| |
Piracy off Somalia to 'Get Worse' Warns Lloyd's
Insurance Daily (U.K.) (07/02/09) Masters, David
A new report commissioned by Lloyd's of London says that pirate attacks in the Gulf of Aden are on the rise and could potentially increase the price of shipped goods. This reinforces the "serious concerns" about Somalian piracy that were addressed last month by the Group of Eight nations. The cost of maintaining trade routes and protecting cargo will also affect a wide range of industries and consumers, the Lloyd's report said. More shipping companies are choosing longer sea routes to avoid sailing off the coast of Somalia, and insurance costs have risen in response to the increased pirate attacks. Premiums on vessels that travel through the Gulf of Aden have risen to between 0.05 percent and 0.175 percent of the value of their cargo, compared to about 0 percent to 0.05 percent for May 2008. Rates could increase even more if these pirate attacks do not stop, industry experts say.
TSA Asked to Ensure Safety of Customer Data After Clear Closing
Computerworld (07/01/09) Vijayan, Jaikumar
Chairman of the House Committee on Homeland Security, Bennie Thompson (D-Miss.) has written a letter to the Transportation Security Administration (TSA), giving the agency until July 8 to notify the committee of how it plans to ensure the security of former Clear program participants. Verified Identity Pass Inc. (VIP), which ran the Clear program on behalf of TSA, suddenly announced that it was ceasing operations due to financial reasons on June 21. This closure creates serious data security concerns as VIP stored a wealth of personal data on its clients in order to ensure they could pass security checks at airports quickly. The data reportedly includes personal information such as home address, full legal names, date and place of birth, gender, height, driver's license number, and passport details as well as fingerprints, iris scans, and digital images; all collected on the Clear program's approximately 260,000 customers. Thus far, TSA has not publicized its specific requirements for what VIP must do with this data. However, a TSA spokesman reported that the agency is in the process of drafting a response to Thompson's letter. The spokesman also directed concerned former VIP clients to an FAQ posted on TSA's Web site that says all questions concerning data privacy should be directed toward VIP. For its part, VIP posted a note on its Web site that assures customers that their information is being secured in compliance with TSA's security and privacy requirements. The note also said that the company is using a "triple wipe" process to ensure the erasure of all customer data on hard disks at airports. However, the company has not ruled out the possibility that it could sell the data to another registered traveler program.
AP Source: 10 Others to Be Charged in Madoff Probe
Associated Press (06/30/09) Neumeister, Larry; Hays, Tom
A person familiar with the investigation into Bernard Madoff's multibillion-dollar Ponzi scheme told the Associated Press on Tuesday that authorities are pursuing charges against 10 more people who they believe may have been involved in the fraud as well. However, the source refused to say what charges the individuals would potentially face or whether the suspects include members of Madoff's family or his former employees. So far, only Madoff and an accountant have been charged for their involvement in the fraud. News that authorities are pursuing charges against the 10 individuals came one day after U.S. District Judge Denny Chin sentenced Madoff to the maximum sentence of 150 years in prison for defrauding investors out of anywhere from $13.2 billion to $50 billion. In sentencing Madoff, Judge Chin dismissed Madoff's pleas for leniency and took into consideration the toll the fraud had on investors--many of whom were in the courtroom as Madoff was sentenced. Madoff made no noticeable reaction to the sentence, and kept his eyes focused straight ahead as his victims called him "a true beast," a "monster," and a "psychopath."
Ponzi Victims' Anger Now Shifts From Madoff to SEC, SIPC
USA Today (06/29/09) McCoy, Kevin
Approximately 20 former clients of Bernard Madoff rallied outside a federal courthouse following the announcement of his 150-year prison sentence. However, the rally was not merely a celebration. It was also a protest of the Securities and Exchange Commission's (SEC's) actions that they believe led inadequate oversight before Madoff's ponzi scheme collapsed. They also expressed anger that the organization had been too slow in repaying their investments. In response to the protests the SEC issued a formal statement that said: "Not a day goes by where we don't regret this tragedy or the harm suffered by investors. But, since then, we have been doing what any responsible agency should do by conducting a rigorous self-assessment, improving our procedures and filling the regulatory gaps." Securities Investor Protection Corp. president and CEO Stephen Harbeck also added that the reimbursement system in place was fair. According to Harbeck, the major objections to the current system are coming from "people who have taken out more money than they put into the (Madoff) scheme. To allow them to share on an equal basis with those who have not gotten their principle [investment] back is neither equitable nor in compliance with the statute we administer."
Workplace Fraud More Widespread Than You Think
The Chronicle-Herald (06/29/09)
Workplace fraud involving smaller amounts of money and missing inventory is a common, ongoing problem in Canada, according to a spring survey by KPMG's forensic practice. This survey has also found that nearly 75 percent of such fraud is carried out by men, with 69 percent of the fraudsters between the ages of 30 and 49. Although workplace fraud can be committed by employees in all areas of a company, most fraudsters are at an age when their financial concerns are greatest and when they have enough experience to carry out a theft. Joyce McGeehan and Sarah Drysdale, both of the forensic accounting group with Grant Thornton LLP in Halifax, have developed a list of suggestions to help companies avoid workplace fraud. For starters, management should inform all employees of the expectations for ethical behavior and maintain a culture of openness within the organization. In addition, an anonymous hotline for whistleblowers can make it easier for employees and customers to alert the management to any problems. Appropriate due diligence should also be conducted on new hires, and managers should be aware of any behavioral changes among existing employees. Finally, fraud risk assessments, whether formal or informal, should be conducted regularly. Whoever performs these assessments should consider that intangible assets such as customer information can be stolen too, McGeehan and Drysdale said.
U.S. Marines Try to Retake Afghan Valley From Taliban
New York Times (07/02/09) Oppel Jr., Richard A.
The U.S. Marines on Thursday launched Operation Khanjar, which has been described as the first major push into southern Afghanistan by the additional troops that President Obama sent to the country. As part of the mission, nearly 4,000 Marines and several helicopter gunships moved into the Helmand River valley in southwestern Afghanistan Thursday morning in an effort to reclaim the area from Taliban fighters. The area is strategically important because it allows Taliban fighters to control poppy harvests and opium smuggling in Helmand province, which in turn provides them with a major source of financing. Meanwhile, Pakistani troops have amassed on their side of the border with Afghanistan in an effort to stop Taliban militants from fleeing the U.S. offensive. The mission also calls for U.S. troops to live and patrol near population centers to ensure Afghan citizens are protected. In addition, troops will meet with local leaders in order to get a sense of what their needs are and to work with them to take steps to make towns and villages more secure.
North Korea Raises Tension With Missile Launch
Reuters (07/02/09) Kim, Jack; Kim, Miyoung
North Korea on Thursday fired two surface-to-ship missiles from its east coast, according to a South Korean defense official. The official noted that the missiles flew about 60 miles before falling into the sea. Thursday's launch could be a prelude to more missile launches by North Korea in the next several days, according to an intelligence source interviewed by South Korea's JoongAng Ilbo daily. The source said Pyongyang was likely to launch short- or medium-range missiles from its east coast sometime in early July. Those missiles could include Scuds, which have a range of roughly 210 miles, or Rodong missiles, which have a range of up to 620 miles. Any missile launch by North Korea would further heighten tensions in northeast Asia, which are already running high due to the threats Pyongyang has made in response to the U.N. sanctions that were put in place after its nuclear test in May.
China's Internet Backdown Lauded by Firms, Activists
Reuters (07/01/09)
China's Ministry of Industry and Information Technology announced Tuesday that it would delay enforcing a plan that would require all new computers sold in the country to be equipped with the controversial Green Dam-Youth Escort Web filtering software. The requirement, which had been scheduled to take effect July 1, was purportedly put in place as part of an effort to prevent Chinese citizens from accessing pornography on the Internet. However, critics of the plan said it would result in the Chinese government censoring Internet content that it found to be politically offensive. U.S. officials, meanwhile, said that the software was also technically ineffective and commercially unfair. The Chinese government has rejected those charges. It remains unclear whether China will ever actually force computer makers to pre-install the Green Dam Youth-Escort software on computers sold in the country. No new deadline was given for the requirement when the Ministry of Industry and Information Technology made its announcement on Tuesday. That led some experts to speculate that the Chinese government may allow the plan to quietly die without ever officially revoking it, much like it has done with similar efforts to control the Internet in the past. Others, however, said the government could eventually bring back the Web filtering software requirement at some point in the future.
US Military Says 4 Soldiers Killed in Baghdad
Associated Press (06/30/09) Quinn, Patrick
Four U.S. soldiers serving with the Multi-National Division-Baghdad died from combat related injuries in the Iraqi capital on Monday night as control of security in the country's urban areas was handed over to Iraqi forces. The handover of security responsibilities in Iraqi cities from U.S. troops to Iraqi forces took place at midnight on June 30, and was marked with fireworks displays and parties. However, many Iraqis fear that government security forces are not ready and that violence will rise now that U.S. troops have withdrawn to bases outside cities. Shiites say they are concerned Sunni militants will launch more attacks now that U.S. troops have left Iraqi cities, while Sunnis say they are worried that Iraq's Shiite-dominated security forces will not give them enough protection. U.S. officials also say privately that they are concerned that Iraqi security forces will be overwhelmed in the event of a surge in violence, since they have relied on the Americans for nearly everything for several years now. If Iraqi security forces are unable to stop the violence, it will pose a challenge to President Obama's plans to end the war and withdraw all U.S. troops from the country by the end of 2011.
Honduran President Is Ousted in Coup
New York Times (06/29/09) Malkin, Elizabeth
The Honduran army has exiled President Manuel Zelaya, in the first military coup in Latin America since Guatemala in 1983. Soldiers reportedly entered the presidential palace in the country's capital city, Tegucigalpa, and disarmed the presidential guard. Zelaya was then escorted, unharmed, to a plane, which took him to Costa Rica. Zelaya's removal was followed by the Honduran Congress' decision to vote him out of office and replace him with current president of Congress, Roberto Micheletti. While the military has not spoken publicly regarding the coup, the Honduran Supreme Court said that the military acted in order to preserve the country's Constitution. The coup comes in the wake of a constitutional referendum that critics said was an illegal attempt by Zelaya to extend the Constitution's current four-year term limit for the president. After the referendum was declared unconstitutional by both the Supreme Court and Congress, Mr. Zelaya led a group of protesters to an Air Force base and seized referendum ballots, which had been ordered confiscated. When the army then refused to help reorganize the vote, Zelaya fired armed force commander Gen. Romeo Vasquez. The Supreme Court; however, ruled the firing illegal and reinstated Vasquez. World leaders, including President Obama, have voiced concerns over the coup, which American officials said they had been working to discourage for several days. Following the coup, electricity was cut off in Tegucigalpa while tanks and military planes patrolled the streets and soldiers guarded major government buildings. The military has also reportedly imposed a 9 pm curfew throughout the country and shut down the government television station and a station that supported the president. Other television and radio stations have been ordered to broadcast no news. Officials at the Salvadorian border are reportedly allowing passage into Honduras but have issued warnings to those attempting to cross. The military has also detained Zelaya's allies, including Foreign Minister Patricia Rodas and the mayor of San Pedro Sula, at military bases. Thus far the only major protest reported against the coup included several thousand Zelaya supporters who faced off against soldiers outside the presidential palace, burning tires.
Security Should Be Paramount Concern With Cloud-Based E-Mail Recovery
Network World (06/30/09) Brodkin, Jon
Cloud-based disaster recovery has become a workable solution for protecting email, but IT departments need to face the facts about data security and strength before selecting a vendor, experts say. IT departments should seek out vendors that have several Tier 4 data stations, and can guarantee duplication across centers for backup, write Forrester analysts Stephanie Balaouras and Christopher Voce in a new report. "If you do an Internet search for 'online backup,' you will find dozens of providers," the report says. "But not all providers have 'telco-class' data centers, and some don't even bother to have alternative sites of their own." Forrester says that most of its clients say security is the biggest impediment to embracing software-as-a-service.
Improved FISMA Scores Don't Add Up to Better Security, Auditor Says
Federal Computer Week (06/29/09) Bain, Ben
The White House's current set of metrics is partly responsible for the fact that bureaus are experiencing stronger compliance with security standards even while federal investigators continue to uncover vulnerabilities, auditors say. Part of the difficulty is that although the U.S. Office of Management and Budget (OMB) expects agencies to set information technology security safeguards, the metrics usually do not gauge how well those controls are enforced, the Government Accountability Office (GAO) says. "Developing and using metrics that measure how well agencies implement important controls can contribute to increased focus on the effective implementation of federal information security," said GAO's Gregory Wilshusen in Congressional testimony. In May, GAO issued findings concluding that OMB should improve the guidance it provides agencies for complying with the Federal Information Security Management Act (FISMA). FISMA critics say the law is overreliant on paper compliance reports and fails to fully address IT weaknesses. The Obama administration also has signaled that it might be time to reform IT security measurement. Federal CIO Vivek Kundra noted that performance data currently collected under FISMA does not accurately reflect the security posture of agencies, according to findings from the administration's initial review of government information security.
