| | 
"Deathly Hallows Will Land Secretly in India With Deadly Security"
Daily News & Analysis (India) (07/11/2007) ; Pandey, Vineeta Harry Potter and the Deathly Hallows, the last book in the immensely popular Harry Potter series, will be subjected to stringent security measures in India during the run-up to its July 21 global release date. The shipment and delivery of the books have been planned down to the detail to prevent pirated copies from being released. Penguin India, which will distribute the books in India, has hired a security company to help guard the books as they are shipped and delivered by a courier company. Reports suggest that the books will be packed inside sealed containers and delivered to top Indian cities via air cargo. The containers will then be transferred to trucks that will deliver the books to bookstores. Half a dozen armed security guards will protect each truck. Penguin India has advised book distributors in India on how to secure their stocks of the book until the book is officially released. One book distributor has been told that book shipments will reach the distributor by midnight July 20 "accompanied by armed guards" who will protect the books until 6:00 a.m.
(go to web site) "Expert Advice"
MarketWatch (07/01/07) ; Coombes, Andrea Technology analysts and tech-product engineers offer advice on how consumers can protect themselves from identity theft. Former identity thief Frank Abagnale, whose life as a criminal is recounted in the 2002 movie "Catch Me if You Can," says technology has made it easier to commit ID fraud. "Everything I did 40 years ago, when I was a teenager, is thousands of times easier to do today. Technology has made it so much easier to commit these crimes," he states. To avoid having his personal information accessed, Abagnale pays for everything with credit cards, then pays off the balance each month. "My money is never at risk, only their money," he says. Abagnale also uses a credit protection service that tracks credit activity through each of the three major credit bureaus, disposes of all documents containing personal information with a microcut shredder, and opts out of creditors' information-sharing arrangements. Gartner Research analyst Avivah Litan avoids putting her debit card information online and has instructed her bank not to permit transfers to other institutions in the event her account information is intercepted by ID thieves. Litan also never clicks on links collected through search engines because some links are created by criminals. Meanwhile, Sapphire Mobile Systems CEO Richard Rasansky, whose firm developed a mobile debit network for procuring financial accounts from handheld devices, avoids writing checks and stores all important information on a portable USB drive.
(go to web site) "Keeping Baby Safe & Sound"
The Nursing Spectrum (07/02/07) ; Wood, Debra Anscombe The National Center for Missing & Exploited Children (NCMEC) reports over 120 babies were stolen from healthcare facilities across the United States between 1983 and 2007, and 56 percent of those infants were abducted from their mothers' rooms and 14 percent from the nursery. Despite electronic monitoring equipment and other protections in place, infant abductions still occur, though not in high numbers. Nurses indicate these abductions take an emotional toll on parents, as well as nurses, who believe they failed to protect their patients. Association of Women's Health, Obstetric and Neonatal Nurses (AWHONN) member Sandra Cesario, RNC, PhD, of Texas Woman's University College of Nursing says, "Consumers expect a high level of security and safety." Most facilities use radio frequency identification (RFID) tags to locate and track infants throughout the hospital, involving a strap attached to the infant's ankle or umbilical cord that triggers an alarm in obstetrics if the tag is taken off or the infant is taken to the wrong room. However, these high-tech programs are only one part of the equation; facilities also need to develop strong policies and procedures for nurses regarding visitors and for patients handing over their infants to nurses. According to AWHONN, parents should ask their primary nurse about unscheduled tests, make sure bassinets are always used to transport the infants, keep these bassinets away from the door, and ensure they are not left unattended while the mother showers. AWHONN and NCMEC jointly created an educational program, Safeguard Their Tomorrows, for nurses and other healthcare professionals to help them recognize infant abduction risks and write abduction-prevention policies. If potential abductors are spotted in one facility asking numerous questions and visiting with more than one mother, nurses and other hospital staff should alert nearby facilities; and facilities need to educate new parents about how to protect themselves from these criminals.
(go to web site) "Risk Managers Learn Lessons from 9/11"
National Underwriter (Property & Casualty - Risk & Benefits Management Edition) (07/09/07) P. 37 ; Sullivan, Desmond The 2001 terrorist attacks on the World Trade Center and the Pentagon taught risk managers some valuable lessons about preparing their organizations for catastrophe. For example, the terrorist attacks illustrated the importance of business continuity plans (BCPs), which allowed major financial institutions impacted by the attacks to quickly recover. However, many companies still have not updated their BCPs. It is essential for companies to reexamine their policies and their effectiveness in case there is another terrorist attack or some other type of disaster. Risk managers and insurance adjusters need to work closely to assess buildings and other assets to ensure they are protected and risks associated with those assets are mitigated. Insurance firms, accountants, engineers, restoration firms, and others are examining their own operations to ensure they resume functionality once disasters occur in order to better serve their clients. While many firms have determine how to best back up and protect their data in a disaster--mostly through decentralized locations--one issue that still needs to be addressed is the issue of relocating personnel in the aftermath of a catastrophe. Alternative workplaces are essential to keeping a businesses operational after a disruptive event.
(go to web site) "Salary Premiums for Security Certifications Increasing, Study Shows"
Computerworld (07/09/07) ; Vijayan, Jaikumar Recent statistics show that a professional security certification will enable information technology security workers to earn higher salaries. For example, a Foote Partners study released the first week of July concludes that security professionals with security certifications earn up to 15 percent more than their non-certified colleagues. And from October to April, a group of 27 security certifications examined by the Foote study grew in value by an average of 1.7 percent. Foote Partners CEO David Foote says that demand for certified security professionals is growing following a recent downturn. And the demand is being driven not by compliance and government regulation, but by customers who are "demanding more security" from companies. The fallout from major data breaches such as the TJX breach has caused consternation among corporate executives, prompting many executives to make additional commitments to security. A Department of Defense mandate requiring certification from IT security professionals is also increasing demand for certified security professionals, says Foote.
(go to web site) 
"White House Calls Meeting on Al Qaeda Threat: Report"
Reuters (07/10/07) A small cell of Al Qaeda operatives from overseas may be inside the United States or en route to the United States at the present time, according to an ABC News report citing information from top U.S. intelligence officials. The Bush administration has called an urgent meeting to be held Thursday, July 12, to discuss the threat. Multiple agencies will participate in the meeting, which will be held in the White House Situation Room. Among other things, the meeting will focus on tightening security at government buildings. The Bush administration has held several other meetings recently to discuss new information and intelligence that has been gleaned from the investigation into the U.K. car bomb plot. The administration believes that the terrorism risk to the United States is higher now than it has been in a while, one official said.
(go to web site) "Sting Reveals Security Gap at Nuclear Agency"
Washington Post (07/12/07) P. A1 ; Day, Kathleen Government Accountability Office (GAO) investigators conducting an undercover sting easily duped officials at the Nuclear Regulatory Commission (NRC) into giving them a license that allowed the investigators to purchase 45 gauges containing radioactive material that could be used to build a dirty bomb, according to a new GAO report. The investigators, who pretended to be representatives of a fake company based in West Virginia, used nothing more than a telephone, fax machine, and post-office box to procure the license from the NRC, which has oversight authority of U.S. nuclear power plants and radioactive material. NRC officials granted the license within just 28 days. They did not bother holding an in-person interview with the alleged businessmen, nor did they physically visit the alleged West Virginia company. The GAO investigators made several counterfeit copies of the license and altered the copies to give their bogus company the power to purchase "an unrestricted quantity" of radioactive material--enough to make a very powerful and lethal dirty bomb. Sen. Norm Coleman (R-Minn.), who asked the GAO to carry out the investigation, criticized the NRC for its "pre-9/11" mindset, noting that the GAO ploy could be used by Al Qaeda to set up a fake company and gather materials for a dirty bomb.
(go to web site) "British 'Big Brother' System of CCTV Surveillance Impresses Neighbors in Europe and in U.S."
Associated Press (07/11/07) ; Leicester, John Great Britain's sprawling network of 4 million closed-circuit security cameras has been instrumental in helping authorities investigate three separate terrorist attacks or attempted attacks in recent years, all three of which were aimed at transportation targets. The U.K. camera network is seen as the gold standard for surveillance camera systems, and it is drawing increasing numbers of admirers in both the United States and elsewhere in Europe, including France, where President Nicolas Sarkozy has announced his own "vast plan" to deploy CCTV cameras on public transport. In Paris, a network of 5,000 cameras protects the city's subway system and suburban train network, and 1,540 more cameras will be added to that total before the year is out. Similarly, New York City officials intend to place cameras aboard hundreds of buses in Manhattan and install 1,000 cameras, along with 3,000 motion sensors, to protect the city's subway and commuter rail stations. In Germany, last summer's failed train bombing plot has convinced officials to increase the number of surveillance cameras protecting train stations, harbors, and airports, and Turkey likewise announced that it will expand its camera network from large cities like Istanbul to vacation areas and tourist resorts. During the investigation into the failed July 21, 2005, London transit bombing plot, U.K. police used 18,000 hours of camera footage to track down and arrest the plot's operatives, preventing them from striking another day.
(go to web site) "Bin Laden's Son Seeks to Enter UK"
Australian (07/11/07) Osama bin Laden's 27-year-old son Omar Ossama bin Laden is planning to marry a 51-year-old British woman who is seeking a visa that would allow the younger bin Laden to enter the United Kingdom. The woman, Jane Felix-Browne, is a grandmother who has been married five times previously. Felix-Browne defends her impending marriage, saying that she has "married the son, not the father," and explaining that Omar bin Laden "is pious, quiet, a true gentleman." Omar bin Laden is Osama bin Laden's fourth eldest son. The son has not had any communications with Osama bin Laden since 2000, when he was with his father in Afghanistan, Felix-Browne says.
(go to web site) "New York Plans Surveillance Veil for Downtown"
New York Times (07/09/07) P. A1 ; Buckley, Cara The New York City Police Department expects to have implemented the first phase of a massive surveillance camera system in Lower Manhattan before the year is out. The Lower Manhattan Security Initiative is modeled after the Ring of Steel anti-terrorism surveillance system in London, which has helped U.K. authorities in their investigations of the recent car bomb plots and the July 2005 transit bombings. Like the London system, the New York initiative will eventually feature mobile roadblocks and cameras capable of reading the license plates of vehicles. New York officials plan to deploy 116 license plate readers, some of which will be installed in helicopters and cars, and if the city's congestion pricing plan is approved, police are expected to use data from license plate readers that will be installed as part of the congestion pricing plan. Police officers and personnel from private security companies will staff an operations center where live data from the cameras will be monitored; by pushing a button, the operators will be able to deploy mobile traffic gates at crucial junctions, thereby halting suspicious vehicles and other traffic. The cameras will be used in tandem with software capable of detecting suspicious behavior such as a bag that has been abandoned or a car that repeatedly cruises the same city block. All told, some 3,000 cameras--including about 2,000 owned by companies in the city--will be in place by the end of 2008. The surveillance network will feature one of two technologies: face-recognition or biohazard sensors.
(go to web site) "Tight Restrictions for 'Cove' Dwellers During All-Star Game"
San Jose Mercury News (CA) (07/09/07) ; Simerman, John Security will be exceptionally tight for the Major League Baseball (MLB) All-Star Game, which is being held Tuesday night at San Francisco's AT&T Park. The festivities surrounding the event actually began July 6, and a total of up to 250,000 people were expected to attend the events surrounding the game. Security for the game itself includes a three-mile no-fly zone; road closures; a Coast Guard-imposed security zone in the waterways around the stadium; Coast Guard bomb-sniffing dogs aboard ferries; metal detectors at the stadium gates; law enforcement command posts; and surveillance cameras inside the stadium. Upward of 20 government agencies are participating in the security effort, which includes the presence of SWAT teams, first responders, medical personnel, and terrorism experts hired from private firms. As the game itself unfolds, potential threats will be judged on an "inning by inning" basis, officials said. The FBI is taking the event very seriously due to "the number of people and the symbolic aspects of baseball in American culture," an FBI spokesman said. "Any time there's any sort of major public event these days, we have to look at it as potentially a terrorist target," the spokesman said.
(go to web site) "Powerful New Tool Is Key to Reducing Risk"
ENR (07/09/07) Vol. 259, No. 1, P. 10 ; Sawyer, Tom; Bergeron, Angelle On June 20, the U.S. Army Corps of Engineers unveiled a new risk management tool for New Orleans, which scientists created from hurricane research and engineering reports on storm defenses used by cities to protect against disasters. Corps Commander and Chief of Engineers Lt. Gen. Robert Van Antwerp noted the tool also could be adapted as new information about hurricanes, storms, and storm defenses are uncovered. The risk tool utilizes computer modeling, detailed construction, engineering, design, and maintenance data of defenses coupled with probable storm event risks to help engineers and planners prioritize which defenses should be fortified first. The Interagency Performance Evaluation Task Force (IPETF), which developed the risk management tool, indicates the model incorporates the possible consequences of risk events in order to show planners what property damage can occur and how many lives will be lost for a given catastrophe. Analysts note the tool will show planners in urban areas that investing in coordinated defense improvements would bolster economic security and public safety, while the same improvements in rural areas would have little effect. IPETF Director Ed Link says, "The model is the most accurate tool that has ever existed for predicting the intensity and effects of future hurricanes in the Gulf," especially since the model incorporates a swath of engineering data from New Orleans' 37 sub-basins and their protection systems. Moreover, the tool can be modified to examine vulnerabilities of specific protection systems, including floodgates, pumps, and transitions between each device. The Corps posted high-resolution street maps generated by the risk tool to demonstrate how various protection system improvements have reduced risks, potential property losses, and deaths.
(go to web site) 
".Bank Proposal Gets Lukewarm Reception"
Computerworld (07/12/07) ; Springell, Sharon F-Secure has proposed that a .bank domain priced at $50,000 or more would reinforce security for Australian banks against phishing scams. However, industry representatives are hesitant to adopt the Finnish company's initiative, which hypothesizes that cybersquatters and phishers would be deterred from purchasing the prohibitively expensive domain. F-Secure senior security specialist Patrik Runald says increasing the price of the domain would not be "the magic bullet" to cybersecurity, but it would serve as a preventative measure to stave off fraudsters. F-Secure also proposed the creation of an administrative organization to oversee the validity of banks using the domain, providing an added level of security. Yet the National Australia Bank (NAB) says that it is not convinced, as consumers do not necessarily differentiate between valid sites and phony ones, and the initiative does not address the threat of Trojans. A spokeswoman for the NAB says that the bank's SMS Payment Security service is an effective means of authentication and that customers are provided with discounted security software, in addition to receiving assistance from an employee from the Australia High Tech Crime Centre.
(go to web site) "Bootable Disc Makes for Safer Banking, Researcher Claims"
Computerworld Australia (07/10/07) ; Springell, Sharon Bond University professor and computer science researcher Paddy Krishnan has developed a secure software application that bypasses the problem of viruses completely for sensitive transactions such as online banking. Krishnan and his team at Bond's Software Assurance Center created a security system for home users tentatively called BOSS, or Bank on Secure System. The user places the BOSS CD into the PC and reboots the computer. Instead of the usual operating system loading, the BOSS system loads first. Once loaded, a browser opens with a graphical keyboard for extra security. Normal online banking can then be conducted. When the user is finish, the original operating system is restored by removing the CD and rebooting. Krishnan says the BOSS system works because viruses on a computer's hard drive are inactive when running the BOSS CD, and that banks and home users would not have to change their hardware or software. Krishnan's next step is to continue his research into a formal verification system for the software. "Verification is very hard because you need to mathematize the whole thing and the system is too big for that," Krishnan says. "But it is the only way to ensure that something works."
(go to web site) "Six Ways to Fight Back Against Botnets"
Network World (07/06/07) ; Bort, Julie There are a number of steps that security professionals can take to mitigate the threat posed by botnets. Perhaps one of the best ways to fight bots is to hire a Web-filtering service, which scans Web sites that exhibit unusual behavior or known malicious activity and block those sites from users. In addition, some Web-filtering services notify Web-site operators and ISPs that malware has been discovered so hacked servers can be fixed. Security professionals can also prevent bot infections by standardizing on a browser other than Internet Explorer or Mozilla Firefox, the browsers for which the majority of malware is written. Another approach security professionals can take is to fine-tune their intrusion detection systems (IDSs) and intrusion prevention systems (IPSs) to look for bot-like activity, such as a machine suddenly blasting away on Internet Relay Chat or a machine attempting to connect to offshore IP addresses or illegitimate DNS addresses. IDSs and IPSs can also look for harder to notice signs, such as a sudden increase in SSL traffic on a machine, particularly in unusual ports. Finally, security professionals need to protect their Web operations from being used by malware writers. The company's public blogs and forums should be restricted to text-only entries to prevent users from embedding JavaScript and HTML tags within their messages.
(go to web site) Abstracts Copyright © 2007 Information, Inc. Bethesda, MD |
No comments:
Post a Comment