The Week in Headlines

April 13 - April 17, 2015

Featured Headline
GAO: Newer Aircraft Vulnerable to Hacking
CNN
April14,2015
Washington(CNN)Hundredsofplanesflyingcommerciallytodaycouldbe
vulnerabletohavingtheironboardcomputershackedandremotelytaken
overbysomeoneusingtheplane'spassengerWiFinetwork,orevenby
someoneontheground,accordingtoanewreportfromtheGovernment
AccountabilityOffice.

Headlines
Marriott Franchisee Reveals Cyber Breach Lasting Seven Months
BusinessInsurance
April9,2015
Ahotelmanagementcompanysaidtherehasbeenasuspectedsevenmonthslongcyberbreachinthe
pointofsalesystemsatfoodandbeverageoutletsat10ofitshotels,primarilyestablishmentsitoperates
asafranchiseeforMarriottInternationalInc.

San Diegos Homegrown FBI Hacking Hit

SanDiegoReader
April10,2015
Mobilephoneandcomputersnoopingbypolice,longastapleinthewaragainstcrime,gotaboosthere
15yearsagowiththeopeningofthenation'sfirstFBIrunregionalcomputerforensicslaboratory.

The Week in Headlines

April 13 - April 17, 2015
FBI: ISIS Backers Deface Websites
DataBreachToday
April10,2015
SympathizersoftheIslamicStateterroristgroupareexploitingavulnerabilityinaWorldPressContent
ManagementSystemplugintodefacethewebsitesofnewsorganizations,businesses,religious
institutionsandgovernmentsintheU.S.andabroad,accordingtotheFBI.

ISIS Blacks Out French Television Station Broadcasts -- CyberTerrorism Has Arrived
Forbes
April11,2015
OnWednesdaynight,partiesclaimingtobelongtotheIslamicState(ISIS)blackedoutbroadcastson11
channelsofFrenchtelevisionstation,TV5Monde,aswellasbreachedanddefacedthenetworkssocial
mediaaccounts.

The Attack on Sony

CBSNews
April12,2015
ThesignificanceisthataforeignpowerhasreachedoutandtouchedanAmericantarget.Thefactthat
theNorthKoreangovernmentfeltthatitcoulddosomethingintheUnitedStatesandgetawaywithit,
that'swhat'ssignificant.

Thousands Could Launch Sony-Style Cyberattack, Says Ex-Hacker

CNET
April12,2015
Thechancesofanothercompanysufferingthedevastatingeffectsofacyberattackliketheone
perpetratedonSonylastyeararenotasremoteaswewouldliketobelieve,securityresearcherssay.

Russia's Cyberattacks Grow More Brazen

TheHill
April12,2015
RussiahasrampedupcyberattacksagainsttheUnitedStatestoanunprecedentedlevelsincePresident
ObamaimposedsanctionslastyearonPresidentPutin'sgovernmentoveritsinterventioninUkraine.

The Week in Headlines

April 13 - April 17, 2015

Atlantic City Casino Authority Website Hacked With Pro-ISIS Messages

6ABCActionNews
April12,2015
ATLANTICCITY,N.J.(WPVI)ThewebsiteoftheCasinoReinvestmentDevelopmentAuthorityin
AtlanticCitywashackedsometimethisweekend.

Why the 'Golden Hour' is so Important in Fending off Hackers

Fortune
April13,2015
Businessesunderacyberattackhaveaonehourwindowtodetectthebreachandcontainitbeforethey
risklosingcontrol,accordingtoanewreport.

Businesses Argue Against Data Breach Bill Change

TheHill
April13,2015
AcoalitionofbusinessgroupsisurgingHouselawmakersnottodropanamendmenttotheirdata
securitybillthatwouldrequirethirdpartyvendorstoinformaffectedconsumerswhentheyexperiencea
breach.

Attorney Says Lawyers Suing Anthem Subsidiaries in Kansas Can Show Data Breach
Harmed Insured
FoxBusiness
April13,2015
AformercandidateforKansasgovernorsaidMondaythatheandotherattorneyswhoaresuingtwo
subsidiariesofAnthemInc.canshowthatindividualswereharmedafterhackersbreachedthehealth
insurer'scomputernetworks.

18-Year-Old Security Flaw Allows Hackers To Steal Credentials From All Versions Of
Windows
Forbes
April13,2015
In1997,researcherAaronSpanglerdiscoveredabuginInternetExplorerthatallowedanattackerto
stealcredentialsusingaprotocolknownasWindowsServerMessageBlock(SMB).

The Week in Headlines

April 13 - April 17, 2015

How Hackers Spied on Asia for a Decade

CNNMoney
April13,2015
"OuranalysisofAPT30illuminateshowagroupcanpersistentlycompromiseentitiesacrossanentire
regionandsubcontinentunabated,withlittletononeedtosignificantlychangetheirmodusoperandi,"the
reportsaid.

One
Million Cyber Threats Released Daily
GazetteHerald
April14,2015
Nearlyonemillionnewcyberthreatswerereleasedonlineeverydayin2014,withfiveoutofsixlarge
companiesgloballytargeted,accordingtoanewreportfromcybersecurityexperts.

User Mistakes Aid Most Cyber Attacks, Verizon and Symantec Studies Show
GMANews
April14,2015
Whenacybersecuritybreachhitsthenews,thosemostcloselyinvolvedoftenhaveincentivetoplayup
thesophisticationoftheattack.

Security Companies Hire Hackers, Ex-Spies to Fight Cyber Attacks

Bloomberg
April14,2015
JustaskScottDavies,30,wholeftacareersnoopingonAustralia'senemiesinDecemberforasimilar
gigatFireEyeInc.OrBrianVarner,35,whoswappedajobwiththeU.S.DepartmentofDefensebreaking
intonetworksintheMiddleEastandotherhotzonestobeasecurityengineeratSymantecCorp.

Health Data Breaches Sow Confusion, Frustration

USAToday
April14,2015
AstheprivacyofficerforTheAdvisoryBoardCo.,RebeccaFayedknowsathingortwoaboutprivacyand
whatcanhappenwhenit'sviolated.

The Week in Headlines

April 13 - April 17, 2015

Hackers Keep Trying New Targets in Search of Easy Data

ABCNews
April14,2015
Thehealthcaresectorhasbecomethehottargetforhackersinrecentmonths,accordingtoresearchers
atSymantec,aleadingcybersecuritycompanythatsaysit'salsoseeingbigincreasesin"spearphishing,"
''ransomware"andeffortstoexploitnewlydiscoveredvulnerabilitiesinsoftwareusedbyawiderangeof
industries.

Gangs of Hackers Cause Cyber Breaches to Spike 23%

USAToday
April14,2015
SANFRANCISCOOrganizedcriminalgangsofhackersgotsmarter,fasterandmoreubiquitouslast
year,pullingoff312majorbreachesagainstcompanies.That'sup23%fromtheyearbefore,Symantec's
2014Internetthreatreportfound.

Online Dating Hackers are Getting Their Victims to Install a Custom Sextortion Android
app
BusinessInsider
April14,2015
Onlinedatinghackersarebecomingmuchmoresophisticatedinthewaytheytargetandstealmoney
victims'cash.Cybercriminalsarenowaskingtheir"dates"toinstallacustommadesmartphoneappthat
installsmalwareandallowsthemtoextractdetailsforblackmailpurposes,GlobalDatingInsightsreports.

Wi-Fi on Planes Opens Door to in-Flight Hacking, Warns US Watchdog

TheGuardian
April14,2015
HackersoncommercialflightscouldnowbringdowntheplanetheyareonbyusingtheonboardWiFi,a
USgovernmentwatchdoghaswarned.

Hackers Target the Vaticans Web Site Over Pope Francis Genocide Comment
WashingtonPost
April14,2015
TurkishhackersreportedlytargetedtheVaticansWebsiteonMondayafterPopeFrancisreferredtothe
masskillingsofArmeniansbyTurksasagenocide,accordingtoreports.

The Week in Headlines

April 13 - April 17, 2015

Official: US Not Ready To Wage Cyber Attack

DefenseNews
April14,2015
WASHINGTONTheUSmilitaryiswellequippedtodefendthecountryagainstcyberattacksbutisnot
yetreadytowagedigitalwarfare,aseniordefenseofficialtoldlawmakersonTuesday.

Target Nears Settlement With MasterCard Over Data Breach

WallStreetJournal
April14,2015
TargetCorp.isclosetoreachingasettlementwithMasterCardInc.toreimbursefinancialinstitutions
roughly$20millionforcoststheyincurredfromtheretailersmassivedatabreachin2013,accordingto
peoplefamiliarwiththenegotiations.

Security Firm Warns of Increased Data Breach Secrecy Amidst Rising Incident Numbers
OutLaw.com
April14,2015
Thenumberofdatabreachesuncoveredbyasecuritysoftwarecompany'sannualsurveyroseby23%in
2014.Thefactthatthenumberofexposedidentitiesdroppedcouldmeanthatcompaniesarekeeping
moreinformationaboutbreachessecret,surveypublisherSymantecsaid.

Iowa Man Accused of Hacking Lottery to Win $14.3 Million Ticket

YahooNews
April14,2015
Thesayinggoesthatyouhaveabetterchanceofbeingstruckbylightningthanwinningthelottery.

Report: Newer Airplanes Vulnerable to System Hackings

WashingtonExaminer
April15,2015
Newercommercialairlinesarevulnerabletobeingtakenoverbysomeoneremotelyhackingandusing
theplane'spassengerWiFinetworks,accordingtoanewGovernmentAccountabilityOfficereport.

Pentagon to Release New Cyber Security Strategy Soon

BusinessStandard
April15,2015

The Week in Headlines

April 13 - April 17, 2015
TheUSDefenseDepartmentwillreleaseanewcyberstrategynextweekto"guidethewayforwardfor
thenextseveralyears",accordingtoaseniorPentagonofficial.

Cyber Attack Hobbles Salisbury Fire Department's Computers

NewburyPortNews
April15,2015
SALISBURYAnastycomputervirusthathadsomeofthehallmarksofaransomwareattackhobbled
theSalisburyFireDepartmentrecently,destroyingcomputerfilesandtemporarilyforcingstafferstoresort
topenandpaper.

Why This National Data Breach Notification Bill Has Privacy Advocates Worried
WashingtonPost
April15,2015
Oneproposaltoaddressthesituation,theDataSecurityandBreachNotificationAct,beingconsideredby
theHouseEnergyandCommerceCommitteeonWednesdaywouldtrytochangethat.

Meet Tanium, The Secret Cybersecurity Weapon Of Target, Visa And Amazon
Forbes
April15,2015
Itwastoofast,saysSinofsky,whousedtorunMicrosoftsWindowsdivision.Toaperson,wejust
assumeditwasamockup.Weaskedhowlongitwouldtaketobuildforreal.

The Morning Risk Report: Seven Simple Steps to Better Cybersecurity

WallStreetJournal
April15,2015
Simplestepscouldgoalongwaytoprotectingcompaniesfromhackersandlimitingtheamountof
informationandtheamountoffinancialandreputationaldamagetheycouldsufferifcybercriminals
attack.

Ransomware a Growing Threat to Small Businesses

WallStreetJournal
April15,2015
Moresmallbusinessesarefallingvictimtoransomware,inwhichmaliciouscodelocksupcomputerfiles
andcybercriminalsdemandaransomtofreethem.

The Week in Headlines

April 13 - April 17, 2015
Dropbox is Paying Thousands of Dollars to Hackers Who Identified Security Flaws
BusinessInsider
April15,2015
DropboxtodaylaunchedabugbountyprograminconjunctionwithHackerOne.Rewardsstartata
minimumof$216andthereisnomaximumgiven.

Cyber attacks: Inside the FBIs Fight Against one of Americas Newest Threats
MSNBC
April15,2015
Theoddsare,unfortunately,infavorofthehackeratthispoint,saysLeoTaddeo,specialagentin
chargeofcyberandspecialoperationshere.Weretryingtochangethat.

National Data Breach Notification Bill Advances

DataBreachToday
April15,2015
TheHouseEnergyandCommerceCommitteeapprovedonApril15theDataSecurityandBreach
NotificationActbya2920vote,withonlyRepublicanssupportingthemeasure.EvenitsDemocratic
cosponsor,Rep.PeterWelchofVermont,votedagainstit.

Medical Records Under Threat from Data Breaches

SciTechToday
April15,2015
Compromisedinformationincludedpatients'names,homeaddresses,ages,illnesses,testresultsor
SocialSecuritynumbers.Mostinvolvedelectronicdataandtheft,includingstolenlaptopsandcomputer
thumbdrives.

Here's Why Companies Keep Losing the Battle Against Hackers

Bloomberg
April15,2015
ThefailurethatopenedthedoorforhackerstobreakintoTargetspointofsalesystemsin
2013resultinginthelargestretailbreachinU.S.historywasntcausedbyweakfirewallsorflawed
securitysoftware,butbythegullibilityofpeople.

The Week in Headlines

April 13 - April 17, 2015

Guarding Against a Cyber 9/11

WallStreetJournal
April15,2015
TheInternetprovidesaneasy,lowcostandlowriskmeansfornonstateactorsorterroristgroupsto
amplifytheimpactofanyattack.

This is How Connected Cars Can Be Saved From Hackers

ETAuto.com
April15,2015
Ifyoulookaroundourworldtoday,thegrowthinelectromechanicalsystemsisquiteastounding.Manyof
thethingsweinteractwithonadailybasisarebeingcontrolledbysomenumberofembeddedcontrol
systems,andnowhereisthismoreevidentthaninthemoderndayautomobile.

State of Texas Cybersecurity Coordinator Named

DIR
April15,2015
AUSTIN:TheTexasDepartmentofInformationResources(DIR)announcedthepromotionofEdward
BlocktoserveastheStateofTexasChiefInformationSecurityOfficer(CISO).Edwardbringsyearsof
experienceatDIRincybersecuritymanagement,havingmostrecentlyservedasInterimCISOsince
February.Hisnewresponsibilitybeginsimmediately.

Dropbox is Paying Thousands of Dollars to Hackers Who Identified Security Flaws

BusinessInsider
April15,2015
DropboxtodaylaunchedabugbountyprograminconjunctionwithHackerOne.Rewardsstartata
minimumof$216andthereisnomaximumgiven.

Iranian Cyberattacks on the Rise, Study Says

TheHill
April16,2015
Iranispickingupthepaceofitscyberattacks,andsomefearifeconomicsanctionsarelifted,Tehranwill
simplypumpitsnewrevenueintocyberwarfare.

The Week in Headlines

April 13 - April 17, 2015

DEA, US Army Bought $1.2M Worth of Hacking Tools in Recent Years

arstechnica
April16,2015
TheDrugEnforcementAdministration(DEA)andtheUnitedStatesArmyhavealmostcertainlybeen
buyingquestionableremoteaccesshackingtoolsforyearsfromanItaliancompanycalledHackingTeam,
viaanobscureAmericanresellercalledCicomUSA.

IT Manager Accused of Hacking into Ex-Northbrook Employer's Emails

ChicagoTribune
April16,2015
GeorgeTurner,50,ofVernonHills,waschargedwithcomputerfraud,illegalwireinterceptionsand
disclosinginformationfromillegalwireinterceptions,federalprosecutorsannouncedThursday.

