Search This Blog

Friday, May 20, 2011

Security Management Weekly - May 20, 2011

header

  Learn more! ->   sm professional  

May 20, 2011
 
 
Corporate Security
  1. "South African Photographer 'Killed in Libya'"
  2. "Man Says He Was Fired for Smoking Medical Marijuana" Denver, Colo.
  3. "Latest Scam Highlights Risks for Debit-Card Users" Michaels Security Breach
  4. "IMF Chief Strauss-Kahn Undergoing Tests Over Sex Charge"
  5. "Fraud Prevention: Improving Internal Controls"

Homeland Security
  1. "Some Cities Lose Funding to Prevent Terrorism"
  2. "Gates Says Pakistani Leaders Unaware of bin Laden"
  3. "Al Qaeda Agent Held in Karachi"
  4. "AP Sources: Raiders Knew Mission a One-Shot Deal"
  5. "Gunmen Kill Saudi Diplomat"

Cyber Security
  1. "Sony Plugs New Gaming Security Hole"
  2. "Sony CEO Warns of 'Bad New World'"
  3. "Breach May Have Targeted the Jobless" Massachusetts
  4. "Android Malware Jumps 400 Percent as All Mobile Threats Rise"
  5. "Sony Attack Show's Amazon's Cloud Service Lures Hackers at Pennies an Hour"

   

 
 
 

 


South African Photographer 'Killed in Libya'
Agence France-Presse (05/20/11) Berger, Joshua Howat

The family of an Austrian-South African photographer who had been missing in Libya issued a statement on Friday that said that he was killed six weeks ago by forces loyal to Libyan leader Moamer Kadhafi, despite previous claims by the Tripoli government that he was alive. The family of Anton Hammerl initially believed that he would be released on Wednesday along with three other foreign journalists that were being held in Tripoli. However, two of the journalists who were freed said that Hammerl was shot by Kadhafi's forces when the group reported from rebel-held front lines outside of the town of Brega on April 5. Just one day before, a spokesman for Kadhafi's government said that Hammerl would be released along with the other foreign journalists who were in the custody of Libyan officials. Officials from Austria and South Africa had also said that Hammerl was alive. The Libyan government spokesman said the next day, however, that there was confusion about the status of the journalists and that the Libyan government did not know where Hammerl was. Hammerl's family on Friday blasted the misinformation, saying it was "intolerably cruel."


Man Says He Was Fired for Smoking Medical Marijuana
9News (CO) (05/17/11) Wolf, Jeffrey; Vanderveen, Chris

A maintenance mechanic at MillerCoors in Denver has been fired for testing positive for marijuana. The employee, Paul Curry, said that the results of the drug test were not a surprise because he has been using marijuana medicinally for about a year. Curry added that he was not under the influence of marijuana at the time of the drug test and that his use of marijuana did not have an impact on his job performance. However, employers are not required under Colorado law to accommodate the use of medical marijuana. That means that employees who use medical marijuana are at risk of being fired if they test positive for the drug, even if there is no presumption that they are under the influence of the drug at the time of the test. According to legal analyst Scott Robinson, the issue of medical marijuana in the workplace will likely be litigated for years to come, given the fact that more than 120,000 people are listed on the Colorado Medical Marijuana Registry.


Latest Scam Highlights Risks for Debit-Card Users
Smart Money (05/16/11) Andriotis, Annamaria

A recent security breach at Michaels craft stores in 20 states, which resulted in hackers obtaining debit card information and in some cases money being taken out of customers' bank accounts, underscores the growing risk of debit card theft. So far in 2011, debit and credit cards make up 20 percent of all consumer data breaches, a spike from 11 percent in the same period of 2010. According to estimates from the American Bankers Association, debit-card fraud losses incurred by banks hit a record high of $788 million in 2008 -- due mostly to stolen and counterfeit debit cards. For consumers, debit card theft can result in severe losses. If the cardholder does not report the card missing before it is used, they could be held responsible for some or all of the withdrawals. In the worst-case scenario, a debit card theft could wipe out a bank account and if a consumer's checking account is linked to a line of credit for overdraft protection, the customer could lose that as well. While many banks tout "zero liability" programs, most say that consumers must notify them "promptly" to use that feature. Many banks closely watch debit-card activity and look for signs of fraud, but the burden still falls mainly on the consumer, requiring an extra level of vigilance. Experts now recommend that consumers check their checking account balances online every single day to watch for any fraudulent charges. Experts also recommend that if a card is stolen or used, consumers file a police report, which could help them make a case for reimbursement with the bank later.


IMF Chief Strauss-Kahn Undergoing Tests Over Sex Charge
BBC News (05/16/11)

International Monetary Fund (IMF) chief Dominique Strauss-Kahn has been arrested in New York City on charges of attacking and attempting to rape a hotel maid. After Strauss-Kahn's arrests, the maid subsequently identified him in a police lineup. Strauss-Kahn's clothing will be tested for traces of DNA, and the IMF chief will also undergo a medical examination. Strauss-Kahn has denied the charges against him. He was originally scheduled to appear in court on Sunday, though that hearing was postponed until Monday to allow for the completion of forensic tests.


Fraud Prevention: Improving Internal Controls
CSO Magazine (05/11) Draz, Daniel

Strong internal controls and a company's attitude to them, fraud and organizational culture are the basis for effective fraud prevention. In addition to modeling by senior management, buy-in from a company's board of directors and audit committee are essential in promoting an ethical and transparent environment. Internal controls must be thought of as a dynamic and fluid set of tools that change as the business, technology and fraud environments respond to competition, industry practices, legislation, regulation and the economy. Strengthening internal control policies and processes can make companies less attractive to fraudsters, both internal and external, who are looking to exploit internal control weaknesses. The process of strengthening those controls involves a comprehensive review of risk, the rules already in place and their efficacy in preventing fraud. The first step involves changing the attitude some employees have toward auditors, by proving them to be key partners and allies in the fight against fraud. Next, strengthening internal controls requires that ownership roles and responsibilities be defined or clarified. A common misconception is that responsibility for internal controls lies solely with a company's audit department, but according to the Institute of Internal Auditors, "Responsibility for the system of internal control within a typical organization is a shared responsibility among all the executives, with leadership normally provided by the CFO." The process must be viewed holistically, and a successful team will include members from a variety of business units and disciplines. Another way to strengthen internal controls is by improving the communication process, particularly with regard to critical-incident notification and protocols. Companies would be wise to conduct evaluations of their communication protocols to ensure that hotlines, which are the most frequent way fraud is detected, are adequately promoted and thoroughly understood. Companies can also strengthen internal controls by implementing segregation-of-duty policies, which split up responsibilities involving custody, authorization and control of source documents. When frauds are handled appropriately, post-event analysis is always involved, because it provides the company with lessons that can lead to new, stronger policies. Current legislation and regulation dictate that many internal controls in place today be designed to protect personally identifiable information and consumer data, and companies must carefully examine the methods through which they gather, handle, store and destroy data. It is of the utmost importance that companies test their internal controls in a controlled environment; this kind of testing is integral to assessing how strong internal controls are and whether they need to be strengthened. There are a number of methods that can be pursued for testing, but one thing is certain: Given the ever changing business and regulatory environment and the number and diversity of types of frauds being committed against companies globally, internal controls must be reviewed, evaluated, tested and strengthened regularly.




Some Cities Lose Funding to Prevent Terrorism
Wall Street Journal (05/20/11) Barrett, Devlin

The Department of Homeland Security has announced that it will reduce the number of cities that receive money under the Urban Areas Security Initiative from 64 to 31. That means that 33 medium-sized cities, including Indianapolis, Jacksonville, Fla., and New Orleans will not be receiving funds from the program, which is used to pay for counterterrorism training and equipment. However, many of the cities that have been dropped from the Urban Areas Security Initiative will still receive money from programs aimed at financing security for transit systems, ports, and other locations. According to DHS spokesman Chris Ortman, the decision to reduce the number of cities covered by the Urban Areas Security Initiative by more than half was made so that the nation's limited financial resources could be focused on mitigating and responding threats to high-risk cities. In fact, the move means that New York saw no cuts to its urban-security grant and cuts to other programs that were smaller than expected. However, the decision to remove more than 30 cities from the Urban Areas Security Initiative was criticized by Frank Straub, the director of public safety for Indianapolis, who said that cutting security funding for these cities makes them softer targets.


Gates Says Pakistani Leaders Unaware of bin Laden
Wall Street Journal (05/19/11) Barnes, Julian E.

Defense Secretary Robert Gates and Joint Chiefs of Staff Chairman Adm. Mike Mullen on Wednesday spoke to reporters about a number of issues that have been raised during the aftermath of the raid on Osama bin Laden's compound in Pakistan earlier this month. Among those issues are accusations that top Pakistani officials were aware that bin Laden was hiding out in the country. Gates said that while he did not believe that Pakistan's top leaders knew that bin Laden was in the country, he did say that a current or former government official was. Gates and Mullen also discussed the opportunity that Pakistan now has to take action against militants hiding out in its territory. Pakistan's army chief of staff has told Mullen that Pakistan plans to take action against a militant group known as the Haqqani network, though some U.S. officials are skeptical about those promises because Islamabad has never shown a willingness to go after the group before. In addition to Pakistan's promises to go after militant groups, Gates discussed threats by U.S. lawmakers to cut off aid to Islamabad amid concerns that it has failed to take action against or may even be supporting the Taliban and other militant groups. Gates said that lawmakers need to be cautious about such threats, because the U.S. still needs to provide economic and military support to Islamabad.


Al Qaeda Agent Held in Karachi
Wall Street Journal (05/18/11) Wright, Tom; Rosenberg, Matthew; Gorman, Siobhan

Muhammad Ali Qasim Yaqub, who has been described by U.S. officials as being a mid-level al-Qaida operative, has been arrested in the Pakistani city of Karachi. The arrest was carried out by the Pakistani military, and was the first arrest of a militant in Pakistan since U.S. forces killed Osama bin Laden in a raid on his compound in Abbottabad on May 2. Yaqub's arrest, which was made possible with the help of intelligence provided by the U.S., was seen as being important because he is believed to have been working directly under al-Qaida leaders in the area along the border between Pakistan and Afghanistan. A U.S. official also noted that Yaqub may have been involved in some operational plotting for terrorist attacks in Pakistan. The arrest of Yaqub was also seen as being important because it may have helped repair the relationship between the U.S. and Pakistan, which was hurt by the raid on bin Laden's compound. The relationship between the U.S. and Pakistan has also been hurt because some U.S. officials believe that Pakistani officials may have played a role in protecting bin Laden, though they concede that they have no proof.


AP Sources: Raiders Knew Mission a One-Shot Deal
Associated Press (05/17/11) Dozier, Kimberly

New information has come to light about the raid on Osama bin Laden's compound in Pakistan earlier this month. Pakistan was not informed of the raid because U.S. officials believed that Pakistani intelligence is lending its support to militants who launch attacks against U.S. troops in Afghanistan and is working to hurt American intelligence operations against al-Qaida in Pakistani territory. U.S. officials also believed that they had just once chance to carry out the raid on bin Laden's compound, as anger among the Pakistani populace over the violation of the country's sovereignty would have made a future operation impossible. In addition, officials revealed that the raid on bin Laden's compound began to go wrong almost as soon as it started. The Navy SEALs that carried out the operation were hoping for a surprise assault and to go after bin Laden by simultaneously entering the compound from the ground floor and the roof. However, those plans had to be changed after the tail and rotor of one of the helicopters got caught on one of the compound's walls, forcing the pilot to bury the aircraft's nose in the ground to prevent it from tipping over. Navy SEALs then used explosives to blow their way into the compound from the bottom up. After entering the compound and moving up the building's stairs, the commandos came into contact with bin Laden and shot him dead when it appeared that he was trying to get a weapon.


Gunmen Kill Saudi Diplomat
Wall Street Journal (05/16/11) Wright, Tom

Two gunmen riding on a motorcycle shot and killed a Saudi security official who was working at the Saudi Arabian consulate in Karachi, Pakistan, on Monday. The killing took place as the security official, Hasan al-Khattani, was driving to the consulate. Authorities believe that al-Khattani's murder may have been carried out by a Shiite sectarian group that is upset about the deployment of Saudi Arabian troops in Bahrain earlier this year to end anti-government protests by Shiites in that country. The Saudi Arabian consulate in Karachi was also attacked by several unidentified individuals who threw stun-grenades at the building last week. Those attacks came amid Shiite protests in Karachi over Saudi Arabia's decision to deploy troops to Bahrain, as well as Pakistan's decision to send police recruits to Bahrain to help the country's Sunni monarchy keep the peace. There are concerns in Pakistan that efforts to combat the Taliban and root out terrorists could be hurt if sectarian violence in the country increases.




Sony Plugs New Gaming Security Hole
Wall Street Journal (05/19/11) Wingfield, Nick

Sony has patched the security vulnerability in its PlayStation Network and Qriocity entertainment services. A spokesman for Sony said that the vulnerability was a "URL exploit" that could allow a hacker to manipulate the address for the company's password reset page and reset customer passwords, provided they had the account holder's birthday and e-mail address. That in turn could allow a hacker to gain control over a customer's PlayStation Network account and use the funds stored in the account to make purchases on the service. Although the security vulnerability has been corrected, Sony has taken down its password reset page, though it expects to have the page back online sometime soon.


Sony CEO Warns of 'Bad New World'
Wall Street Journal (05/18/11) Wakabayashi, Daisuke

Sony Corp. CEO Howard Stringer says that nobody can guarantee the complete security of a Web system in the "bad new world" of cybercrime. Sony continues to clean up the mess left from a data breach of its PlayStation Network (PSN) that compromised personal user information and forced a shutdown of the network that lasted several weeks. The FBI continues to investigate the breach and Sony has strengthened data security with new technologies, additional software monitoring, and vulnerability testing as well as new encryption and more firewalls. There have been no major problems with the network since service resumed. Stringer said the financial impact of the outage has yet to be determined, but analysts have predicted the breach could cost Sony as much as $1 billion. He also disagreed with criticism that the company should have notified customers of the data theft sooner. While Sony shut down PSN on April 20, it did not reveal the data breach to users until April 26. The company said that this decision was made because they did not know conclusively that personal user information had been accessed until April 25.


Breach May Have Targeted the Jobless
GovInfoSecurity.com (05/18/11) Chabrow, Eric

An unknown number of unemployed workers in Massachusetts may have had their personal information breached by hackers. A newly identified strain of the computer worm W32.Qakbot infected the departments of Unemployment Assistance and Career Services networks and computers as well as computers at the state's One Stop Career Centers, according to a statement from the Executive Office of Labor and Workforce Development. The state said it was unsure how many individuals were affected, but claimants whose unemployment insurance files were manually accessed between April 19 and May 13 could be affected. Officials say the state took immediate action to clear the machines of the virus, and initially thought the efforts succeeded. But the Labor and Workforce Development office later learned that the worm was not eradicated and the persistence of W32.Qakbot led to the data breach. "Unfortunately, like many government and non-government organizations, we were targeted by criminal hackers who penetrated our system with a new strain of a virus," says Labor and Workforce Development secretary Joanne Goldstein. "All steps possible are being taken to avoid any future recurrence."


Android Malware Jumps 400 Percent as All Mobile Threats Rise
eWeek (05/16/11) Rashid, Fahmida Y.

Cyberthieves are targeting Google's Android as they take advantage of a user base that is "unaware, disinterested, or uneducated" in mobile security, according to the Malicious Mobile Threats Report 2010/2011 from the Juniper Networks Global Threat Center. Malware developers are increasingly targeting mobile devices, and Android malware has jumped 400 percent since summer 2010, the report says. The spike in malware is a result of users not thinking about security, a large volume of downloads from unknown sources, and the dearth of mobile security software, Juniper found. About 17 percent of all reported infections were from SMS Trojans sending text messages to premium rate numbers, the report says. Spyware capable of monitoring phone calls and text messages from the device accounted for 61 percent of reported infections. Consumers can expect to see more sophisticated malware attacks against the Android platform, according to the report, including command and control zombies and botnet participators, and devices that are remotely controlled to execute malicious attacks. Enterprises and users must be aware of the growing hazards of going online using mobile devices and safeguard them the same way they protect desktops, laptops, and servers says Juniper's Dan Hoffman.


Sony Attack Show's Amazon's Cloud Service Lures Hackers at Pennies an Hour
Bloomberg (05/16/11) Galante, Joseph; Kharif, Olga; Alpeyev, Pavel

A person with knowledge of the recent attack on Sony's PlayStation Network and Qriocity services said that a hacker used Amazon's Elastic Computer Cloud (EC2) to carry out the breach, which resulted in more than 100 million customer accounts being compromised. Cloud services such as Amazon's EC2 are appealing to hackers for a number of reasons, including the fact that they can help cybercriminals conceal their tracks, said E.J. Hilbert, the president of the security firm Online Intelligence. In addition, the use of the multiple servers utilized by cloud services can make it easier for hackers to crack passwords, said Gartner analyst Ray Valdes. Compounding the problem is the fact that there is virtually nothing Amazon can do to prevent cybercriminals from using its cloud services for malicious purposes, said Abiquo Inc. CEO Pete Malcolm, whose company helps customers manage data internally and through cloud computing. Malcolm noted that the price for using EC2, which ranges from $0.03 to $2.48 per hour for East Coast users, as well as requirements that users provide their name, e-mail address, password, phone number, billing address, and credit card information, are not enough to prevent hackers from using the service. However, Valdes noted that Amazon could take steps to eliminate fraudulent accounts.


Abstracts Copyright © 2011 Information, Inc. Bethesda, MD


  ASIS also offers a daily and a non-sponsored, special-content Professional Edition of
Security Newsbriefs. Please click to see a sample or to contact us for more information.

Unsubscribe | Change E-mail | Advertising Opportunities | Security Management Online | ASIS Online

No comments: