Search This Blog

Friday, February 05, 2010

Security Management Weekly - February 5, 2010

header

  Learn more! ->   sm professional  

February 5, 2010
 
 
Corporate Security

  1. "Nurses Say Workplace Violence Part of Job" Curtin University of Technology (Australia) Study
  2. "Commerce Breach of Personal Data Just the Tip of the Iceberg"
  3. "Security Guard Admits Helping Robbers" Australia
  4. "Tough Times Leave Employers on Edge About Workplace Violence"
  5. "Heists Targeting Truckers on Rise"
Homeland Security

  1. "U.S. Puzzles Over Top Militant's Fate"
  2. "Super Bowl Security Ready for Anything"
  3. "Intelligence Chief Acknowledged U.S. May Target Americans Involved in Terrorism"
  4. "Officials Warn al Qaeda 'Certain' to Try Attack Soon"
  5. "Officials OKd Miranda Warning for Accused Airline Plotter"
Cyber Security

  1. "Google to Enlist NSA to Help It Ward Off Cyberattacks"
  2. "How Wi-Fi Attackers Are Poisoning Web Browsers"
  3. "Old Security Flaws Still a Major Cause of Data Breaches, Says Report"
  4. "Hacking for Fun and Profit in China Underworld"
  5. "Internal Data Breaches a Rarity, Study Finds"

   

 
 
 

 


Nurses Say Workplace Violence Part of Job
Times of India (02/05/10)

A study by researchers from Australia's Curtin University of Technology has found that nurses are often the victims of workplace violence. The 113 nurses who took part in the study reported a total of 2,354 incidents of workplace violence to the research team, though many of these incidents went unreported to hospital officials and law enforcement because the nurses said they believed that workplace violence was just a part of their jobs. Dr. Rose Chapman, the study's lead author, said that understanding why nurses report do or do not report violent incidents can help educators and hospital administrators develop programs that aim to reduce workplace violence. In addition, the study found that 92 percent of the nurses had been verbally abused, while 69 percent had been physically threatened. Another 52 percent said they had been physically assaulted. Nearly all of the nurses surveyed said they had sustained at least one injury as the result of these incidents.


Commerce Breach of Personal Data Just the Tip of the Iceberg
Washington Post (02/04/10) Davidson, Joe

According to e-mails from Commerce Secretary Gary Locke, there have been two separate incidents over the last six months when the personal information for "a significant number" of Commerce Department employees was "not properly protected" in the department's computer system. Furthermore, Locke says that there have been reports of additional incidents over the past several weeks where employees failed to properly protect personal information. The department has been criticized over their decision not to notify employees of the possible breach that occurred on Dec. 4, which resulted in the release of some employee Social Security numbers over the Internet, until seven weeks later. However, Locke maintains that the department has "no reason to believe that any of these incidents has resulted in any personal information being inappropriately used by anyone." According to Locke, the department has hired an outside contractor to monitor employee's information for unusual activity. Additionally, the department is conducting a review of the policies and procedures it uses to protect sensitive personal data. A plan to improve this protection is expected by March 1.


Security Guard Admits Helping Robbers
Sydney Morning Herald (Australia) (02/04/10) Roberts, Greg

A Chubb security guard in Australia has pleaded guilty to charges of helping organize three robberies on his employer's armored vans in Melbourne. In the first robbery, the security guard, 33-year-old Rhys Tilbrook, pretended to be a victim when a man with a fake gun attacked him and another security guard. The alleged robber, 39-year-old Timothy Adams, who is contesting the charges against him, was able to get away with $170,000--money that was split between him, Tilbrook, and Tilbrook's ex-girlfriend, who acted as the getaway driver. Tilbrook is also accused of helping to organize two failed robberies on Chubb armored vans. One of those attacks failed because the alleged robber was unable to hold on to the bag containing the cash, while the other failed because the two female robbers--one of whom was Tilbrook's ex-girlfriend--were overpowered by guards. Tilbrook and his ex-girlfriend, who also pleaded guilty to the charges against her, are both in custody and will be sentenced next month. The robber in one of the failed attacks has also pleaded guilty to charges of attempted robbery and theft, and will be sentenced along with Tillman and his ex-girlfriend.


Tough Times Leave Employers on Edge About Workplace Violence
GateHouse News Service (02/02/10) Adams, Steve

Although data released by the federal government shows that the number of workplace killings is on the decline, the threat of workplace violence is up due to the economic stress many employees are under, experts say. "As people get more stressed, they start thinking about their survival skills and don't take a look at how their behavior is affecting their co-workers," said Mark Lies, a partner with the Chicago law firm Seyfarth Shaw and an expert in workplace violence issues. Lies and others say there are a number of steps employers can take to mitigate this threat. For instance, employers should adopt anti-bullying policies that prohibit employees from doing things such as verbally demeaning their colleagues at meetings or sending out e-mails that are extremely critical of others, Lies said. He noted that such policies are important because those who are bullied in the workplace are usually the ones who are most likely to respond with violence. In addition, employers need to watch for signs that an employee might be prone to engage in violent behavior, said Tim Horner, a managing director for the security consultancy Kroll Inc. Horner noted that being observant about potential warning signs is important because those who commit acts of violence in the workplace rarely do so because they just snapped. Finally, employers can reduce the risk of workplace violence by screening out potential troublemakers during the hiring process.


Heists Targeting Truckers on Rise
Wall Street Journal (02/01/10) P. A3; Levitz, Jennifer

Criminals are increasingly stealing tractor trailers filled with cargo such as electronics, food and beverages, clothing, pharmaceuticals, and cigarettes, statistics show. According to the Austin, Texas-based supply-chain security firm FreightWatch International, 859 truckloads of items were stolen last year, up from 767 in 2008. The collective value of the items in the trucks stolen in 2009 totaled $487 million, up 67 percent over the $290 million worth of items that were stolen in 2008. Sgt. Sid Belk of the California Highway Patrol, whose state has been one of the hardest hit by the wave of tractor trailer thefts, said many of the tractor trailers are being stolen by amateurs, though organized-crime rings may be involved as well. In response to the problem, freight shippers have been holding more meetings with police departments and have been trying to persuade owners of truck stops and drop lots to boost security. In addition, shippers have begun sharing information about the kinds of items that are stolen the most, so that everyone throughout the supply chain can pay extra attention when those items are shipped.




U.S. Puzzles Over Top Militant's Fate
Wall Street Journal (02/05/10) Rosenberg, Matthew

American and Pakistani officials say they are unsure whether Hakimullah Mehsud, the head of the Pakistan Taliban, is dead or alive. Officials believed that Mehsud was killed in a drone attack on or about Jan. 14, though the Taliban leader released an audiotape several days later saying that he was alive. However, several tribesmen say they attended Mehsud's funeral on Jan. 26 or 27. The confusion over whether Mehsud is dead or alive underscores the problems the U.S. and Pakistan are having in obtaining intelligence on the Taliban and al-Qaida. Those problems stem from a number of factors, including the death of more than three dozen members of Pakistan's ISI--which is in charge of spying in the country's tribal areas--since the beginning of 2009. U.S. officials, meanwhile, say they are having trouble obtaining intelligence on the Taliban and al-Qaida because the intelligence community does not understand key aspects of society in neighboring Afghanistan, including its complex tribal, cultural, and economic forces. This difficulty in obtaining intelligence has made it hard for officials to determine where al-Qaida might launch its next terrorist attack or whether members of the Taliban are ready for peace talks. However, the U.S. has achieved some successes thanks to the intelligence it has been able to acquire, including the deaths of a number of top Taliban and al-Qaida members.


Super Bowl Security Ready for Anything
CBS News (02/03/10) Orr, Bob

Although there are no credible threats to Super Bowl XLIV, according to Homeland Security Secretary Janet Napolitano, security for Sunday's game between the Indianapolis Colts and the New Orleans Saints will be tight. For instance, Homeland Security helicopters and military fighters will be scanning roughly 50 miles of the Florida coast near Sun Life Stadium outside of Miami. In addition, a 30-mile no-fly zone will be enforced around the stadium. More than 1000 officers from 64 different law enforcement agencies will also be on hand, equipped with bomb-sniffing dogs and radiation detectors. All of this security will be coordinated from a command center staffed by 100 agents who will review intelligence, track leads, and watch a video wall of images of bridges, waterways, and major roads. The data that comes into this command center will be used in the event police need to launch a rescue operation or mass evacuation.


Intelligence Chief Acknowledged U.S. May Target Americans Involved in Terrorism
Washington Post (02/04/10) P. A03; Nakashima, Ellen

In his remarks before the House Intelligence Committee on Wednesday, Director of National Intelligence Dennis C. Blair said that Americans could be targeted and killed in anti-terrorism missions overseas. Blair added that a number of factors are considered before deciding whether or not to kill a U.S. citizen in an anti-terrorism operation, including whether or not the individual is involved in a group that is trying to attack the U.S. In addition, intelligence agencies must also determine whether the individual is a threat to other Americans, Blair said. Blair added that if a U.S. citizen is deemed a threat, the intelligence community must obtain specific permission before he can be killed. Blair said that he was speaking about how the intelligence community decides whether or not to kill U.S. citizens in order to reassure Americans that intelligence agencies and the Pentagon closely adhere to a set of defined policy and legal procedures regarding the use of lethal force. Blair's remarks come amid an increased focus on anti-terrorism operations that aim to kill U.S. citizens. The case of Anwar al-Aulaqi, a U.S.-born Muslim cleric who currently lives in Yemen, has been the subject of much of this attention. Aulaqi, who is a member of al-Qaida in the Arabian Peninsula and has been linked to the suspects in the Fort Hood shooting and the attempted Christmas Day bombing of a Northwest Airlines flight to Detroit, was believed to have been at an al-Qaida meeting in Yemen that was targeted in a attack on Dec. 24. Aulaqi was not the target of that attack, and he was not killed.


Officials Warn al Qaeda 'Certain' to Try Attack Soon
Wall Street Journal (02/02/10) Gorman, Siobhan; Perez, Evan

During their testimony before the Senate Select Committee on Intelligence on Tuesday, Director of National Intelligence Dennis Blair and FBI Director Robert Mueller said that al-Qaida is likely to attack the U.S. sometime within the next three to six months. Blair and Mueller added that al-Qaida will remain a significant threat to the U.S. at least until Osama bin Laden and Ayman al Zawahiri, the terrorist group's second in command, are killed or captured. The officials noted that there are a number of reasons why al-Qaida continues to be a serious threat to the U.S., including the fact that the group is planning terrorist attacks involving people who can enter the country without arousing suspicion, such as Umar Farouk Abdulmutallab, the man accused of trying to bomb a Northwest Airlines flight on Christmas Day. According to Blair, tactics such as these have are making it difficult for U.S. spies to disrupt future attacks. Another cause for concern, Blair and Mueller said, are the al-Qaida affiliates in Yemen and Pakistan that are intent on launching terrorist attacks. Although Blair and Mueller noted that the Pakistani groups that are allied with al-Qaida have been focused on carrying out terrorist attacks in that country, there are concerns that the groups may try to launch attacks outside of Pakistan.


Officials OKd Miranda Warning for Accused Airline Plotter
Los Angeles Times (02/01/10) Serrano, Richard A.; Savage, David G.

Reports indicate that several federal agencies, including the FBI, the CIA, the State Department, and the Justice Department, were involved in the decision to read terrorism suspect Umar Farouk Abdulmutallab his rights. The decision was also apparently made after Abdulmutallab stopped cooperating with officials during his detainment after he allegedly attempted to blow up a Detroit-bound plane. Other reports indicate that Abdulmutallab was treated at a Michigan hospital for burns incurred from his attempted attack. While in the hospital, FBI agents questioned Abdulmutallab without reading him his rights, citing an exemption that permits them to obtain essential information from a suspect regarding a pending crime before doing so. It is still unclear who made the final decision to Mirandize Abdulmutallab. Director of National Intelligence Dennis C. Blair previously told the Senate Homeland Security Committee that the decision to read Abdulmutallab his rights was a mistake. Now, Attorney General Eric H. Holder Jr. is being pressured to appear on Capitol Hill to clarify why that decision was made following Blair's allegations that the decision was made by FBI agents on the scene while consulting with the Justice Department. The Obama administration's policy is that all terrorism suspects should go through the civilian judicial system, unlike during the administration of former President George W. Bush. Many Republicans have criticized that change.




Google to Enlist NSA to Help It Ward Off Cyberattacks
Washington Post (02/03/10) P. A01; Nakashima, Ellen

Google and the National Security Agency are working on developing an agreement that aims to protect the search engine and its users from attacks like the one that struck its computer networks in December. Under the agreement, the NSA will help Google analyze the December attack, which the search company says originated in China. In addition, the agreement will allow the two organizations to share critical information, such as data on the types of malicious code seen in the December cyberattacks. However, users' e-mails and search data will not be shared with the NSA. In addition, the two organizations will look at vulnerabilities in hardware and software to determine whether Google is using appropriate security measures for defending against an attack. The agreement will also help Google learn how to determine how sophisticated a cyberattacker is. Other federal agencies may also team up with Google to help it in its investigation of the December cyberattack, including the FBI and the Department of Homeland Security.


How Wi-Fi Attackers Are Poisoning Web Browsers
Network World (02/03/10) Messmer, Ellen

Wi-Fi networks found in public hotspots such as coffee shops and airports are a bigger threat to security than ever because attackers can penetrate a wireless network to "poison" users' browser caches in order to make fake Web pages pop up or even steal information for a later time, a security researcher finds. Mike Kershaw, developer of the Kismet wireless network detector and intrusion-detection system, told attendees at the recent Black Hat conference that it is easy for an attacker over an 802.11 wireless network to commandeer a Web browser cache by hijacking a popular JavaScript file, for instance. "Open networks have no client protection," said Kershaw. "Nothing stops us from spoofing the [wireless access point] and talking directly to the client," the user's Wi-Fi-enabled machine. Kershaw offered a few defenses such as manually clearing the cache, or using private-browser mode.


Old Security Flaws Still a Major Cause of Data Breaches, Says Report
InfoWorld (02/03/10) Vijayan, Jaikumar

Security vulnerabilities that have been around for some time are still being commonly exploited in data breaches, according to a Trustwave report. The report, conducted on behalf of American Express, Discover, Visa, among others, examined more than 1,900 penetration tests and more than 200 data breach investigations. It found that security vulnerabilities discovered several years ago are bigger threats than newer vulnerabilities because most major companies are only focusing on the latest vulnerabilities rather than the older ones, which are more common. The report notes that the top three hacker methods for breaking into corporate networks last year were remote access applications, trusted internal network connections, and SQL injection attacks—all of which have been known about and researched extensively for the last several years. In addition, the report found that the most common vulnerabilities are well-understood security flaws that should have been addressed a long time ago, such as making management interfaces for Web application engines that are accessible directly from the Internet and not secured with adequate passwords.


Hacking for Fun and Profit in China Underworld
New York Times (02/02/10) Barboza, David

Internet security experts say Chinese hackers are behind an escalating number of global attacks to steal credit card information, commit corporate espionage, and wage online warfare against other nations. In China, and in some parts of Eastern Europe and Russia, computer hacking has become a lucrative hobby for skilled hackers. "They make a lot of money selling viruses and Trojan horses to infect other people's computers," says author Scott Henderson, who has spent years tracking Chinese hackers. There are conferences, training academies, and magazines all devoted to providing information about hacking. In China, there is a loosely defined community of hackers who work independently, but who also sell their services to corporations and the military. One such hacker, going by the code name Majia, says he does not work for a major Chinese technology company because it would limit his freedom, so he must remain underground. Majia and other hackers keep a tight hold on their hacker secrets, including knowledge of software flaws such as zero-day vulnerabilities, for future use.


Internal Data Breaches a Rarity, Study Finds
IDG News Service (01/31/10) Dunn, John E.

CSOs may spend many unnecessary hours worrying about the likelihood of an internal data breach, according to a university analysis of reported compromises in the United Kingdom. In the U.K. Security Breach Investigations Report, the University of Bedfordshire analyzed data on breaches recorded by forensics firm 7Safe, determining that the clear majority of breaches came from outside the enterprises. Of the 62 breaches investigated by 7Safe across a variety of industries, 80 percent originated from the outside, 18 percent came from business partners, and only 2 percent were at the hands of insiders. Sixty-nine percent of those breaches took place in the retail sector, primarily in online commerce, while finance saw 7 percent, and information technology and services saw 4 percent of the breaches. "A lot of them are not particularly sophisticated attacks," says 7Safe CEO Alan Phillips. "It is just poor coding of these Web sites."


Abstracts Copyright © 2010 Information, Inc. Bethesda, MD


  ASIS also offers a daily and a non-sponsored, special-content Professional Edition of
Security Newsbriefs. Please click to see a sample or to contact us for more information.

Unsubscribe | Change E-mail | Advertising Opportunities | Security Management Online | ASIS Online

No comments: