| |
Billionaire Financier Stanford Surrenders to FBI
Bloomberg (06/19/09)
R. Allen Stanford, the Texas financier who is under investigation by the FBI and the Securities and Exchange Commission for allegedly defrauding investors out of $8 billion, surrendered to federal agents in Fredericksburg, Va., on Thursday. Stanford is scheduled to appear in federal court in Richmond, Va., on Friday morning. Meanwhile, federal prosecutors could announced charges against Stanford on securities fraud as early as Friday, a government official who spoke on condition of anonymity said. The charges stem from the Stanford Group's sale of $8 billion in certificates of deposits in the Antigua-based Stanford International Bank. According to a lawsuit filed against Stanford by the SEC, the company's financial advisers told their clients their money would primarily be invested in easily sold financial instruments monitored by over 20 analysts and audited by Antiguan regulators. But the overwhelming majority of the portfolio was instead managed by Stanford and the company's chief financial officer, James M. Davis, who invested most of the money in private equity and real estate, the SEC said. In addition, the SEC said that Stanford International Bank promised returns that "improbable, if not impossible." Other associates of Stanford's will also likely be charged for their involvement in the fraud. Stanford has maintained that he did nothing wrong.
Woman Convicted in File-Sharing
Associated Press (06/19/09)
A federal jury in Minneapolis has found a Minnesota woman guilty of violating music copyrights by illegally sharing songs through the peer-to-peer service Kazaa. The jury also ordered the woman, 32-year old Jammie Thomas-Rasset, to pay the recording industry $1.92 million in damages for willfully violating the copyrights on 24 songs. Although she was only found guilty of violating the copyrights on 24 songs, the recording industry believes that Thomas-Rasset was sharing 1,700 songs on Kazaa as of February 2005. The music industry only sought to prove 24 infringements for the sake of simplicity. Despite the jury's verdict, Thomas-Rasset maintains that she did not share any of the songs through Kazaa, which became a legal music subscription service after it reached a settlement with several entertainment companies. During her testimony this week, Thomas-Rasset suggested that her four children or her ex-husband might have been responsible for sharing the songs, but provided no evidence to support her claims. Thomas-Rasset has not said whether she intends to appeal the verdict or accept a settlement from the recording industry. The verdict brings to a close the only file-sharing case to make it all the way to trial. The overwhelming majority of the 30,000 similar lawsuits were settled for about $3,500 per song before they made it trial. The recording industry says it is no longer filing lawsuits against file sharers, and is instead dealing with the problem of illegal file sharing by working with Internet service providers.
Financial Institutions Have Lost Battle to Protect Customer Data--TowerGroup
Finextra (06/16/09)
More than 100 data breach incidents containing millions of data records were disclosed in the first four months of 2009 alone, and TowerGroup warns that U.S. financial institutions have failed to shield customers' personal information and must assume that all their clients' data has been, or eventually will be, exposed. A recent Verizon study estimates that hackers stole 285 million electronic records last year, which tops the number of records stolen in the previous four years. The bulk of the breaches targeted the financial services sector. "While greater access to customer data is key for businesses to improve customer relationship management and business processes, there will always be repercussions, including the possibility of personal data landing in the hands of the wrong parties," says TowerGroup's George Tubin. Government regulators must deploy meaningful data breach prevention requirements and penalties that spur businesses to safeguard information, and data breaches will continue to worsen until such penalties are implemented, the TowerGroup says. In the meantime, firms should consider the employment of knowledge-based authentication and one-time passwords delivered through short message services. Tubin says that although effective and usable data loss prevention technologies and practices are widely available to businesses, they are "grossly underutilized."
Many Hospitals Seeing Increase in Violence
Charleston Daily Mail (WV) (06/16/09) Rivard, Ry
A number of hospitals have recently seen an uptick in the number violent incidents occurring on their grounds. Among them is Charleston Area Medical Center's Memorial Hospital in Kanawha City, W.Va., which was the scene of a murder on June 13. Police say a patient in the hospital's intensive care unit was shot and killed by his estranged wife. Such incidents are difficult to prevent, said Russell Colling, a health care security consultant and the author of the guidebook "Hospital and Healthcare Security." Colling noted that the increase in violence may be the result of an increase in the number of people coming in and out of hospitals, as well as more lenient rules for visiting hours and the elimination of passes for visitors. Addressing the problem of violence in hospitals is likely to be difficult for a number of reasons, Colling said. For instance, the murder at the Kanawha City hospital would have been difficult to prevent because family members are generally not seen as being a threat to patients, Colling said. He also noted that security measures such as metal detectors are impractical for many hospitals because the devices are expensive and because hospitals typically have a large number of entrances. In addition, walk-through metal detectors have to be staffed around the clock by at least two security guards--a requirement that drives up the cost of using the devices even more, Colling said.
Pirate Threat Grows in Gulf
Wall Street Journal (06/15/09) P. A9; Cummins, Chip
Pirates on Friday hijacked the M/V Charelle, a general-cargo carrier that is flagged in Antigua and Barbuda, as it was traveling through the territorial waters of Oman. According to NATO public affairs officer Cmdr. Chris Davies, the attack took place as the M/V Charelle was heading toward the Strait of Hormuz, a busy shipping route that is the mouth to the Persian Gulf. After hijacking the ship, the pirates steered the vessel and an unknown number of crew members towards Somalia, Cmdr. Davies said. The hijacking is the first successful attack by pirates near the Strait of Hormuz, a transit point for as much as 17 million barrels of oil each day. Experts say that pirates may be moving towards the area to flee the international coalition of navies that has been patrolling the waters around the Horn of Africa over the last several months in response to an increase in pirate attacks there. Bad weather may also be pushing pirates away from the Horn of Africa.
Iran's Khamenei Demands Halt to Election Protests
Reuters (06/19/09) Dahl, Fredrik; Hafezi, Parisa
In a speech before tens of thousands of worshippers who had gathered in and around Tehran University for Friday prayers, Iranian Supreme Leader Ayatollah Ali Khamenei called for an end to the protests over the country's disputed presidential election. Khamenei added that there was no possibility that the election was rigged in favor of incumbent President Mahmoud Ahmadinejad as opposition candidate Mirhossein Mousavi has claimed. Khamenei's speech followed six days of protests by Mousavi's supporters--protests that have been the largest and most widespread since the 1979 Iranian revolution. On Thursday, tens of thousands of Mousavi supporters gathered to protest the deaths of the eight people who have been killed since the unrest began. In addition to cracking down on the protests, Iranian authorities have also arrested a number of reformists and have imposed restrictions on foreign and domestic media outlets.
U.S. Fortifies Hawaii to Meet Threat From Korea
Wall Street Journal (06/19/09) P. A1; Dreazen, Yochi J.
Defense Secretary Robert Gates said Thursday that the U.S. is taking several steps to protect Hawaii in the event North Korea fires a long-range missile in the direction of the state, as Japan's Yomiuri newspaper recently speculated. For instance, the U.S. is positioning a floating radar array in the Pacific Ocean near Hawaii to track an incoming missile, Gates said. He also noted that the U.S. is deploying ground-to-air missile defenses that may be capable of shooting down a North Korean missile should President Obama give such an order. Gates' comments come amid increased speculation that North Korea could test a long-range missile sometime this summer. According to the Yomiuri newspaper, such a launch could take place sometime around July 4. However, most U.S. officials do not believe a North Korean missile would be capable of hitting Hawaii.
CIA Mistaken on 'High Value' Detainee, Document Shows
Washington Post (06/16/09) Finn, Peter; Tate, Julie
A recently-released transcript from the Combatant Status Review Tribunal of Abu Zubaida shows that the CIA was mistaken regarding Zubaida's position in al-Qaeda. Testifying during the review, held at Guantanamo Bay in 2007, Zubaida claims that the CIA told him that they had mistaken him for the No.3 man in the organization's hierarchy. In 2002, President George W. Bush described Zubaida as "al-Qaeda chief of operations." However, members of the intelligence community, military, and law enforcement all later reported that they had concluded Zubaida was not even an official member of the organization but merely a Pakistan-based "fixer". The transcript also reveals that Zubaida was subjected to waterboarding 83 times. In addition to the Zubaida transcript, the transcript of five other "high-value detainee's reviews have been released following a Freedom of Information Act request and subsequent lawsuit pursued by the American Civil Liberties Union (ACLU). The Pentagon had previously released versions of the transcript in 2007. Despite the ACLU's protests, the transcripts still contain redactions. For example, the testimony of Majid Khan, an alleged associate of self-proclaimed September 11th mastermind Khalid Sheik Mohammed, includes eight blacked out pages that supposedly describe Khan's treatment at a CIA "black site" prison. The ACLU argues that the only reason the CIA has for redacting such information is to protect it from "legal accountability." CIA spokesman George Little responded that the agency "plainly has a very different take on its past interrogation practices--what they were and what they weren't-- and on the need to protect properly classified national security information."
In '03, Hints of Skepticism by Sotomayor on Expanded Wiretapping
New York Times (06/16/09) Savage, Charlie
Judge Sonia Sotomayor, President Obama's Supreme Court nominee, has had few chances to demonstrate how she would rule on key national security issues as a member of the U.S. Court of Appeals for the Second Circuit in New York, which rarely hears terrorism-related cases. However, a transcript of a lecture she gave at the Indiana University law school in 2003 provides some insight into her views on a variety of homeland security issues. During the lecture, the transcript of which was provided to the Senate Judiciary Committee ahead of Sotomayor's Supreme Court confirmation hearing, the judge expressed skepticism about the constitutionality of the government's ability to "impose nationwide wiretaps with little judicial supervision" and monitor the Internet in order to search for terrorists. Those expanded surveillance powers were given to the government by the USA Patriot Act. According to Sotomayor, the commonly-held view is that the Fourth Amendment does not allow the government to conduct searches and seizures "without particularized suspicions of illegality." But Sotomayor also said that detaining enemy combatant suspects "in secret" and giving them different legal rights than criminals could be justified under precedents and current law. Sotomayor's views on these issues are considered important because, if confirmed by the Senate, she could rule on legal disputes over the detention of detainees without habeas corpus rights and the indefinite detention of terrorism suspects without trials as a member of the Supreme Court.
CIA Fired Firms Aiding Questioning
Washington Post (06/15/09) Pincus, Walter
CIA Director Leon Panetta has reportedly fired Mitchell, Jessen & Associates, as well as all other contractors that helped the agency develop interrogation techniques for suspected terrorists. The firings occurred at approximately the same time that the Senate Armed Services Committee released a report on the role that James Mitchell and Bruce Jessen played in helping develop interrogation techniques for detainees. These techniques, including sleep depravation and other "learned helplessness" methods, were based on Mitchell and Jessen's experience working on a Pentagon program that instructed U.S. service members how to survive enemy interrogations. In addition to the firing of the contractors, Panetta has said that "most of the individuals who managed the secret interrogation program have since left the agency." However, at the request of Senate intelligence committee chairman Sen. Dianne Feinstein (D-Calif.), Panetta retained CIA Deputy Director Stephen R. Kappes. As deputy director of operations for the CIA from 2002 to 2004, Kappes would have had some oversight of the program. According to Feinstein, her request that Kappes stay on with the agency was to allow him to assist Panetta in light of the new director's lack of specific experience with the CIA.
Electricity Industry to Scan Grid for Spies
Wall Street Journal (06/18/09) P. A3; Gorman, Siobhan
The North American Electric Reliability Corp. (NERC) is planning a pilot initiative to determine if Chinese spies have infiltrated computer networks running the electric grid. The electric utility industry group is negotiating with a defense contractor for the job of searching for breaches by cyberspies, and is preparing to launch a separate, broader initiative to evaluate power companies' ability to withstand cyber attacks. NERC Chief Security Officer Michael Assante says that as the administration of President Barack Obama draws up plans to fund a high-tech smart grid, "we think it's a really good time to have one concerted effort to evaluate preparedness of the sector." In the next month, NERC plans to conduct cyberwar games with a handful of power companies to assess their ability to respond to potential cyberattacks. The group will include a cross-section of utilities, including ones operating larger grid infrastructure as well as power plants.
NeuStar Offers Temporary Fix for Kaminsky Bug
Network World (06/16/09) Marsan, Carolyn Duffy
NeuStar has created a substitutionary system for circumventing Web traffic hijacking attempts that will be needed until wide adoption of DNS Security (DNSSEC) mechanisms occurs. The company announced June 16 that three Internet service providers (ISPs) have already implemented its Cache Defender platform, while another four Tier 1 ISPs are running a pilot project. NeuStar says the Cache Defender system thwarts cache poisoning attacks, in which a hacker dupes users into visiting a sham Web site set up to steal sensitive data. These attacks take advantage of an exploit discovered by security expert Dan Kaminsky in 2008. "The Fortune 500 companies and 550 banks that are customers of ours see fraud every day," says NeuStar technologist Rodney Joffe. "They think DNSSEC is great, but they are asking us: What can you do for us in the meantime?"
Google Urged to Beef Up Gmail Security
Network World (06/16/09) Greene, Tim
Google is deciding whether to add default encryption to its Web-based email service, Gmail, as recommended by a bevy of internationally recognized Internet privacy and legal experts as a way to prevent unauthorized access. In response to an open missive given to Google CEO Eric Schmidt, Google security blogger Alma Whitten says the company is weighing whether to encrypt the online platform for all users, given the possibility of slowing down user interface on the site. The 37 experts who signed the letter say encryption is a good idea for Gmail, Google Docs, and Google Calendar, but believe notification of the secure protocol does not adequately explain the necessity of encryption to laymen users. The experts ask Google to create a checkbox on the Gmail, Google Docs, and Google Calendar homepages to opt for encryption with an explicit description such as "protect all my information using encryption;" move the "always use https" option to the top of the Gmail settings page so it is more noticeable; rename the checkbox so it is more understandable to less savvy users; and apply encryption to all three Google programs if it is selected for one.
Potential Cyber Chief Hathaway Developing Cybsersecurity Response Plan
Government Computer News (06/16/09) Jackson, William
Melissa Hathaway, the acting senior director for the National Economic Security Councils, said her team is planning to produce a comprehensive national incident response plan by the end of 2009. Hathaway says the plan will guide the response to a major cybersecurity incident. There are currently no plans in the private or public sectors for protecting the nation's critical cyberinfrastructure or for responding to cybersecurity incidents. Hathaway said the Homeland Security Department and the private sector will have some input in the process of developing the plan. A wiki might even be created to allow the private sector to collaborate with the National Economic Security Councils on the plan, Hathaway said. But several steps still must be taken in order to help spur the development of the type of public/private partnership that is needed to improve cybersecurity, Hathaway said, including resolving liability and confidentiality issues and increasing international cooperation. Achieving those goals will require an increase in manpower and expertise.
Open Government Could Lead to Data Leaks
Computerworld (06/15/09) Vijayan, Jaikumar
Security experts are warning that President Obama's plans to make some federal data more accessible to the public could result in more data leaks. Under the administration's plans, more than 100,000 data sources will made available to the public through the Data.gov Web site. In addition, government data will be accessible through social networking sites such as MySpace and Facebook. Gartner analyst John Pescatore notes that government agencies present on social networking sites are at a higher risk of suffering a data breach than agencies that do not participate in social networks. As a result, all agencies should use filtering tools that are capable of blocking malicious executables from coming into the network via Web sites, Pescatore advises. In addition, he says government sites should use brand monitoring services to constantly monitor social networking sites and see what information they contain. Meanwhile, other experts are calling on the government to adopt a standard method for handling sensitive but unclassified data, a category that includes many government documents. The lack of such a standard could cause problems for agencies as they share information amongst themselves and with the general public.
Abstracts Copyright © 2009 Information, Inc. Bethesda, MD |
No comments:
Post a Comment