U.S. and Russia Differ on a Treaty for Cyberspace
New York Times (06/28/09) P. A1; Markoff, John; Kramer, Andrew E.; Wong, Edward; et al.
The United States and Russia disagree about the best way to shield computer systems and the Internet from the growing menace of cyberattacks, with Russia favoring an international pact akin to those negotiated for chemical weaponry and the United States preferring better cooperation between international law enforcement organizations. Russia's proposed treaty would prohibit a country from clandestinely incorporating malicious codes or circuitry that could be later triggered remotely in the event of war. "We really believe it's defense, defense, defense," says an anonymous official of the U.S. State Department. "They want to constrain offense." U.S. officials are particularly opposed to agreements that would permit governments to censor the Internet, arguing that they would provide cover for repressive regimes. They also are concerned that a treaty would be ineffective because determining if a cyberattack is perpetrated by a government, a hacker loyal to that government, or an independent rogue agent is nearly impossible. U.S. officials say the discord over the proper cyberdefense approach has impeded global law enforcement cooperation, especially since a substantial number of the assaults against U.S. government targets originate from China and Russia. The Russians, meanwhile, perceive the lack of an accord as encouraging a cyberarms race. The Pentagon intends to set up a military cybercommand to get ready for both offensive and defensive cyberwarfare.
Social Networkers Don't Surf Safely, Report Says
eWeek (06/26/09) Eddy, Nathan
A new study from the network security company Webroot indicates that patrons of online social networking sites such as Facebook and MySpace are not doing much to shield themselves from malicious code and phishing scams. Users of online social networking sites are more likely to be victims of monetary theft, identity theft, and trojan infection than they realize, Webroot says. Querying more than 1,100 users of Facebook, LinkedIn, MySpace, and Twitter, the firm found multiple behaviors that place social networkers, and their money, at risk. Of the respondents, 66 percent allow full access to their profile pages, and more than 50 percent are unsure who can see their information. Roughly 33 percent include three or more pieces of personally identifiable data, more than one-third use the same password for different sites, and 25 percent accept "friend requests" from people they do not know. "Three in 10 people we polled experienced a security attack through a social network in the past year, including identity theft, malware infection, spam, unauthorized password changes, and 'friend in distress' money-stealing scams," notes Webroot's Mike Kronenberg. He said the initial step to staying protected is recognizing threats and knowing appropriate prevention strategies.
Community Colleges Mobilize to Train Cybersecurity Workers
Chronicle of Higher Education (06/26/09) Vol. 55, No. 40, P. A17; Parry, Mark
Some experts project that the Obama administration's cybersecurity push will expand two-year colleges' role in supplying cybersecurity workers to government agencies, but among the challenges they must overcome is the struggle to train and hold onto qualified cybersecurity educators. Obama's proposed 2010 budget includes $64 million in funding for the National Science Foundation's (NSF's) Advanced Technological Education program, whose projects include the establishment of a platform for cybersecurity education at community colleges. "The time is really ripe for community colleges' role in this area of technology to expand, be recognized, to get the kind of support that it needs," says NSF program director Corby Hovis. "All of the stars, I think, are aligned for this." Colleges are offering cybersecurity courses in anticipation that digital forensics and other cyberdefense areas will be a major source of future career opportunities. The NSF-supported CyberWatch consortium was established to build up the information-security workforce, and most of CyberWatch's 27 member colleges offer degree programs in technical assurance. One CyberWatch member, Anne Arundel Community College, developed a curriculum with National Security Agency representatives and other advisers that has been partially or completely adopted by nine colleges in the Washington, D.C., area. Consultant Daniel G. Wolf has advised companies to look to community college students for their cybersecurity needs, but University of Tulsa computer scientist Sujeet Shenoi says most community college cybersecurity education programs leave a lot to be desired.
Abstracts Copyright © 2009 Information, Inc. Bethesda, MD |
No comments:
Post a Comment