| Suspect in Custody After 8-Hour Standoff in Wytheville Post Office Roanoke Times (VA) (12/24/09) Berrier Jr., Ralph; Bowman, Rex; Valencia, Jorge Police in Wytheville, Va., say a gunman in a wheelchair came into the town's post office at about 2:30 Wednesday afternoon, fired several shots, and held three people in the building hostage for the next eight hours. State, city, and county police officers responded to the incident and remained at the scene throughout the day and into the night on Wednesday, evacuating residents and business owners from the area surrounding the post office. A tactical team arrived at about 10:45 p.m., and a short time later the hostages and the gunman were peacefully brought out of the post office. No injuries were reported during the incident. The gunman did not have any explosives on his body or in his wheelchair, though it remains unclear whether explosives were found in his truck. Koss Executive Accused of Embezzling Company Funds to Pay Off Shopping Spree Wall Street Journal (12/23/09) Carey, Susan The U.S. Attorney's office in Milwaukee has charged Koss Corp. finance executive Sujata Sachdeva with embezzling $4.5 million from her employer to pay for her personal purchases of fur, jewelry, and other items. The alleged scheme was discovered when American Express found that Sachdeva's personal account balances were being paid down with large wire transfers from a Koss Corp. bank account. After Koss Corp. Chief Executive Michael J. Koss was informed about American Express' findings, the company launched its own investigation and found that Sachdeva had made more than $4.5 million in wire transfers to American Express accounts in her name between Sept. 2 and Nov. 25. Sachdeva has admitted to authorizing the wire transfers from Koss Corp. bank accounts to pay her American Express bills. Sachdeva also says that no one else was involved in the scheme, which she said she concealed by falsifying the balance of the Koss bank account. She has been placed on unpaid administrative leave pending the outcome of Koss Corp.'s investigation into the matter. Security vs. Sustainability Building Operating Management (12/01/09) Vol. 56, No. 12, P. 34; O'Neill, Daniel Sustainability and security concerns can be at odds in commercial buildings, which is why risk managers must examine the costs and benefits of various strategies to determine which goals will win out. For instance, sustainability would require minimal lighting to reduce light pollution and energy consumption, but security will require additional lighting to ensure camera viability and crime prevention. However, risk and facilities managers can adopt variable intensity lighting systems and intelligent lighting control to achieve a balance. Regarding HVAC, security calls for windows to be tightly secured to prevent intrusion, while sustainability calls for windows to open for natural air flow. With the help of occupancy sensors and window contact technologies, security or facilities managers can check whether windows are open or unlocked in empty rooms. During the building design process, security should be accounted for in order to prevent potential financial loss, increases in legal liability, and declines in corporate credibility. Microsoft Loses Word Patent Appeal, Will Change Code CNet (12/22/09) Krazit, Tom Microsoft recently lost an appeal in a patent case that will force the company to remove technology from Microsoft Word that allows users to open .xml, .docx, or .docm files containing custom XML. Microsoft originally lost the case in May 2009 against I4i, when a jury ruled that Microsoft infringed on one of the company's patents. Then, in August, an injunction was placed on sales of Microsoft Word pending the outcome of the appeal. As Microsoft lost the appeal the feature will be removed from all copies of Microsoft Word 2007 sold on or after Jan. 11, 2010. Microsoft now also owes a reported total of $290 million in damages to I4i. Microsoft representatives said, however, that the company is considering further legal action, which may include "a request for a rehearing by the Federal Circuit Court of Appeals en banc or a request for a writ of certiorari from the U.S. Supreme Court." Google Found Guilty in French Copyright Case InformationWeek (12/21/09) Gonsalves, Antone A Paris judge has ruled that Google violated French copyright law by offering digitized excerpts from books published by French publisher La Martiniere. The court has ordered Google to pay La Martiniere, which pursued the case on behalf of a group of French publishers, approximately $430,000 in damages. Google has also been order to pay a fine worth $14,340 for every day the literary extracts from the publishers' books remain part of its database. Google says that it intends to appeal the decision; however, intellectual property experts say this case is likely not the last challenge the company will face regarding its digitizing project. Google has also been forced to renegotiate a settlement reached with authors and publishers who brought a U.S. lawsuit against the company because of opposition from the U.S. Justice Department. Prosecutors say the original settlement likely violated antitrust laws. White House Letter to Homeland Security Committee Denies Contact With Salahis Washington Post (12/24/09) Horowitz, Jason The White House recently sent a letter to the House Homeland Security Committee asserting that there is no evidence social secretary Desiree Rogers or other White House staffers encouraged Michaele and Tariq Salahi to arrive uninvited at the administration's first state dinner. The committee also viewed footage of Michaele Salahi claiming that she had called Rogers to determine if the Indian dress she planned to wear to the dinner was appropriate. According to Salahi, Rogers' office responded promptly to her question that "they though the sari was a great idea." The footage was reportedly shot for a prospective Bravo television series. Committee members say that they believe Salahi has no credibility, but they still want Rogers to testify, which the White House has said she will not do. The White House letter to the committee says there is no indication that Salahi called the White House to ask about proper dress code or that the Salahis have ever been on any White House access list or guest list. Plan to Move Guantanamo Detainees Faces a New Delay New York Times (12/23/09) Savage, Charlie Although the Obama administration appeared to take a significant step forward in its efforts to close the terrorist detention camp at Guantanamo Bay, Cuba, when it announced that it would acquire an underused Illinois state prison and house terrorism suspects there, officials now say that Gitmo will not close until 2011 at the earliest. One reason why efforts to close Guantanamo Bay and transfer its population of 200 detainees is being delayed is because the federal Bureau of Prisons does not have the $150 million needed to purchase the Thomson Correctional Center from the state of Illinois. In an effort to obtain those funds, the White House recently asked the House Appropriations Committee to consider adding roughly $200 million for the project to the 2010 military spending bill. However, Democratic leaders refused to add the funds to the bill. The White House is now looking to obtain financing to purchase Thomson from the FY-'11 appropriations bill, which Congress is expected to consider sometime late next year. But the administration may find it difficult to obtain the money to purchase Thomson then as well, since lawmakers may be unlikely to approve funds for transferring Guantanamo detainees to the U.S. during next year's mid-term elections. In addition, Congress has passed legislation that restricts the administration's ability to bring terrorism detainees to prisons on the U.S. mainland. Administration to Tackle Nuclear Terrorism Homeland Security Today (12/22/09) Kimery, Anthony L. The Obama administration in February will release a report on the threat of nuclear terrorism against the United States. The report, the 2010 Nuclear Posture Review, will focus on how various forms of nuclear terrorism--including improvised nuclear bombs and radiological dispersal weapons--can be prevented. In addition, the report will discuss the growing concerns that Pakistan's nuclear weapons arsenal could be vulnerable to the Taliban, al-Qaida, and other militant groups. The report will also outline a number of steps the Obama administration is planning to take to prevent nuclear terrorism, including devoting more resources to detecting and countering the use of nuclear weapons by terrorists. The administration is also planning to use several surveillance platforms, HUMINT and covert and intelligence and interdiction activities to prevent acts of nuclear terrorism. Finally, the report will call for nuclear laboratories to take steps to identify nuclear materials in other countries that might be given to terrorists, as well as steps that will protect U.S. allies from nuclear terrorism. Arms Seized by Thailand Were Iran-Bound Wall Street Journal (12/21/09) P. A10; Michaels, Daniel; Coker, Margaret Arms-trafficking experts have obtained documents that show that the Ilyushin-76 aircraft that was recently impounded in Bangkok because it was found to be carrying North Korean weapons was headed towards Iran. According to those documents, the plane--which was seized in Bangkok on Dec. 11 after it landed to refuel--had been scheduled to make refueling stops in Sri Lanka, the United Arab Emirates, and Ukraine before unloading its cargo of shoulder-launch missiles, surface-to-air missile parts, and electronics systems to control weapons in Tehran. Officials in Iran have not commented on the flight plan. Meanwhile, authorities are finding it difficult to determine who organized the shipment of weapons because the planners took steps to hide their identities. The plane is registered to a company based in the former Soviet republic of Georgia called Air West Ltd., which in turn leased the aircraft to New Zealand-based SP Trading Ltd. on Nov. 5. SP Trading, which authorities believe is a shell company owned by other companies, then leased the plane to a Hong Kong-based company on Dec. 4. The Hong Kong company is owned by another company in Hong Kong, which in turn is owned by a British Virgin Islands-based company. These companies appear to have organized the cargo that was discovered on the aircraft. Napolitano Responds To Surge of Homegrown Terrorism Cases Los Angeles Times (12/21/09) Rotella, Sebastian Homeland Security Secretary Janet Napolitano has increased information-sharing between intelligence agencies and state and local law enforcement in order to combat the recent increase of homegrown terrorism activity in the United States. Napolitano has also authorized the expansion of teams that perform outreach in Muslim communities and the deployment of more intelligence analysts throughout the United States. Napolitano maintains that the increase in homegrown terrorism is largely due to the ongoing economic crisis and the spread of the Internet. "As we move forward, you can't just do the security of the United States from one or two departments located in Washington, D.C.," Napolitano says. "It's got to be shared across the nation." Cybersecurity Chief to Fill a Post Filled With Challenges Wall Street Journal (12/23/09) P. A6; Gorman, Siobhan Howard Schmidt, who President Obama appointed Tuesday as the nation's new cybersecurity chief, will have to face a number of challenges as he begins his new job. For starters, Schmidt's team is unlikely to meet a Dec. 31 deadline for completing the first 10 recommendations made by a White House cybersecurity review earlier this year, according to Melissa Hathaway, who headed the review. Those recommendations include working with the private sector and establishing international policy. Another challenge Schmidt will face is the integration of cybersecurity programs that have been launched at a number of federal agencies, including the Department of Homeland Security and the Department of Defense. Schmidt, who previously worked in security at Microsoft and served as a senior cybersecurity official in former President George W. Bush's administration, will also have to create divisions of labor between federal agencies like DHS and the National Security Agency. Finally, Schmidt will have to determine whether or not to impose regulations on private industry to require it to adopt cybersecurity measures, come up with a standard for when a cyberattack constitutes an act of war, and develop strategies for dealing with international cybersecurity issues like cybercrime. As Attacks Increase, U.S. Struggles to Recruit Computer Security Experts Washington Post (12/23/09) P. A1; Nakashima, Ellen; Krebs, Brian Cyberattacks are increasing in frequency and sophistication at a time when the U.S. government is struggling to address a shortage of proficient computer security experts. This shortage comes as the Pentagon is trying to staff a new Cyber Command that melds offensive and defensive computer security capabilities while the U.S. Department of Homeland Security (DHS) plans to expand its own cybersecurity force by as many as 1,000 people over the next three years. Realizing that meeting this goal will be difficult, DHS is focusing on training people already in the federal government in cybersecurity skills. In November, the Government Accountability Office warned a Senate panel that the number of scans, probes, and attacks reported to the DHS' U.S. Computer Emergency Readiness Team has increased by more than 300 percent. Mischel Kwon, former director of the readiness team, says that for years federal law forced most civilian agencies to spend their cyberfunds on security audits instead of on building a robust security program. Karen Evans, the Bush administration's information technology (IT) administrator, points out that most federal IT managers do not know what advanced skills are required to counter cyberattacks. The National Science Foundation's Scholarship for Service program, which pays for up to two years of college in exchange for an equal number of years of federal employment, is a key element in the U.S. government's initiative to cultivate cybersecurity talent. However, the private sector often offers much higher salaries for cybersecurity personnel than the private sector. Obama Cyber Czar Choice Worries About Smartphones, Social Networking Network World (12/22/09) Greene, Tim Howard Schmidt, U.S. President Obama's choice for cybersecurity czar, has previously worked in both the public and private security sectors and also has written a book on defending the Internet. He is expected to focus on a number of issues as he begins his new job. For instance, Schmidt--who helped produce the "National Strategy to Secure Cyberspace" while working for the Bush administration--could use the government to promote education and research and push vendors to make more secure products. "What is the government doing to make sure universities and companies have dollars to do research that will enhance security?" Schmidt said in an earlier interview. He added that there is research and development that needs to be done that may not improve homeland security but may make the Internet more secure. Schmidt also will likely work to make cybersecurity as big a priority as physical security. In addition, Schmidt could call for increased security on smartphones and other mobile devices, since he has said that cybercriminals will increasingly target these devices as they become more and more like computers. Finally, Schmidt will likely work to counter threats from terrorists to the U.S.'s cyberinfrastructure. Schmidt has said that terrorists are most likely to target financial institutions' IT networks, though attacking those systems will be difficult because of all the work the financial services industry has done to protect itself. Report: FBI Probes Hacker Attack on Citigroup Associated Press (12/22/09) Anonymous government officials told the Wall Street Journal that the FBI is investigating an incident detected over the summer in which hackers with ties to a Russian cyber gang hacked computers at a Citigroup subsidiary and stole tens of millions of dollars. Two other computer systems, at least one of which was connected to a U.S. government agency, were also affected by the attack, which may have occurred up to a year before it was detected. However, Citigroup has denied the Wall Street Journal report, saying that it has not suffered a security breach and that no money was stolen. Office 2010 Takes Aim at Malware Threats Government Computer News (12/18/09) Mackie, Kurt Microsoft provided more details on an Office 2010 security feature designed to deflect malware associated with binary file formats from older versions of Office. The Office file validation feature scans to ensure that a binary file used by such Office applications as Word, PowerPoint, and Excel is a secure document or stored in a secured location. If not, the file will get buffered by a sandbox, or a protected view, which will limit the file's interaction with system resources, according to Microsoft's David B. Heise. Inclusion of the validation process feature means it will take longer for Office 2010 to open binary files, but the delay will be barely noticeable, Heise says. The new Office feature expands on principles from an earlier security tool called Microsoft Office Isolated Conversion Environment, according to Qualys CTO Wolfgang Kandek. "Office documents received by email or downloaded through the Internet are opened in a protected environment, a 'sandbox,' and if the document attempts to modify the underlying operating system, it is blocked by the sandbox," Kandek says. "If the user wants to edit and save the document, he has to press an 'enable editing' button to retrieve the document from the sandbox." Heise says that Microsoft includes group policy settings in Office 2010 to turn off the sandbox option if IT professionals feel nervous about letting users access the feature. Abstracts Copyright © 2009 Information, Inc. Bethesda, MD |
1 comment:
Your blog keeps getting better and better! Your older articles are not as good as newer ones you have a lot more creativity and originality now keep it up!
Post a Comment