Breach, Data Security, Incident Response, TDR, Threat Management

News briefs: Mandiant uncovers espionage, Evernote is breached, and more

» A detailed report from incident response and forensic firm Mandiant on the inner workings of a Chinese-based cyber espionage group uncovered the purported theft of hundreds of terabytes of information from more than 100 organizations in the United States. The operations of the secret Chinese military unit 61398 were traced to
a 12-story building in Shanghai. 

»The Obama administration released a report on thwarting U.S. trade secret theft. The report, called “Administration Strategy on Mitigating the Theft of U.S. Trade Secrets,” said government action to prevent the theft of sensitive corporate or government data could include jailing or fining offenders, or invoking international trade restrictions. The White House will also seek to bolster diplomatic relationships between the U.S. and foreign trade partners, and to promote private sector and public awareness about related threats. 

»As public anxiety mounted about advanced attacks on major American companies and government entities, the security community gathered for the 22nd annual RSA Conference, which opened in late February. Drawing more than 24,000 attendees to San Francisco, the conference featured security leaders who led a number of discussions on quantifying the true threat of nation-state attacks and how security professionals should respond to these campaigns. In addition, keynotes and speakers broached a number of other security trends and concerns, such as bring-your-own-device (BYOD) management, cloud, Big Data and privacy. Keynote staples Art Coviello, president of EMC's RSA, and Scott Charney, vice president of trustworthy computing at Microsoft, opened the show, while Jimmy Wales, founder of Wikipedia, shared how the internet can democratize developing countries. Other keynotes included Google's Vint Cert and former Secretary of State Condoleezza Rice.

»Popular note-taking software service Evernote reset the passwords for its 50 million users following a network breach. Intruders accessed usernames, email addresses and encrypted passwords of Evernote users. To the frustration of many in the security community, the company reportedly used MD-5, a cryptographic hash function widely known as vulnerable to being cracked.

»Bit9, a Waltham, Mass.-based company that provides software whitelisting technology, was breached by hackers who accessed its code-signing certificates. In the incident, hackers were able to digitally sign malware to make it appear as legitimate files. Due to the breach, malware was delivered to three unnamed customers of Bit9.

»The sentencing of LulzSec leader-turned-FBI-informant Hector Monsegur, or “Sabu,” was pushed back six months to allow for his continued cooperation with the FBI. Though Sabu faces up to 124 years in prison, a much lighter sentence is expected due to his history of aiding agents, which has led to the arrest of at least five other members of the Anonymous and LulzSec hacktivist collectives. Meanwhile, Jeremy Hammond, one of the hackers Monsegur reportedly gave up to authorities, is scheduled for an April 10 trial. Hammond faces 30 years to life in prison, if found guilty of aiding to hack the Arizona Department of Public Safety and global intelligence firm Stratfor in 2011.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.