Premera Cyberattack: How an Ancient State Law Makes Our Data Vulnerable
Crosscut
April16,2015
OddsaregoodyougotoneoftheselettersfromPremeraBlueCross,too.TheMountlakeTerracebased
healthinsurersentthemoutto6millionsubscriberaccountsinWashingtonandanother5millionin
OregonandAlaska.

Experts Warn ISIS' Cyberattack Capabilities Leave US Vulnerable

Newsmax
April16,2015
IslamicState(ISIS)terroristsarebecomingmorecybersavvythanever,expertswarn,showing
surprisinglysophisticatedcapabilityatrecruitingyoungcomputermavenstotheircause,hackinginto
worldwidewebsitesandposingaseriousthreattoWesternemergencysystems,utilities,
communications,andtransportationsystems.

HSBC Finance Notifies Mortgage Customers of Data Breach

AmericanBanker
April16,2015
HSBChasinformedNewHampshire'sAttorneyGeneralofacompromiseofsomerecordsofcurrentand
formermortgagecustomersofitsHSBCFinanceunit.HSBCFinanceisanonbanklender,formerly
knownasHouseholdFinance,thatHSBCboughtin2003.Thebankisintheprocessofwindingitdown.

The Week in Headlines

April 13 - April 17, 2015

How To Deter Cyber Criminals? "Good Guys" Will Share Data Socially
Forbes
April16,2015
Hackersnolongerarethelonewolvesthatmanyofusimagine,operatingsoloinsecrecytolaunchtiny,
farfetchedphishingschemesthatonlythemostnaiveofuswouldfall.

Hacker In Trouble With Feds After Tweeting About 'Playing' With Plane Comms
Mid-Flight
Forbes
April17,2015
Whatsthefirstruleofflightclub?No,itsnotdonttalkaboutflightclub.Thefirstruleis:donottweet
abouthackingflightsystemswhenusingtheonboardWiFi.ButprohackerandfounderofOneWorld
Labs,ChrisRoberts,didjustthatonatripfromDenvertoSyracuseyesterday.

New Dark-Web Market Is Selling Zero-Day Exploits to Hackers

Wired
April17,2015
HACKERSHAVEFORyearsboughtandsoldtheirsecretsinadefactograymarketforzeroday
exploitsintrusiontechniquesforwhichnosoftwarepatchexists.

Iran Steps Up Cyber Attacks on the US

TheNational
April17,2015
ASNEGOTIATORSfromagroupofworldpowerspreparetomeetrepresentativesfromIrannextweekto
discussthatcountrysnuclearprogramme,areportpublishedtodaysuggeststheIranianshavestepped
uptheircyberattacksontheUS.Norse,acybersecurityfirm,andtheAmericanEnterpriseInstitutesaid
Iranhadgreatlyincreasedthefrequencyandsophisticationofitsattacks.

Cybersecurity Talent: Worse Than a Skills Shortage, its a Critical Gap

TheHill
April17,2015
TheU.S.HouseofRepresentativesnextweekisexpectedtoconsiderimportantmeasuresaimedat
bulkingupAmericancyberdefensesinthewakeofnumerousandrelentlessattacks.

The Week in Headlines

April 13 - April 17, 2015

The Cybersecurity Risk That Dwarfs All Others

Forbes
April17,2015
Ifyoureinalargeenterprise,theanswerislikelytobeIhavenoideaorworse,perhapsyouhavea
numberinmindthatinrealityiswoefullyinaccurate.

WikiLeaks Republishes All Sony Hacking Scandal Documents

TheGuardian
April17,2015
WikiLeakshasrepublishedtheSonydatafromlastyearshackingscandal,makingallthedocumentsand
emailsfullysearchablewithaGooglestylesearchengine