The CyberWire Daily Briefing 6.11.18

Cyber Attacks, Threats, and Vulnerabilities

Chinese Government Hackers Steal Trove of U.S. Navy Data: Report (SecurityWeek) Chinese government hackers have reportedly stolen a massive trove of sensitive information from a US Navy contractor, including secret plans to develop a new type of submarine-launched anti-ship missile.

Chinese hackers steal sensitive Navy program data (Fifth Domain) Cyberattacks sponsored by the Chinese government infiltrated a U.S. Navy contractor’s computers, allowing digital thieves to access sensitive data related to secret Navy projects on a submarine anti-ship missile.

As the West warns of Chinese cyber spies, poorer nations welcome gifts with open arms (WIRED UK) China has given computers and IT equipment to 35 countries in recent years. Sometimes it might be better for nations to refuse the offers

Patchwork Cyberspies Target U.S. Think Tanks (SecurityWeek) The cyber-espionage group known as "Patchwork" (AKA Dropping Elephant) has been launching cyberattacks directly against United States-based think tanks, Volexity reveals.

Patchwork APT Group Targets US Think Tanks (Volexity) In March and April 2018, Volexity identified multiple spear phishing campaigns attributed to Patchwork, an Indian APT group also known as Dropping Elephant.

Facebook Gave Some Companies Special Access to Additional Data About Users’ Friends (Wall Street Journal) Facebook struck customized data-sharing deals that gave select companies special access to user records well after the point in 2015 that the social network has said it walled off that information, according to court documents, company officials and people familiar with the matter.

Why the North Korean cyber threat shouldn't be ignored (IDG Connect) Ahead of the US-North Korean summit and its focus on denuclearization we look at why the country’s cyber program shouldn’t be ignored.

North Korean cyberattacks increase ahead of summit (Lexology) North Korean cyberattack activity appears to have ramped up ahead of the highly anticipated US-North Korea summit, which is expected to take place on…

Russia appears to be 'live testing' cyber attacks – Former UK spy boss Robert Hannigan (Register) Warns that nation state hacking threatens corporate networks

Interview: State-sponsored cyber attacks - it's not about the 'who', but the 'how' (Security Brief) With every major cyber attack comes the question of who exactly was behind it - and if that attack was condoned or even sponsored by nation-states.

#Infosec18: What You Need to Know About OilRig (Infosecurity Magazine) Palo Alto Networks explains the cyberattack tools used by the threat group OilRig.

FireEye Finds New Clues in TRITON/TRISIS Attack (Dark Reading) Attackers behind the epic industrial-plant hack reverse-engineered the safety-monitoring system's proprietary protocol, researchers found.

Banco de Chile falls victim for SWIFT money transfer hack that crashed 9,000 computers and 500 servers (Computing) Disk-wiping malware used to cover-up theft of $10m from South American bank

Hackers Crashed a Bank’s Computers While Attempting a SWIFT Hack (BleepingComputer) Hackers have used a disk-wiping malware to sabotage hundreds of computers at a bank in Chile to distract staff while they were attempting to steal money via the bank's SWIFT money transferring system.

Hackers Can Hijack, Sink Ships: Researchers (SecurityWeek) Insecure configurations and vulnerabilities in communications and navigation systems can allow hackers to remotely track, hijack and sink ships, researchers warn

Shipping Industry Cybersecurity: A Shipwreck Waiting to Happen (Threatpost) Pen Test Partners demonstrates how to send vessels off-course or even onto a path to collision -- fairly easily.

Hacks on a Plane: Researchers Warn It's Only 'a Matter of Time' Before Aircraft Get Cyber Attacked (Fortune) "Most commercial aircraft currently in use have little to no cyber protections in place."

Dragonfly: How Britain’s energy sector was hacked (Unearthed) Last June, on the day the British public went to the polls in the 2017 general election, the country’s energy system was hit by a major cyberattack.

Electric utilities examine growing cybersecurity risks as number of connected devices increases - Daily Energy Insider (Daily Energy Insider) The growing number of connected devices on the electric grid provide benefits in the form of real-time information and enhanced efficiency, but each device also creates additional cybersecurity risks.

Attack Vectors in Orbit: The Need for IoT and Satellite Security in the Age of 5G (TrendLabs Security Intelligence Blog) Already a vital part of the critical infrastructure of the internet, satellites are set to take on a more significant role with the emergence of 5G cellular network technology and the continuing expansion of the internet of things (IoT). While terrestrial networks handle peak load well, disaster handling and critical infrastructure scenarios are served well by satellites, which are unaffected by most ground-based events. Ensuring the security of satellites, therefore, acquires even greater importance and warrants more initiatives to that end.

Why Robocallers Win Even if You Don’t Answer (Wall Street Journal) Outfits that flood American landlines with marketing calls use a decades-old identification system to profit, even when no one picks up.

Some Signal Disappearing Messages Are Not Disappearing (Motherboard) Journalists and sources may try to secure their communications not just with encryption, but also with automatically disappearing messages. But Signal has a nasty bug that can retain some messages.

More malspam pushing Lokibot (SANS Internet Storm Center) A tweet last week by @malwareunicorn reminded me I haven't searched out any Loki-Bot malspam in a while.

Creative Spam Thinks Outside the Macro with .IQY Attachments (Threatpost) The ability of these simple files to open Excel and download any data from the internet makes them extremely dangerous.

Telstra freezes job ads after hack of Australian SaaS provider PageUp People (CRN Australia) PageUp People says data was potentially compromised.

Melbourne Microsoft partner Software Objectives hit with ransomware attack (CRN Australia) Came in by way of a suspicious hyperlink.

Trump’s unsecured communications criticized as ‘reckless’ (Fifth Domain) Democrats blast Trump's alleged vulnerable cellphone and internet use.

Data disaster: How a malware infection struck an Aussie HR site (PS News) A security breach at one of the world’s largest human resources providers, Australian company PageUp, has resulted in tens of companies that were using their services notifying employees and applicants last week that their personal data might have been stolen last month.

South Korean Cryptocurrency Exchange Coinrail Gets Hacked (BleepingComputer) South Korea-based cryptocurrency exchange Coinrail announced on Sunday a cyber-incident during which an intruder made off with a large amount of ICO tokens stored on the company's servers.

Bitcoin price plunges after news of a cyber attack on South Korean Coinrail (City A.M.) Spooked crypto investors unloaded $46bn (£34.3bn) worth of cryptocurrencies after the South Korean exchange platform Coinrail announced that it had been

Bitcoin price falls but doesn’t flatline (TechCrunch) Those not looking at the Bitcoin markets lately will either gasp or smile. Bitcoin, down from its all time high of around $19,000, is now floating at $6,785 as of this writing. To many this means that either the Bitcoin experiment is over or, to many more, that it has just begun. There are plenty […

Bitcoin has lost more than half its value since last year’s all-time high (Ars Technica) Amid fall, mining energy demand remains so high that Quebec utility halts new orders.

Email Compromise Attempts Hits Close to Home for KnowBe4 CEO Stu Sjouw (PRWeb) KnowBe4, provider of the world’s largest security awareness training and simulated phishing platform, today caught an attempted compromise in progress that tar

Security Patches, Mitigations, and Software Updates

F-Secure Fixes Serious Vulnerability in Antivirus Products (BleepingComputer) F-Secure has fixed a severe vulnerability in its home and enterprise antivirus products that could have allowed an attacker to execute malicious code on the user's machine and take over affected PCs

Latest batch of Cisco updates patches 28 bugs, two critical (SC Media UK) Cisco Systems has issued 28 security updates that patch vulnerabilities found in a variety of products, including two critical bugs assigned a CVSS 9.8.

Cisco Removes Backdoor Account, Fourth in the Last Four Months (BleepingComputer) For the fourth time in as many months, Cisco has removed hardcoded credentials that were left inside one of its products, which an attacker could have exploited to gain access to devices and inherently to customer networks.

Adobe Patches Flash Zero-Day (BleepingComputer) Adobe has issued a security update for Flash Player today to patch a zero-day vulnerability exploited by attackers in the wild.

Lenovo Finally Patches Ancient BlueBorne Bugs in Tab and Yoga Tablets (Threatpost) Lenovo patches several popular tablet models to protect against BlueBorne vulnerabilities first identified in September 2017.

Patch management is not just IT's responsibility, get your whole team on board (Help Net Security) Patching is often the responsibility of the operations team. They are required to keep systems up to date, but rarely have the full authority to do so.

Cyber Trends

Uptick in Threats to Job Sites, Recruitment Portals (Infosecurity Magazine) Cyber-criminals in in the deep and dark webs target job seekers and recruiters.

How cybersecurity changed in the last decade; how will it change in the next (TribLIVE.com) Much has changed in cybersecurity in the last decade. But much has stayed the same. Money is still the main motivation but so is data. ...

#Infosec18: “Ridiculous” Problems Perpetuating Cyber-Skills Crisis (Infosecurity Magazine) New Hall of Fame inductee James Lyne says new approaches are needed

Phishing declines, but targets increase - report (Security Brief) For the second quarter in a row, Q1 saw a slight decrease of over 2% in overall phishing detections from Q4 of 2017.

Era of the eBay-Like Underground Markets Is Ending (BankInfo Security) The era of the underground marketplace may be ending as concerns over law enforcement infiltration rise, threat intelligence company Digital Shadows.

Cybersecurity a must for Philippine organizations (Manilla Standard) A study commissioned by Microsoft revealed that huge cybersecurity breaches can result in economic losses to organizations in the Philippines.

Marketplace

The Age of Tech Superheroes Must End (Wall Street Journal) Silicon Valley has an accountability crisis, and at its root is the idolatry of its founder-CEOs, writes Christopher Mims.

Google pledges not to use AI for weapons or surveillance (C4ISRNET) Google pledged Thursday that it will not use artificial intelligence in applications related to weapons, surveillance that violates international norms, or that works in ways that go against human rights. It planted its ethical flag on use of AI just days confirming it would not renew a contract with the U.S. military to use its AI technology to analyze drone footage.

Despite Trump deal, China's ZTE, Huawei to face closed doors in US market (The Straits Times) Chinese telecoms companies like ZTE and Huawei face severely tightened access to the US market despite the Trump administration's deal this week to give ZTE a lifeline after it agreed to a steep fine..

Navarro: Trump has given ZTE one last chance (POLITICO) "It's going to be three strikes, you're out on ZTE.”

US Commerce Secretary: Huawei no threat to US national security (Totaltelecom) The FCC is currently investigating a number of Chinese companies on the grounds that they pose a threat to the US' national security, though many analysts suggest that the US is simply using the situation as leverage for its trade talks with China

ZTE ordeal shows allied cooperation key to keeping bad actors in check (TheHill) That ZTE could not turn to Germany, Japan or South Korea as alternate sources for parts forced ZTE to waive the white flag.

Industrial Cybersecurity Leader Claroty Attracts $60 Million Series B Investment, Bringing Total Funding to $93 Million (Claroty) Global Syndicate – including Temasek, Rockwell Automation, Siemens, Schneider Electric, and others – invests to protect critical infrastructure from escalating cyberthreats

Zscaler Security As A Service Delivers (Seeking Alpha) It seems to be a terrific solution commanding an equally terrific valuation. However, there is a lot to be said for the shares as there is already operational l

Carbon Black: Waiting For The Pop (Seeking Alpha) Carbon Black, the endpoint security company that went public in May, has just released its first earnings quarter since going public. Despite beats to top-line

Here's Why Akamai (AKAM) Stock is a Strong Buy Right Now (Zacks Investment Research) Akamai (AKAM) is expected to benefit from solid cloud security solutions growth driven by solid demand for Kona Site Defender and Prolexic Solutions.

Behind the Messy, Expensive Split Between Facebook and WhatsApp’s Founders (Wall Street Journal) After a long dispute over how to produce more revenue with ads and data, the messaging app’s creators are walking away leaving about $1.3 billion on the table.

Pentagon faces array of challenges in retaining cybersecurity personnel (TheHill) The Pentagon must accept that it cannot compete with tech giants and Silicon Valley startups strictly on the basis of salaries and benefits.

Cyber Command Plans Hiring Events In Maryland (Odenton-Severn, MD Patch) The US Cyber Command is stepping up recruiting efforts with a series of hiring events planned, including two this fall in Maryland.

Nikesh Arora given $128m to lead Palo Alto Networks (Capacity Media) Nikesh Arora, the former president and COO of SoftBank, has been named as the new CEO and chairman of Palo Alto Networks, in a deal worth $128 million.

Duo Security Appoints Technology Leader William Welch as President and Chief Operating Officer (Duo Security) Duo Security, one of the fastest growing cybersecurity companies in the world and leading provider of zero-trust security with Duo Beyond, today announced the expansion of its leadership team with the appointment of William Welch as President and Chief Operating Officer (COO). Welch brings more than 25 years of experience to Duo after holding successful senior leadership positions with technology giants such as ZScaler, HP, Symantec, and Oracle.

Products, Services, and Solutions

How 20th century check fraud is helping prevent 21st century data theft (Digital Trends) How do you prove you are who you say you are? That might seem like an easy question to answer, but in a world where your most personal of private information can be harvested from your credit agency or social networking account, that ease is a problem.

SafeRide and Irdeto partner on cybersecurity for C/AVs (ITS International) Cybersecurity company SafeRide and Dutch firm Irdeto have launched a solution to help original equipment manufacturers and Tier-1 suppliers protect connected and autonomous vehicles (C/AVs).

Cyber learning at Goldman Sachs (Professional Security) Goldman Sachs is to use the browser-based cyber training platform Immersive Labs’ to provide cyber security teams with purpose-built scenarios. The investment bank intends to then deploy the virtual learning platform among its 8,000 developers and potentially other types of workers across the firm to aid cyber resiliency.

Experian takes the next step forward in identity resolution to help marketers more easily connect offline and online identities (Sys-Con Media) MarketingConnect(SM) eliminates the need for disparate solutions and lets marketers access and manage customer identity attributes through a single unified platform

Blockchain update: EOS smart contract blockchain goes live (Computing) The smart contract project has raised $4bn in token sales over the past year,Networks ,blockchain,ethereum,eos,Bitcoin,cryptocurrency,Baidu,MaidSafe,China,smart contracts

Technologies, Techniques, and Standards

Changing the paradigm of control system cyber security (Control Global) Cross-correlating the electrical characteristics of process sensors in real time provides a new capability to change the paradigm of control system cyber security as well as reliability, availability, productivity, and safety monitoring

IoT security: mitigating the prospect of a life-threatening cyber attack (Computing) IoT manufacturers who prioritise cybersecurity procedures in the design stage will have a powerful competitive advantage

Global information-sharing platform to help central banks combat cybercrime (The Business Times) A NEW information-sharing group for central banks, regulators and supervisors will soon be launched in a bid to help combat cyber and physical crime, as well as build a more resilient financial sector. Read more at The Business Times.

How NATO Defends Against the Dark Side of the Web (WIRED) Opinion: The NATO Secretary General explains how the alliance will handle cyber attacks.

How multidomain battle is transforming US Army exercises (Defense News) The U.S. Army is headed down a path where operational experimentation will likely become a crux of many future exercises.

Effectively Managing Mistrust for Optimal Cybersecurity (Infosecurity Magazine) It’s vital that businesses work together to share information to stay one step ahead of the ever-evolving threat landscape.

Five Strategies for Extending Automation and Orchestration Beyond the SOC (SecurityWeek) Security, orchestration, automation and response (SOAR) technology makes it possible for maturing cyber security programs to find effective workarounds to the ever-present cybersecurity skills and resource shortage.

How third-party risk affects your GDPR compliance (Help Net Security) In this podcast, Darron Gibbard, Chief Technical Security Officer EMEA at Qualys, discusses third-party risk and how it affects GDPR compliance.

Securing microservices and containers: A DevOps how-to guide (Help Net Security) For organizations looking for end-to-end security for their microservices and containers, there are core tenants of an effective microservice security solution.

The Elite Microsoft Hacker Team That Keeps Windows PCs Safe (WIRED) How Microsoft's Windows red team probes and prods the world's biggest operating system through the eyes of an adversary.

Design and Innovation

Google Tackles AI Principles: Is It Enough? (Threatpost) AI offers an immense capacity for good -- and for unintended consequences.

When the NSA Hired Mad Men (The Daily Beast) The National Security Agency was once a young agency that had to make a name for itself. It went for a psychedelic look, as recently declassified posters of the ’50s & ’60s show.

The Ghost of John Perry Barlow Takes Flight in His Posthumous Memoir (WIRED) Mother American Night will become the crucial document for understanding the trippy, contradictory life and work of the internet pioneer and Grateful Dead lyricist.

Research and Development

Russia to test quantum data transmission from space station in 3 years (TASS) Quantum cryptography is viewed as a method that theoretically excludes the possibility of the unauthorized access to transmitted information

Academia

FC2 Supports Student Research into Smart Safehouses (Florida Center for Cybersecurity) With support from the Florida Center for Cybersecurity, six students from the University of South Florida's (USF) College of Engineering have embarked on a yearlong internship to develop a state-of-the-art, cyber-ready safehouse.

Legislation, Policy and Regulation

How summit talks may affect North Korean hacking (Bulletin of the Atomic Scientists) There are three reasons why the summit might actually make the cyber threat worse.

Hacks After Nukes: The Coming of North Korea’s Cyber Threat (The Diplomat) The upcoming Trump-Kim summit may provide an opportunity to raise questions about North Korea’s cyber attacks.

G7 to launch rapid response unit against 'hostile' states (euronews) Leaders of G7 countries have agreed the creation of a rapid response unit to combat hostile state activity, warning that “interference by Russia and other

Hostile states to face rapid and unified international response (GOV.UK) G7 agrees new plan to identify, prevent and respond to hostile state activity, including cyber attacks and other egregious breaches of international rules.

Trump stuns allies, won’t sign G-7 joint agreement (POLITICO) The president touted great relationships with other G-7 leaders — but then abruptly reversed on signing a joint statement and lashed out at the Canadian prime minister.

Net Neutrality Rules Expire as Backers Turn to Congress, Courts (Bloomberg) The Obama-era net neutrality regulations that barred broadband providers from slowing or blocking internet traffic expired Monday, a major milestone in a debate that continues in the courts and Congress as Democrats press to restore the rules.

Hey Corporate America, get ready for cybersecurity regulations in the US (CNNMoney) Rober Herjavec believes cybersecurity regulations like GDPR will soon be coming to the United States -- and that's actually a good thing.

Australia forms task force to guard elections from cyber attacks (Reuters) Australia has established a security task force to guard against cyber attacks and interference in elections, the government said on Saturday, amid concerns foreign powers are meddling in domestic affairs and ahead of five elections next month.

Marine Corps weighs wooing older members for new cyber force (ABC News) The head of the Marine Corps says it's time the U.S. military branch known for its fierce, young warriors becomes a little more mature. The Marine Corps is considering offering bonuses and other perks to entice older, more experienced Marines to re-enlist as it builds up its cyber...

What the Senate wants to see in this year's NDAA (FCW) The Senate released its text and report for the 2019 National Defense Authorization Act. Take a look at a few of the biggest cyber provisions that could make it through final passage.

Air Force cyber to get new boss (Fifth Domain) 24th Air Force is getting a new commander.

Air Force to shift cyber authority (Fifth Domain) Air Combat Command to take over cyber operations in the summer of 2018.

Peterson Air Force Base loses jobs as cyber role moves (Air Force Times) The Air Force is cutting 72 jobs from its base in Colorado Springs as the service’s computer warfare efforts will no longer be overseen by the Air Force Space Command.

Litigation, Investigation, and Enforcement

Jury finds former CIA officer guilty of espionage (TheHill) A former CIA agent was convicted by a jury in Virginia on Friday of giving classified secrets to a Chinese intelligence agent.

Former security chief for Senate Intelligence Committee indicted (CBS News) The DOJ alleges Wolfe lied FBI agents in December 2017 about his repeated contacts with three reporters, including through his use of encrypted messaging applications

The Russia Investigations: So Many Pieces Of The Puzzle Are Missing (WAMU) Two years after important overtures by foreign operatives to the Trump campaign, Russian motives still aren't entirely clear.

ICO smites Bible Society, well fines it £100k... (Register) Vengeance for poor security sins in face of cyber attack

Canadian company accused of 'complete fabrication' in testimony regarding Facebook data breach (The London Free Press) ‘They are definitely data harvesters,’ said Vickery. ‘It’s a lie to say they have not harvested data’

WannaCry Kill Switch Researcher Faces New Hacking Charges (Infosecurity Magazine) WannaCry Kill Switch Researcher Faces New Hacking Charges. Hutchins accused of developing second piece of malware

Undermining Crypto-Threats (Infosecurity Magazine) Cryptomining has the potential to be as big a threat a ransomware, and it is harder for law enforcement to track the perpetrators.

California Weed Dispensaries Can Legally Sell Customer Information to Data Brokers (Motherboard) California is expected to become the largest weed industry in the United States, but unlike other legalized states, it has no laws in place to protect cannabis consumer data.

Notorious Kindle Unlimited abuser has been booted from the bookstore (TechCrunch) A few levels past the bestsellers and sci-fi/romance/adventure titles on Kindle Unlimited, in the darkest corners of the Kindle Direct Publishing market, there are books that are made entirely out of garbage designed to make scammers hundreds of dollars a day. One user, who called his or herself Ch…

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

Transport Security and Safety Expo (Washington, DC, USA, June 11 - 12, 2018) Security incidents are expected to cost the world $6 trillion annually by 2021, making now the time to find out more at the 2018 Transport Security and Safety Expo. The transportation industry is rapidly digitizing, leading to greater risks and potential impacts from cyber and physical events. Understanding how to better safeguard operations and protect critical networks and infrastructure from damage is paramount, and opportunities like TSSX18 that bring the industry together for training and solutions are welcomed by SANS.

Dynamic Connections 2018 (Palm Springs, California, USA, June 12 - 14, 2018) Together with you, our customers and partners, we’ll come together for 2 ½ days to learn, explore and create the possible at Dynamic Connections 2018 (DC18). To get ahead of the most critical, most pervasive threat we face in the digital domain today, we must reach into the future and pull tomorrow’s innovation forward.

Social Engineering—Rhode Island (Newport, Rhode Island, USA, June 16, 2018) Welcome to the first ever social engineering conference in Rhode Island!

Norwich University Cyber Security Summit (Northfield, Vermont, USA, June 18 - 20, 2018) Norwich University’s College of Graduate and Continuing Studies (CGCS) is pleased to announce the second annual Cyber Security Summit in June 2018. The summit, presented in a continuing education format, welcomes Norwich alumni and others interested in exploring and discussing the latest in cyber security policy from both the federal level and the practical application of that policy on a local or business level.

NITSIG Meeting: Protecting Controlled Unclassified Information On U.S. Government Contractor Information Systems (Herndon, Virginia, USA, June 18, 2018) This meeting will discuss the security control requirements for the protection of Controlled Unclassified Information (CUI), for contractor information systems upon which CUI is processed, stored on, or transmitted through. These requirements must be implemented at both the contractor and subcontractor levels based on the information security guidance in NIST Special Publication (SP) 800-171: Protecting Controlled Unclassified Information In Non-Federal Information Systems And Organizations. The CUI protection requirements are intended for use by federal agencies in contractual vehicles or other agreements established between those agencies and non-federal organizations. Failure to implement the security controls to protect CUI, would be a breach of contract.

Insider Threat Program Management With Legal Guidance Training Course (Tyson's Corner, Virginia, USA, June 19 - 20, 2018) This training will provide the ITP Manager, Facility Security Officer, and others (CIO, CISO, Human Resources, IT, Etc.) supporting an ITP, with the knowledge and resources to develop, manage, or enhance an ITP. A licensed attorney with extensive experience in Insider Threats and Employment Law, will provide legal guidance related to ITP's, the collection, use and sharing of employee information, and employee computer user activity monitoring. Insider Threat Defense has trained over 500+ organizations and has become the "Leader-Go To Company" for ITP Management Training.

GovSummit (Washington, DC, USA, June 27 - 28, 2018) GovSummit -- the government security conference hosted annually by the Security Industry Association -- brings together government security leaders with private industry technologists for top-quality information sharing and education on security topics affecting federal, state and even local agencies.

The Cyber Security Summit: DC Metro (Tysons Corner, Virginia, USA, June 28, 2018) Learn from cyber security experts from The U.S. Department of Justice, The NSA, Pulse Secure, CenturyLink and more as they brief you on the latest security threats facing your business. This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers. Receive $95VIP admission with promo code cyberwire95 at CyberSummitUSA.com ($350 without code). Your registration includes a catered breakfast, lunch, and cocktail reception. Passes are limited. Secure your ticket while space permits.

Impact Optimize2018 (Rosemont, Illinois, USA, June 28, 2018) Impact Optimize2018, the first-ever IT and Business Security Summit hosted by Impact, will provide attendees with actionable steps that enable the betterment of information, network and cybersecurity. All of the information presented will be designed to facilitate growth and eliminate risk for organizations of all sizes and across all vertical markets, with security as the firm foundation of every solution. The event will include presentations by subject matter experts, breakout sessions among business leaders and live demonstrations of enterprise security and business software.

Nuclear Asset Information Monitoring and Maintenance (Warrington, England, UK, July 3 - 4, 2018) On July 3rd and 4th in Warrington United Kingdom, nuclear industry leaders will meet for the IoE Events Nuclear Asset Information, Monitoring and Maintenance conference to further develop the sector’s strategic ability to leverage the appropriate people, processes and technology to achieve organisational goals through an enterprise wide integrated asset information strategy.

The Cyber Security Summit: Seattle (Seattle, Washington, USA, July 19, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts. Learn from cyber security thought leaders and Engage in panel discussions focusing on trending cyber topics such as Sr. Leadership’s Best Approach to Cyber Defense, What’s Your Strategic Incident Response Plan?, Protecting your Enterprise from the Human Element and more. Your registration includes a catered breakfast, lunch, and cocktail reception. Receive half off your admission with promo code cyberwire50 at CyberSummitUSA.com and view details including the full agenda, participating solution providers & confirmed speakers. Tickets are normally $350, but only $175 with promo code.

Cyber Security Summit 2018 (Newport, Rhode Island, USA, July 18 - 20, 2018) Join us for Opal Group’s Cyber Security Summit – set in Newport, RI, this premier event will gather C-Level & Senior Executives responsible for defending their companies’ critical infrastructures together with technology providers & distinguished information security experts. Learn from acclaimed security professionals on how to protect your business from cyber attacks during interactive Panels & Keynote presentations. Convene with fellow influential business leaders, C-Suite executives, investors & entrepreneurs over 3 days of sailing, sessions, and networking opportunities.

Health Cybersecurity Summit 2018 (Santa Clara, California, USA, July 20, 2018) Worried about being hacked? Not sure how to respond to a cyber incursion? The first line of defense is a cyber threat preparedness strategy that includes coordination with critical infrastructure and emergency management agencies. Join executives, security professionals and elected officials for the Silicon Valley Leadership Group's Health Cybersecurity Summit on Friday, July 20, at Citrix Headquarters in Silicon Valley. Engage in a real-time cyber threat and response simulation, hone your digital defense skills, and learn about the unique security concerns faced by the healthcare industry and related infrastructure providers.

Chinese espionage at NUSC? Patchwork looks at think tanks. Coinrail cryptoheist spooks markets. G7 to respond to cyberattacks.