’s extensive knowledge of best practices in cybersecurity with Yale’s scholarly expertise. The Forum will expose participants to effective approaches to recognizing, preparing for, preventing, and responding to cyber threats.

WiCyS 2017: Women in Cybersecurity (Tucson, Arizona, USA, March 31 - April 1, 2017) The WiCyS initiative has, since 2013, become a continuing effort to recruit, retain and advance women in cybersecurity. It brings together women (students/faculty/researchers/professionals) in cybersecurity from academia, research and industry for sharing of knowledge/experience, networking and mentoring.

InfoSec World Conference and Expo 2017 (ChampionsGate, Florida, USA, April 3 - 5, 2017) The conference will feature security practitioners who speak from experience on the real-world challenges companies are facing today. The conference is most suitable for those whose responsibilities include creating solutions. The organizers bill it as a training conference.

Cyber Security Summit: Atlanta (Atlanta, Georgia, USA, April 6, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Atlanta. Receive 50% off of a Full Summit Pass when you register with code CYBERWIRE50 (standard price of $350, now only $175 with code). Register at CyberSummitUSA.com. The Cyber Security Summit: Atlanta is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts. for details visit CyberSummitUSA.com.

SANS 2017 (Orlando, Florida, USA, April 7 - 14, 2017) Success in information security requires making a commitment to a career of learning, from the fundamentals to advanced techniques. To put you firmly on that learning path, join us at SANS 2017 in Orlando, Florida from April 7-14. This event features over 40 different cutting-edge courses taught by top industry professionals who will provide you with the best available information and software security training. SANS 2017 also features numerous opportunities to learn new skills, techniques, and trends at the SANS@Night talks, Vendor Expo, and Lunch-and-Learn sessions. You will hear about the latest and most important issues in talks led by SANS practitioners who are leading the global conversation on cybersecurity.

Hack In the Box Security Conference (Amsterdam, the Netherlands, April 10 - 14, 2017) Back again at the NH Grand Krasnapolsky, HITB2017AMS takes place from the 10th till 14th of April 2017 and features a new set of 2 and 3-day technical trainings followed by a 2-day conference with a Capture the Flag competition, technology exhibition with hackerspaces, lock picking villages and hardware related exhibits plus a free-to-attend track of 30 and 60 minute talks!

Sponsor & Support

Grow your brand, generate leads, and fill your funnel.

With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listens all over the world, companies trust the CyberWire to get the message out. Learn more.

Amazon outages were errors, not attacks. Dridex gets more evasive; Necurs picks up a DDoS capability. Palo Alto buys LightCyber. Companies still figuring out GDPR compliance. US Congress mulls cyber attack as casus belli.