Search This Blog

Friday, August 28, 2009

Security Management Weekly - August 28, 2009

header

  Learn more! ->   sm professional  

August 28, 2009
 
 
Corporate Security

Sponsored By:
  1. "Bernanke's Personal Bank Account Struck by Identity Theft"
  2. "Preventing Copper and Coal Thefts With Video" Florida Utility Installs Video Surveillance System to Deter Theft
  3. "Avoiding Workplace Tragedy" Companies Can Take Several Steps to Prevent Workplace Suicides
  4. "Workplace Fraud Increases by 69%" Study by CIFAS Also Finds Women Increasingly Engaging in Fraudulent Acts
  5. "PCI Council Releases Recommendations for Preventing Card-Skimming Attacks"
Homeland Security

Sponsored By:
  1. "Saudi Terror Czar Escapes Assassination Attempt"
  2. "Hidden Links Bolster Southeast Asian Militants" Terrorist Groups in Region Increasingly Connected, Authorities Say
  3. "CIA Memo Details Procedures for Breaking Detainees"
  4. "Prosecutor Named to Probe CIA Prisoner Abuses"
  5. "New Unit to Question Key Terror Suspects" High-Value Detainee Interrogation Group
Cyber Security

  1. "Defying Experts, Rogue Code Lurks in World's Computers" Experts Unable to Purge Conficker Worm From Infected Machines
  2. "Trojan Attacks Up, Phishing Attacks Down This Year, IBM Finds"
  3. "NIST Unveils Mobile Biometrics Guide"
  4. "White House Overhauls Cybersecurity Reporting" Agencies Will Have to Use Software Tool to Report Cybersecurity Compliance Beginning This Fall
  5. "Online Social Networks Leak Personal Information to Third-Party Tracking Sites"

   

 
 
 

 


Bernanke's Personal Bank Account Struck by Identity Theft
USA Today (08/28/09) Zongker, Brett; Syeed, Nafeesa

Federal Reserve Chairman Ben Bernanke's personal checking account was one of a number of accounts targeted in an elaborate identity-theft scheme. Bernanke became a target after his wife Anna's purse was stolen in August 2008 at a Capitol Hill Starbucks. According to a D.C. police report, the purse contained her Social Security card, checkbook, credit cards and IDs. The exact amount stolen from the Bernankes account has not been released but total losses from the fraud ring totaled more than $2.1 million and involved at least 10 financial institutions. The suspected ringleader of the scheme, Clyde Austin Gray Jr., pleaded guilty on July 22 in a federal court in Alexandria, Virginia. Prosecutors wrote that Gray hired pick pockets then made counterfeit IDs for the participants. The coconspirators then conducted the bank transactions, and Gray took a cut of the proceeds. Ten defendants have been identified in connection to the fraud ring as part of an investigation conducted by the U.S. Postal Inspection Service, the Secret Service, and D.C. police. The scheme involved using stolen identification, bank records, personal checks, and other items to impersonate victims at bank branches, according to an affidavit signed by Postal Inspector William J. Aiello. The banks bore primary responsibility for the losses on the victims' accounts, including the Bernankes, and officials say it is most likely that those losses have been recouped.


Preventing Copper and Coal Thefts With Video
Security (08/09) Vol. 46, No. 8, P. 40; Ritchey, Diane

Public utilities including copper mines, coal mines, and power plants must take the same precautionary steps as corporate or government agencies to deter attacks, especially after federal security experts fingered such facilities as particularly susceptible to cataclysmic terrorist attacks. It is more likely, however, that such facilities will be targets for theft. This was the case at Gulf Power, a Florida-based utility whose rural, often unmanned, power substations were frequently raided for copper wires and components. The utility implemented thermal imaging technology from FLIR Systems to help it mitigate the mounting costs associated with the thefts. It also enlisted the help of Advanced Control Concepts (ACC), a Pensacola-based security integrator, to find a security solution that was workable in both sunlight and darkness and at close- and long-range. ACC installed multi-sensor thermal security cameras for their ability to capture images at all hours, tweaking imaging performance to focus in on the surrounding fence line and any people or individuals within the vicinity. The FLIR cameras were attached to 30-inch poles for expanded coverage, and the devices' auto-slew command configured to react to fence sensor triggers by automatically directing the camera to the appropriate sensor zone. "These thermal cameras have greatly enhanced our security crews' ability to see at night, and this lets us respond more efficiently to all manner of alarms and intrusions," said Charlie Griffith, an investigator with Gulf Power.


Avoiding Workplace Tragedy
Associated Press (08/27/09) Arbel, Tali

The number of workplace suicides rose to a record 251 in 2008, according to a recent report from the Labor Department. There are a number of steps companies can take to prevent their employees from taking their own lives while at work. For instance, employers should look for changes in the personality and behavior of their employees, said Nadeen Medvin, a psychologist who runs the city of Miami's employee assistance program. Among the red flags companies should look for are employees who are outgoing suddenly becoming withdrawn, and calm workers suddenly becoming aggressive. If employers believe that a worker is distressed, they should encourage him to be evaluated by a professional for panic order and depression, which are linked to suicides, said Jeff Kahn, a psychiatry professor and CEO of the New York consultancy WorkPsych Associates. Although employers cannot force their workers to get care, they can encourage troubled employees to do so by telling them that getting help would make them a better employee. Companies can also ask another employee to drive the troubled worker to the emergency room for a psychological evaluation. Finally, companies can take simple steps such as encouraging the physical well-being of their employees by providing them with gym access and inexpensive health care, Medvin said.


Workplace Fraud Increases by 69%
FT Adviser (08/27/09) Dunbar, Joy

A study by the fraud prevention service CIFAS has found that the number of cases of workplace fraud rose 69 percent in the first half of 2009 compared with the same period of 2008. The study said the recession was to blame for the increase in workplace fraud, since the difficult economy has forced some individuals to commit fraudulent activity that they would not have ever considered committing before. The study also found that a growing number of women are committing workplace fraud. CIFAS Chief Executive Peter Hurst said the results of the study show that organizations need to implement as many security controls as possible to protect themselves, their employees, and their customers from being victimized by fraudsters.


PCI Council Releases Recommendations for Preventing Card-Skimming Attacks
Dark Reading (08/25/09) Higgins, Kelly Jackson

The Payment Card Industry Security Standards Council has released a set of best practices that aim to help merchants protect themselves and their customers from debit- and credit-card skimming. The best practices address several issues related to the problem of card skimming, including how merchants should educate and protect employees who handle the point-of-sale (PoS) devices from being targeted. The best practices also outline the steps merchants should take to prevent their PoS devices from being compromised by skimmers. In addition, they discuss how to identify a card reader that has been outfitted with a skimming device, what to do if such a device is found, and how the physical location of PoS devices and stores can raise a merchant's risk of being targeted by skimmers. PCI general manager Bob Russo the best practices will be especially useful for small businesses that would otherwise never know if their credit card terminals had been tampered with. The guidelines are geared to be used in conjunction with the PCI's PIN Entry Device Security Requirements, which specifies how to secure PIN devices.




Saudi Terror Czar Escapes Assassination Attempt
Wall Street Journal (08/28/09) Coker, Margaret

Prince Muhammad bin Nayef was slightly injured in a suicide bombing attack as he was receiving gusts during a traditional Ramadan gathering at his home in Jeddah, Saudi Arabia. The bomber, who had been identified as being on the country's most-wanted list, was killed in the blast, but no one else was injured. Prince Mohammad is the son of Interior Minister Prince Nayef bin Abdelaziz, who is third in line to the throne. Mohammad acts as a deputy to his father but is widely considered to be in control of Saudi Arabia's day-to-day antiterrorism operations. He works closely with U.S. officials on terrorism intelligence issues, and Saudi Arabia's track record on fighting terrorism is reported to have improved since he has taken wider control. Earlier in August, Saudi officials announced the arrest of 44 suspected militants alleged to have connections to al-Qaida. In July, officials said they convicted 330 Al-Qaida militants, but released very little details about the convictions. Following the bombing, Saudi Arabian King Abdullah visited Prince Mohammad during his brief hospital stay. During the visit the King asked Mohammad how the bomber has managed to get so close to him. According to state television, Mohammad responded that "It was a mistake." The bomb was reportedly fixed to the assassin's body, and the blast was set off when the man received a cell phone call.


Hidden Links Bolster Southeast Asian Militants
Wall Street Journal (08/28/09) P. A8; Wright, Tom

Authorities in Southeast Asia have found that terrorist groups in the region are highly interconnected. For example, authorities have discovered that the Philippines-based Islamist militant group Abu Sayyaf has established relationships with Indonesian terrorists. Several Indonesian bomb makers are thought to be helping Abu Sayyaf to be able to continue its insurgency in the southern Philippines, while other Indonesian terrorists are believed to be helping to fund Abu Sayyaf's operations by transferring money to Philippine bank accounts. Meanwhile, terrorists from the Philippines and Malaysia have traveled to Thailand to expand the separatist conflict in that country into a broader campaign against Western interests. According to Rohan Gunaratna, a regional terrorism expert at the Nanyang Technological University in Singapore, a member of Abu Sayyaf was recently arrested by Malaysian police as he attempted to enter southern Thailand. Gunaratna also noted that police in Thailand have arrested Malaysian members of the regional terrorism network Jemaah Islamiyah. Experts say that as terrorist groups in Southeast Asia grow increasingly interconnected, they will become more effective and more difficult for authorities to break up.


CIA Memo Details Procedures for Breaking Detainees
Reuters (08/26/09)

The Justice Department on Monday released a document that outlines some of the controversial techniques CIA interrogators used on captured al-Qaida leaders at its secret prisons. According to the document, which was released as the result of a Freedom of Information Act lawsuit filed by Amnesty International USA and the American Civil Liberties Union, interrogators could strip and hold detainees in a "vertical shackling position" to deprive them of sleep before an interrogation session. The document also shows that interrogators could use "insult slaps" on the face to immediately correct detainees, and that they could use a technique known as "walling"--or slamming a detainee's head against a plywood wall--as many as 30 times to physically wear them down. In a report on the document in the Washington Post, CIA spokesman George Little said the interrogation program only represented a small portion of the CIA's counterterrorism efforts, and that it was run under guidelines approved by the Bush administration's top legal officials. Little also noted that the program has since concluded. Attorney General Eric Holder has appointed a special prosecutor to investigate the use of the controversial interrogation techniques.


Prosecutor Named to Probe CIA Prisoner Abuses
Reuters (08/25/09)

Attorney General Eric Holder on Monday named John Durham as a special prosecutor to investigate CIA interrogations of terrorism suspects that may have been illegal. In a statement announcing his decision, Holder acknowledged that the appointment of a special prosecutor would be "controversial," but said that launching the investigation into the interrogation techniques was the only responsible course of action he could take. The decision has already been criticized by both conservatives and civil libertarians. Conservatives have said that the investigation could hurt the CIA's counterterrorism efforts, while groups such as the American Civil Liberties Union have said Holder should also investigate the senior officials who authorized the use of interrogation techniques that some have said amount to torture, as well as those that wrote memos to justify the use of the techniques. Meanwhile, President Obama has decided to create a group of experts that will handle the interrogation of terrorism suspects as recommended by a task force to look over policies. The group will limit interrogators to using the interrogation techniques that are included in the U.S. Army Field Manual as well as the techniques used by law enforcement officials. Although the group will be housed at the FBI, it will answer to the National Security Council, which means that the Obama administration will have more direct control over its actions.


New Unit to Question Key Terror Suspects
Washington Post (08/24/09) Kornblut, Anne E.

President Barack Obama has approved the creation of the new interrogation team that was recommended by a task force created by the administration to review interrogation and detainee transfer policies. The new team, named the High-Value Detainee Interrogation Group (HIG), will be housed by the FBI and will be overseen by the National Security Council, reducing the amount of control the CIA has on interrogations and giving the White House direct oversight. The new director of the program is also expected to be FBI, and the deputy will be selected from one of the other intelligence agencies, such as the CIA. Under the guidelines set forth for HIG, all interrogators must abide by limits set by the Army Field Manual. These limits would prohibit the use of certain techniques that might be considered torture but could still be legal, including playing loud music and sleep deprivation. Obama had already banned the use of harsh interrogation measure such as waterboarding. As an alternative to these measures, the task force has advised HIG to develop new interrogation techniques and study existing ones to determine if they are effective. In addition to the creation of the interrogation unit, the task force also recommended that the State Department be more involved in transferring detainees between countries. When the United States transfers a prisoner to another country, the State Department will be asked to evaluate the sincerity of assurances that the prisoner will not be tortured. The United States will also seek new ways of monitoring treatment of prisoners in foreign custody. Other recommendations included in the task force's report that reference prisoner transfers are classified.




Defying Experts, Rogue Code Lurks in World's Computers
New York Times (08/27/09) P. A1; Markoff, John

Since it appeared on the Internet last November, the rogue software program known as Conficker has confused experts and thwarted attempts to fully eradicate it. Conficker uses flaws in Windows software to co-opt machines and connect them to a virtual computer that its authors can remotely control. Computer security experts collaborated to decode the program and develop antivirus software that removed it from millions of computers, but Rodney Joffe of the Conficker Working Group said that experts have not yet found a way to take back control from the program. Under control by Conficker, a computer might be used to generate spam, steal personal data, or disable government computers. So far, however, the program seems to do nothing but spread to more computers, while experts have only vague clues about its origins. The collaborators continue to meet to find ways to kill the Conficker program. Their work has demonstrated that cooperation must exist among countries and between the government and private sector in the event of a cyberattack.


Trojan Attacks Up, Phishing Attacks Down This Year, IBM Finds
Network World (08/26/09) Messmer, Ellen

IBM's semi-annual security threat report has found that 55 percent of the new malware seen during the first half of 2009 was Trojans, an increase of 9 percent over the first six months of 2008. The report also found that the number of spam-based phishing attacks fell significantly during the first six months of 2009. Dan Holden, the X-Force product manager at IBM's ISS division, said the decline in the number of phishing attacks in the first half of the year was likely the result of the fact that cybercriminals are having more success with Trojans. In addition, the report found that the number of malicious Web links that directed Web surfers to dangerous sites or forced them to download malware soared 508 percent in the first half of this year compared with the first half of last year. More than a third of the known malicious links on the Web can be found in the U.S., the report noted. Finally, the report found that the number of patched software vulnerabilities fell by 8 percent in the first half of 2009. IBM found that the open-source Joomla! was the worst at patching its software vulnerabilities. The reported noted that 80 percent of the company's 40 vulnerability disclosures were not patched.


NIST Unveils Mobile Biometrics Guide
GovInfoSecurity.com (08/26/09) Chabrow, Eric

The National Institute of Standards and Technology (NIST) has released a document that outlines a number of best practices for the use of next-generation portable biometric devices. These devices are often to collect biometric data from an individual almost anywhere and compare that data with other samples on watch lists and in databases. This allows officials to quickly determine the identity of an individual without taking him to a central facility. The best practices contained in NIST's document, which were developed in conjunction with first responders, criminal justice agencies, the military, academia, and the private sector, will ensure that such systems work with the stationary systems that are used to collect biometric data from individuals. Among the issues that the best practices address is how to capture all of a person's fingerprints on the small scanners that are typically installed on portable biometric devices. The best practices recommend that users of these devices capture an individual's fingerprints by scanning two fingers at the same time.


White House Overhauls Cybersecurity Reporting
InformationWeek (08/25/09) Hoover, J. Nicholas

Federal agencies will be required to begin reporting their compliance with cybersecurity regulations in a new manner beginning this fall, according to a recent Office of Management and Budget (OMB) memo. The memo noted that instead of submitting information about their compliance with cybersecurity regulations in spreadsheets, agencies will soon submit the information to the OMB through a new software tool. The application will collect several different types of data agencies are required to submit each year under the Federal Information Security Management Act (FISMA), including an inventory of systems, assessments of the sensitivity of those systems, descriptions of the cybersecurity methods and tools they use, and updates on how agencies are reducing the amount of personally identifiable information they hold. Federal CIO Vivek Kundra says the new software tool will make it easier to see how agencies are performing, determine which areas need extra attention, and improve US-CERT's ability to monitor efforts to comply with FISMA across the federal government. Under the old system, the Government Accountability Office and US-CERT had to manually merge data from spreadsheets before any analysis could be performed. The move to the new system means the deadline for federal agencies to report their compliance with cybersecurity regulations has been pushed back from sometime in September to Nov. 18, since the reporting application is not yet available.


Online Social Networks Leak Personal Information to Third-Party Tracking Sites
Worcester Polytechnic Institute (08/24/09) Dorsey, Michael

A Worcester Polytechnic Institute (WPI) study by professor Craig Wills found that the practices of many popular social networking sites can make personal information shared by users on their pages available to companies that track Web user browsing habits. The study, presented at the Workshop on Online Social Networks, part of ACM's recent SIGCOMM 2009 conference, described the method that tracking sites could use to directly link browsing habits to specific individuals. Wills says users are given a unique identifier when they sign up with a social networking site, and when social networking sites pass information to tracking sites about user activities, they often include the identifier, giving the tracking site a profile of Web browsing activities and the ability to link that profile to a user's personal information. Wills says this is a particularly troubling practice for two reasons. "First, users put a lot of information about themselves on social networking sites. Second, a lot of that information can be seen by other users, by default." A unique identifier could give a tracking site access to a user's name, physical address, email address, gender, birth date, education, and employment information. Wills says he does not know what, if anything, tracking sites do with unique identifiers given to them by social networking sites, and while the Web sites provide users with tools to protect themselves, the best way to prevent privacy leaks would be for social networking sites to stop making unique identifiers visible.


Abstracts Copyright © 2009 Information, Inc. Bethesda, MD


  ASIS also offers a daily and a non-sponsored, special-content Professional Edition of
Security Newsbriefs. Please click to see a sample or to contact us for more information.

Unsubscribe | Change E-mail | Advertising Opportunities | Security Management Online | ASIS Online

No comments: