Security Management Weekly - August 6, 2010

Learn more! ->     August 6, 2010     Corporate Security Sponsored By: "Man Who Killed 8 Went to Work Well Armed" Manchester, Conn. "Workplace Homicide: What Is the Risk?" "Man Kills 8, Self in Connecticut Shooting Rampage" "Mexican Journalists Rescued" "Theft Contributed to Collapse" Australian Retailer Clive Peters Homeland Security "New Spymaster Wins Senate Nod" Director of National Intelligence James Clapper "New al-Qaida Leader Knows US Well" "3 Children, Teacher Slain in Chinese Kindergarten" "Terrorists Claim Tanker Attack" Strait of Hormuz "Secret Drone Program at Issue in Lawsuit" Cyber Security "Apple Preparing Fix for iPhone Security Flaw" "Bank Scam Targets 100,000 People in the UK" "Cybercrooks Use Web Apps to Infiltrate Smartphones" "U.S. Challenged by Global Cybersecurity" "Team Releases Tools for Secure Cloud Computing"             Man Who Killed 8 Went to Work Well Armed New York Times (08/05/10) P. A19; Haughney, Christine; Rivera, Ray As more details of Tuesday's shooting at a Hartford Distributors warehouse in Manchester, Conn., surface, it becomes clear that shooter Omar S. Thornton had certain targets, police say. Thornton arrived at the warehouse with two 9 mm handguns stashed in his lunchbox, which he hid in a kitchen next to the office where he faced a disciplinary hearing. Once in the hearing, Thornton reportedly took the news calmly that the company had hired a private investigator to follow him on his delivery rout as a driver for the company. He also viewed video that showed him stealing beer along the rout and agreed to sign a resignation letter. He then asked if he could get a glass of water from the kitchen and returned with the guns. He killed both the man representing the company’s interests and the one who was supposed to defend him. As he continued through the facility, reports indicate that he purposefully spared certain workers and shot others before killing himself. “He didn’t have a master list saying these are the people he was going to go after, but based upon some of the people that were victims, it’s probably likely that he was targeting some individuals,” said Lt. Chris Davis of the Manchester Police Department. “He passed by many individuals and did not shoot them.” Web Link | Return to Headlines Workplace Homicide: What Is the Risk? Boston Globe (08/05/10) Fox, James Alan Although recent incidents such as the shooting at a beer distribution plant in Manchester, Conn., make it seem that workplace violence is commonplace, the risk that employees will die at the hands of a colleague while at work is actually low. For more than a decade now, the number of homicides that have taken place at U.S. workplaces has dropped steadily. Most of those that do take place are robberies, while others involve domestic disputes that spill over into the workplace. Only a handful are the result of employees killing their colleagues because they are disgruntled or because they are seeking revenge. In fact, less than 100 people die in such incidents per year. As a result, it is important not to respond to incidents like the Manchester shooting with hysteria, the author notes. Instead of implementing draconian security measures, the author writes, employers should seek to humanize their workplaces by not singling out potentially violent employees. Workers should also make more of an effort to reach out to their colleagues to help combat what the author described as an epidemic of loneliness, isolation, and resentment. Web Link | Return to Headlines Man Kills 8, Self in Connecticut Shooting Rampage Associated Press (08/04/10) Singer, Stephen Nine people were killed Tuesday morning when a gunman went on a shooting rampage at the beer distributorship he worked at in Manchester, Conn. The incident began when the gunman, 34-year-old Omar Thornton, was called into a meeting at Hartford Distributors and was presented with video evidence that showed that he had been stealing beer from the warehouse. Thornton was then offered the chance to quit or be fired, said Steve Hollander, the vice president of Hartford Distributors and a member of the family that owns the company. Hollander added that Thornton calmly agreed to resign, but moments later pulled out a gun and started shooting. When Thornton finished shooting, eight of his co-workers were dead. It remains unclear whether Thornton targeted specific individuals or fired randomly, as victims were found scattered all over the facility, said Manchester Police Chief Marc Montminy. After police arrived on the scene, Thornton killed himself. In addition to looking at Thornton's termination as a motive for the shooting, authorities are also investigating the shooter's claims that he was a victim of racial harassment at Hartford Distributors because he was black. However, Thornton never filed a complaint about the alleged harassment with the Teamsters union or the government. Hartford Distributors has also denied allegations of racial discrimination. Web Link | Return to Headlines Mexican Journalists Rescued Wall Street Journal (08/02/10) De Cordoba, Jose; Casey, Nicholas Two journalists who were kidnapped by members of a Mexican drug gang have been rescued by police. The two journalists were taken hostage along with two other journalists after covering a protest by inmates at a prison in the Mexican city of Gomez Palacio whose director had been charged with giving weapons to prisoners and allowing them to go free to carry out several killings. Members of a cell associated with the Sinaloa Cartel, the most powerful drug-trafficking group in Mexico, took the four journalists hostage because they wanted to pressure the television networks they worked for to air their video messages. In those messages, police were seen being held by an unnamed gang and saying that other police men were working with one of the drug cartels fighting for control of the Mexican city of Torreon. Those videos were aired last Thursday by the Mexican television network Televisa, though Televisa and Milenio Television, the employer of one of the kidnapped journalists, subsequently said that they would not hold further negotiations with the drug cartels. Nevertheless, police were eventually able to free all four journalists in two separate raids, though they were not able to capture the kidnappers. The incident has underscored the threats to journalists in Mexico from the nation's drug cartels. More than 30 reporters have been killed since 2006, the year the Mexican government launched its war on the drug gangs. Drug cartels have also attacked news outlets in Mexico. On Friday, a grenade exploded outside of Televisa's offices in Nuevo Laredo. No one was hurt in the attack. Web Link | Return to Headlines Theft Contributed to Collapse Australian Associated Press (AAP) (08/02/10) Fogarty, Daniel Victoria, Australia, prosecutor Peter Kidd told the Victorian Supreme Court that a massive theft committed by 39-year-old Sonya Causer contributed to the recent collapse of retailer Clive Peters. Prosecutors say that Causer--a senior accountant at Clive Peters--used her authority as a check signatory on the company' bank account as well as her ability to process electronic funds transactions for the company to transfer nearly $20 million to accounts she controlled. That money was used to purchase properties, cars, and jewelry. Causer has pleaded guilty to the charges against her, and said she committed the theft because it was easy to do. Kidd is planning to ask the court to sentence Causer to between eight and 11 years in prison when she is sentenced on Aug. 16. Web Link | Return to Headlines New Spymaster Wins Senate Nod Wall Street Journal (08/06/10) Gorman, Siobhan After winning several concessions from the Obama administration, Republican senators joined their Democratic colleagues on Thursday in unanimously approving James Clapper as director of national intelligence. Some Republican senators, including Sen. Tom Coburn of Oklahoma, had delayed Clapper's nomination because of concerns that some Guantanamo Bay detainees had been released from the detention facility despite the fact that the Central Intelligence Agency and the Defense Intelligence Agency had warned against releasing them. Coburn and others had said that they would not vote on Clapper's nomination until they were provided with threat assessments on the detainees so that they could evaluate them directly. Although the Obama administration said that it had already been providing Congress with intelligence reports on detainees, it sought to assure Coburn that it would provide threat assessments on the detainees in question quickly, giving priority to those who have been or are about to be released from Guantanamo. Meanwhile, experts say that Clapper, who will be the nation's fourth director of national intelligence in the past five years, will face a number of challenges in his new post. For instance, Clapper will need to determine what a successful director of national intelligence looks like and figure out how to achieve that success, said former senior intelligence official Mark Lowenthal. Web Link | Return to Headlines New al-Qaida Leader Knows US Well Associated Press (08/06/10) Anderson, Curt Adnan Shukrijumah has reportedly become the leader of global operations for al-Qaida after his two counterparts on the organization's "external operations council" were killed in CIA drone attacks. Shukrijumah's status in this position is a major concern to counterterrorism officials, because he is the only al-Qaida leader to have once held permanent U.S. resident status. Shukrijumah lived in Miramar, Fla., with his mother and five siblings in 1995. At some point in the late 1990s, Shukrijumah apparently began to turn to radical Islam. He traveled to Afghanistan to receive training in the use of automatic weapons, explosives, battle tactics, surveillance, and camouflage. He was born in Saudi Arabia and is a citizen of Guyana. The FBI has been searching for him since 2003. Web Link | Return to Headlines 3 Children, Teacher Slain in Chinese Kindergarten Washington Post (08/05/10) P. A8; Richburg, Keith B. Twenty-six-year-old Fang Jiantang killed three children and a teacher in a knife attack on Boshan District Experimental Kindergarten in Zibo, China, on Tuesday. Approximately 12 other people were also wounded when Jiantang began slashing victims with a two-foot knife. The attacker had no known connections to the kindergarten. He reportedly mingled with parents waiting to pick up their kids. Reports also indicate that Jiantang initially fled the scene but later turned himself in to police. This attack bears striking resemblance to other incidents throughout China that have left about 20 people dead since March. The first attack occurred March 23, when former community director Zheng Minsheng, killed eight children with a knife. He was executed by firing squad a month later. On the same day, a mentally ill man wounded 18 children in a primary school in Leizhou. Three other attacks followed. The Chinese government has blamed the subsequent incidents on copycatting and has increased security and surveillance at primary schools throughout the country. Web Link | Return to Headlines Terrorists Claim Tanker Attack Wall Street Journal (08/05/10) Coker, Margaret; Malas, Nour; Said, Summer An al-Qaida-linked group has claimed responsibility for a July 29 attack on the Japanese oil tanker M. Star in the Strait of Hormuz. In a statement posted on the Internet, the Egypt-based Abdullah Azzam Brigades said the attack was carried out by a suicide bomber as the vessel was traveling between the United Arab Emirates and Oman. However, it remains unclear exactly how the terrorist group carried out the attack or how it approached the ship. Nevertheless, the statement sheds some light on the mysterious incident, which had been blamed on an unusually large wave and a collision. Crew members also reported seeing what they thought was an explosion, though initial tests on the tanker were negative for explosives. Another round of tests is being conducted as the investigation into the incident continues. Web Link | Return to Headlines Secret Drone Program at Issue in Lawsuit Wall Street Journal (08/04/10) Perez, Evan The American Civil Liberties Union (ACLU) and the Center for Constitutional Rights have challenged a Treasury Department restriction that means that lawyers may have to obtain a special license granting them permission to work for a suspected terrorist. In this particular case, the ACLU says they have applied for a license to represent the father of American-born radical Yemeni cleric Anwar al-Awlaki. The lawsuit also serves as a proxy challenge to the government's "targeted killing" program, which uses CIA drones to pursue and kill terrorist leaders. Awlaki was allegedly added to the list of militants targeted by the program due to his widespread Internet-based jihad campaign and his suspected connection to several recent terrorist plots against the U.S.. The ACLU argues that this move is the equivalent of "imposing the death penalty without trial" on an American citizen. In response to criticism of the decision to pursue Awlaki, CIA director Leon Panetta said, "Awlaki is a terrorist and yes, he's a U.S. citizen, but he is first and foremost a terrorist and we're going to treat him like a terrorist. We don't have an assassination list, but I can tell you this: We have a terrorist list and he's on it." Web Link | Return to Headlines Apple Preparing Fix for iPhone Security Flaw InformationWeek (08/05/10) Zeman, Eric The most recent jailbreaking applications offered by the iPhone Dev Team exploit the way the iOS Safari browser loads PDF files from Web sites. The security vulnerability gave the Dev Team a way to break into the iPhone 4, iPhone 3GS, and iPhone 3G. IPhone users can hack into their devices directly through the browser. Apple says the company is working on a fix to the problem. "We're aware of this reported issue, we have already developed a fix and it will be available to customers in an upcoming software update," says am Apple representative The company has not explained when the software update would be offered to users of iOS devices. Security professionals have expressed concern over the matter, and the German government actually issued a warning to its citizens about the vulnerability. Once compromised, iPhone users can download unauthorized third-party applications. The iPhone Dev Team also released a new version of ultrasn0w, which will jailbreak the iPhone and make it operable on networks other than AT&T. Web Link | Return to Headlines Bank Scam Targets 100,000 People in the UK BBC News (08/04/10) Fildes, Jonathan Israeli firm Trusteer reports that it has uncovered a botnet infecting approximately 100,000 computers in the U.K. The botnet is allegedly being controlled by criminals in Eastern Europe attempting to collect online banking data from British consumers. These details include login information, credit and debit card numbers, and other passwords. The botnet uses a common Trojan known as Zeus but is unusual because it employs a new variant of the malware and primarily targets victims in the U.K. using either a U.K. specific Web site or a U.K.-based mailing list. Researchers say the U.K. was likely targeted because it has a developed banking system that is controlled by relatively few institutions. As Amit Klein, chief technology officer at Trusteer, says, “If you can write malware to cover six to 12 banks in the U.K., you’re covering almost all the market. Web Link | Return to Headlines Cybercrooks Use Web Apps to Infiltrate Smartphones USA Today (08/03/10) P. B1; Acohido, Byron Cyberthieves are tweaking tried-and-true computer viruses to work on Web-enabled smartphones. According to the research firm IDC, worldwide smartphone shipments topped 54 million in the first quarter of 2010, a 57 percent increase from the previous year. This fact has not escaped cybercriminals. Users who mistakenly download a sham wallpaper app for the Google Android phone could get one that harvests the user's contacts and voicemail numbers, which can be used to pinpoint the user's location. Mobile security company Lookout uncovered 80 such Android Web apps in late July, which have since been removed by Google, according to Lookout CEO John Hering. The data was transmitted to a Chinese Web site. In this case, the wallpapers, reflecting innocent images of animals, basketballs and such, were downloaded more than 1 million times. "Smartphone usage is going mainstream," Hering says. "And so the bad guys are looking at Web browsing and the downloading of Web apps as two primary attack vectors." Web Link | Return to Headlines U.S. Challenged by Global Cybersecurity InformationWeek (08/03/10) Montalbano, Elizabeth A new report from the U.S. Government Accountability Office (GAO) urges the U.S. government to concentrate on creating a unified approach to cyber security. The report notes that multiple federal organizations are currently involved in creating cyber security policy and processes, including the departments of Commerce, Defense, Homeland Security, Justice, and State and the National Security Agency. Meanwhile, Congress has yet to pass a comprehensive law to deal with domestic cyber security issues. The report says a nationwide cyber security strategy needs to be defined with clear objectives, goals, and activities, while performance measurements need to be established to make sure that activities achieve desired outcomes. The GAO also notes that certain U.S. and foreign technical standards related to cyber security or policy can impede trade by compelling corporations to either abandon a market or redesign products to meet a particular nation's standards. China and South Korea have tried to force the United States to adhere to internally developed cyber security standards, which could potentially be discriminatory against U.S. companies. The GAO also warns that U.S. judicial systems lack the technical capability to deal successfully with cyber security issues, and existing laws are inconsistently enforced. Officials at the Federal Bureau of Investigation and Secret Service say they have been unable to obtain sufficient evidence for some transactional cybercrime investigations, according to the report. Web Link | Return to Headlines Team Releases Tools for Secure Cloud Computing UT Dallas News (08/02/10) Moore, David University of Texas at Dallas (UTD) researchers have released software tools designed to facilitate cloud computing. "In order to use electricity, we do not maintain electricity generators at home, instead we get the electricity on demand from the grid when we need it," says UTD Cyber Security Research Center director Bhavani Thuraisingham. He says the cloud computing model works on a similar principle. Research shows that the biggest hurdle to broad adoption of cloud computing is concern about the security of sensitive data, so security has been one of the UTD team's focal points. "In building a cloud, we are using a number of open source tools, including Apache's Hadoop distributed file system, Google's Mapreduce, and the University of Cambridge's XEN Virtual Machine monitor," Thuraisingham says. He says the tools provide the infrastructure for security features. UTD's tools provide secure query processing capabilities and prevent unauthorized access to sensitive data. The system's framework consists of a network layer, an infrastructure layer, a storage layer, and a data layer. Web Link | Return to Headlines Abstracts Copyright © 2010 Information, Inc. Bethesda, MD   ASIS also offers a daily and a non-sponsored, special-content Professional Edition of Security Newsbriefs. Please click to see a sample or to contact us for more information. Unsubscribe | Change E-mail | Advertising Opportunities | Security Management Online | ASIS Online