| |
IIA to Develop Industry Code on Copyright
CIO Australia (03/11/11) Bushell-Embling, Dylan
Australia's Internet Industry Association (IIA) has announced that it will develop a code that will define the Internet industry's obligations in following up on copyright claims. The CEO of IIA, Peter Coroneos, said that the dismissal of the Australian Federation Against Copyright Theft's (AFACT) appeal against the iiNet court judgment did not define what kind of steps the Internet industry should take when responding to allegations of copyright infringement by users. He added that the code, which will apply to search, hosting, and social media providers, will clear up some of the confusion regarding the Internet industry's responsibilities in responding to copyright infringement claims. In addition, the IIA also plans to renew its efforts to extend the Copyright Act's protections to other intermediaries besides Internet service providers. According to Coroneos, search providers, social networking sites, auction sites, and others can currently be held liable if their users engage in actions that infringe on copyrights. Coroneos added that he hoped the development of the code and the effort to extend the protections of the Copyright Act would spur the development of affordable methods of distributing quality digital content.
Renault to Yield in l'Affaire d'Espionnage
Wall Street Journal (03/10/11) Gauthier-Villars, David; Moffett, Sebastian
Sources familiar with the investigation into allegations of corporate espionage against three former executives at the French automaker Renault say that the suspects in the case could soon be exonerated. However, Renault is not planning to make any official moves in the case until prosecutors in Paris report back on their search for the bank accounts in Switzerland and Liechtenstein where the suspects allegedly hid the money they took in bribes. So far the search for those bank accounts has turned up empty. Prosecutors in Paris say that they expect to hear from officials in Switzerland and Liechtenstein within the next several days. Meanwhile, prosecutors in France are broadening the investigation in the hopes of determining who sent a letter to several Renault managers last summer saying that Michel Balthazard, one of the fired executives, had been seen negotiating a bribe. Prosecutors are using DNA tracing technology to determine who sent the letter, which prompted the investigation. Authorities had hoped that they would find the sender's DNA on the back of the postage stamp that was used to mail the letter, though no DNA was found because the stamp was self-adhesive. There has been speculation that the letter was sent as part of an effort to trick Renault into bringing charges against the three managers.
Security Guard Stole BP17,500 From Cashpoint
1230AM WCLO (03/10/11) Clifford, Paul
A security guard in the U.K. faces jailtime after stealing a five-figure sum from a cashpoint he was supposed to be filling up. The employee of Bradford-based Sunwin Services Group, which is contracted to fill up cash machines at co-op stores across the country, is accused of stealing up to BP17,500 from one machine over a nine-month period. The money was taken between November 2008 and July 2009.
Corporate Data Breach Average Cost Hits $7.2M
Network World (03/08/11) Messmer, Ellen
The cost of a data breach has risen from $6.8 million in 2009 to $7.2 million last year, according to a Ponemon Institute study, which also found that the average cost per compromised record rose 5 percent to $214. However, the average cost per compromised record was higher in some industries than it was overall. For example, the average cost of a data breach per compromised record was $353 in the financial services industry last year, up from $249 in 2009. The study also found that organizations that notified data breach victims within one month of discovering a breach paid more per record than did companies that took longer—$268 per record compared with $174 per record. Ponemon attributed this finding to the possibility that companies may be reporting and publicly disclosing more records than were actually breached because they are concerned that they will have problems with regulators or class-action lawsuits if they notify victims a month or more after the breach.
New Maine Pot Law Clouds Rules on Drug Use
Portland Press Herald (ME) (03/08/11) Dacri, Rick
Employers in Maine should take several steps when they believe that a worker is under the influence of medical marijuana while on the job. For instance, employers should be sure to document their findings, focusing on the employee's observable behavior and refraining from making a diagnosis. Employers should also treat the use of medical marijuana in the same way that they would prescription medicines that could have an impact on an employee's ability to do his job safely. Companies that must comply with federal mandates will still have to follow rules on things such as drug testing, since marijuana is still illegal under federal law. If the employee tests positive for drugs, federal rules stipulate that he cannot be allowed to report for work, remain on duty, or engage in any safety-sensitive functions. In fact, employees who test positive for drugs cannot perform any safety-sensitive responsibilities until he has a negative drug test. Although it is not clear what steps employers can take next, they may be forced to place an employee on medical leave until he tests negative for drugs, since federal guidelines prohibit employees from driving after a positive drug screen.
Protest Violence Reaches Saudi Arabia
Wall Street Journal (03/11/11) Said, Summer; Entous, Adam
The unrest in Saudi Arabia escalated on Thursday when at least 200 Shiite protesters gathered in Qatif to pressure the government to make political reforms and release prisoners being held without trial. A spokesman for Saudi Arabia's Interior Ministry said some of the protesters attacked a policeman, forcing police to fire live ammunition above the crowd. The policeman who was attacked was injured, as were two people who were hit by gunshots. The Interior Ministry spokesman said that authorities had launched an investigation to determine the source of those gunshots. The incident represented the most serious escalation of unrest in Saudi Arabia since the protests began in the Middle East late last year. Meanwhile, protesters in Saudi Arabia are calling for further protests on Friday. The prospect of additional demonstrations has raised concerns about the stability of Saudi Arabia. However, experts say that it remains unclear whether the protests will escalate into a revolution as they did in other Middle Eastern nations.
Somali Islamists Could Grab Tankers for Attacks: PM
Reuters (03/11/11) Worsnip, Patrick
In his remarks to the United Nations Security Council on Thursday, Somali Prime Minister Mohamed Abdullahi Mohamed said that Somali pirates and Islamists are learning from one another. Mohamed--who noted that Somalia's problems with terrorism and piracy are rooted in lawlessness, poverty, and religious fanaticism--also warned that al-Qaida could hijack oil tankers and use them in attacks similar to those that took place on September 11, 2001. However, Mohamed did not say what the terrorists would attack with the tankers. Also appearing before the U.N. Security Council was Russian Ambassador Vitaly Churkin, who said that Moscow would soon introduce a Security Council resolution that would promote the fight against piracy. Churkin's remarks come in the wake of the release of a U.N. report that discussed ways to prosecute captured Somali pirates. Many of those pirates have been freed after being captured because there are no countries that are willing to put them on trial.
Police in Los Angeles Step Up Efforts to Gain Muslims' Trust
New York Times (03/09/11) Goodstein, Laurie
Law enforcement experts are praising Los Angeles' efforts to overcome mistrust of law enforcement in the Muslim community and to enlist the help of Muslims in preventing terrorist attacks. In an effort to reach out to the Muslim community, law enforcement officers visit mosques in Los Angeles during Friday Prayer, spend time talking with imams, and hand give out their cell phone numbers in the hopes that someone will contact them with tips about possible terrorist activity. Sgt. Mike Abdeen, a member of the Los Angeles County Sheriff's Department unit that is responsible for outreach to the Muslim community, said that the efforts appear to be successful in building trust among Muslims and members of law enforcement. He cited a case last year in which a Muslim father called the Sheriff's Department about concerns that his son may have been involved with Islamic extremists. Abdeen noted that the man would not have called police if he did not trust them to do the right thing. Leaders of the Muslim community, meanwhile, said that they are eager to cooperate with police because they know that they will come under increased scrutiny if there is a successful terrorist attack. However, some Muslims--particularly those that come from countries where the police do not have a good reputation--are still afraid to talk to law enforcement, Muslims and police officers said.
Scottish Police Arrest Suspect in Swedish Bombing
New York Times (03/09/11) Somaiya, Rava
Scottish police have arrested a man in Glasgow on terrorism charges as part of an investigation across Sweden and Britain into the bomber, Taimour Abdulwahab al-Abdaly, who had lived in both countries after fleeing Saddam Hussein's Iraq with his family in 1992, and who detonated crude bombs in Stockholm's city center on Dec. 11, 2010. The man arrested on March 8 was accused of "aiding terrorist activities" outside Scotland and described only as a “foreign national.” He was arrested in a dawn raid in Glasgow. Swedish security services say that there is a likely connection to Abdaly, but did not provide any details. Abdaly had driven to the busy Stockholm street of Drottninggatan shortly before 5 p.m. on Dec. 11, and parked among throngs of Christmas shoppers. The first blast came from gas canisters in his car, and the second came minutes later, about 200 yards away, when one of 12 pipe bombs strapped to him exploded, possibly prematurely. Minutes before the blasts, he had sent recordings to the Swedish police and news media vowing revenge in the name of Islam on Sweden for its participation in the war in Afghanistan and for cartoons published by a Swedish artist depicting the prophet Muhammad in an unflattering light. Swedish investigators do not believe he acted alone, noting that in the recordings he sent, terrorism experts found hints of links to Al Qaeda in Iraq.
Obama Backtracks on Guantanamo; Detention Center to Stay Open
IBTimes (03/08/2011)
President Obama has decided to leave the Guantanamo Bay detention center open indefinitely to hold terrorist suspects. Political observers said that the bipartisan opposition to creating a detention center on U.S. soil to prosecute those held at Guantanamo Bay made the president's campaign promise to shut down the center impossible. The American Civil Liberties Union criticized the decision, saying that it institutionalized indefinite detention at Guantanamo. Republican lawmakers, on the other hand, praised the move, saying that it continues to permit the government to detain terrorists "until the cessation of hostilities."
Mobile Security a Headache for CIOs, Not a Concern for Users
eWeek (03/09/11) Rashid, Fahmida Y.
With more workers bringing smartphone connectivity into the office, CIOs are worried about mobile data security and how employee devices are managed, according to new research. CIOs from large American and British organizations were polled about their mobile security concerns in a mobile security report from Mformation Technologies. The report, released March 8, details the challenges facing CIOs attempting to determine which devices are connecting to the network and what information they are privy to, the company said. More than three out of four CIOs surveyed—76 percent—said employee-owned mobile devices are causing security woes, and 78 percent did not know what mobile devices were connecting to the corporate network. Even more troubling, 77 percent of organizations have no idea what information is on those employees devices that are accessing the network, the report found. "Enterprise mobility may well be a business imperative, but it remains a massive risk," says Mformation CEO Todd DeLaughter. Just one out of three polled CIOs said they could track data on company-issued devices, while less than a quarter knew what corporate data was on all mobile devices in real time, no matter who owned the device. In the event that the device is stolen or misplaced, less than 60 percent of CIOs said they would be able to secure the data on the missing device. Seventy-seven percent of the respondents cited limited resources and a rapidly changing platform as the primary factors underlying their difficulty in managing the mobile devices.
Cyberattack-Alert System Could Be Model for U.S.
Network World (03/08/11) Messmer, Ellen
Washington is in the process of deploying a statewide system that will provide early warnings about cybersecurity threats to participating organizations and the U.S. Department of Homeland Security (DHS). The Public Regional Information Security Event Management (PRISEM) system will consist of security and information event management (SIEM) equipment deployed on local security and network gear at participating organizations, including local and state agencies. The SIEM equipment would be used to send security event information to the central PRISEM aggregation point, where it is analyzed and shared with other PRISEM participants in a confidential manner. In addition, the analysis data will be shared with DHS. The system, which is the first of its kind in the United States and could be replicated in other states, is expected to provide participating organizations with early warnings about cyberattacks and botnet activities. It is expected to be particularly beneficial for smaller cities, since it will enable them to have a sense of what type of cybersecurity threats are affecting networks in the state without deploying their own SIEM. Several cities and local organizations are in talks to participate in PRISEM, including the Port of Seattle and the Port of Tacoma, as well as several private companies.
France Investigates Attack on Computers
Wall Street Journal (03/08/11) Colchester, Max; Parussini, Gabrielle
The director-general of the French National Agency for Information Systems Security announced Monday that his agency is leading an investigation into a major cyberattack that took place in France late last year. During the December attack, hackers spied on roughly 150 computers belonging to employees at France's Finance Ministry ahead of the meeting of the Group of 20 nations. The employees whose computers were hacked were all working on the G-20 meeting. After breaking into the computers, the hackers were able to obtain large numbers of classified documents about France's international economic policy. Although the investigation into the attack was announced Monday, the probe actually began in January when a finance ministry employee noticed that an e-mail laden with a Trojan horse had been sent from the account of someone working at the finance ministry without their knowledge. Efforts have since been taken to improve security on some of the finance ministry 170,000 workstations.
Open Source an Open Goal for Health Care IT--Research Finds Both Cost and Security Benefits
University of Warwick (03/08/11) Dunn, Peter
Researchers at the University of Warwick and University College London (UCL) have found that open source software could be more secure than more expensive alternatives. "If the code is in the public domain, and the user and programmer community are engaged, then the buyer can profit from more people inspecting and fixing the code leading to higher quality source code and in turn software," says UCL's Carl Reynolds. Warwick professor Jeremy Wyatt says that although open source critics argue that public code makes it easier for criminals to exploit vulnerabilities, "our work ... shows that the evidence does not bear this out and in fact open source software (OSS) may be more secure than other systems." Open source allows for the independent analysis of a security system, which makes bug patching easier and forces developers to spend more time and effort making the code secure, Wyatt says. The researchers also disagree with the notion that OSS is riskier due to liability issues.
Most Websites Vulnerable to Attack, WhiteHat Study Says
Dark Reading (03/08/11) Wilson, Tim
The average Web site has critical vulnerabilities more than nine months out of the year, according to a WhiteHat Security report, which says information leakage has supplanted cross-site scripting (XSS) as the most ubiquitous Web site vulnerability. The report examined data from more than 3,000 Web sites across 400 organizations that are constantly checked for vulnerabilities by WhiteHat Security's Sentinel service. It is inevitable that Web sites will contain some broken code, especially in sites that are continually updated, says WhiteHat Security's Jeremiah Grossman. "Specifically for CIOs and security professionals, measuring window of exposure offers a look at the duration of risk their business and user data is exposed to by not having sufficient remediation processes in place," he says. Heavily regulated industries such as health care and banking have the lowest rates, with 14 and 16 percent, respectively, of the sites in those industries having critical vulnerabilities throughout the year. Social networking and retail have two of the most gaping windows of exposure, and the education industry has the distinction of leading the category, as 78 percent of sites in those industries are susceptible at least nine months of the year.
Abstracts Copyright © 2011 Information, Inc. Bethesda, MD |
No comments:
Post a Comment