| |
Hackers Nab Card Data From 200,000 Citi Customers
Associated Press (06/10/11)
About 1 percent of Citigroup's roughly 21 million credit card customers in North America, or about 200,000 people, were affected by the recent data theft at the company. In that security breach, hackers broke into Citi's online account site and stole customers' e-mail information and account numbers. However, Citi said that hackers did not steal Social Security numbers, birth dates, card expiration dates, or card security codes. That means that those affected by the breach may not be vulnerable to identity theft, though the hackers could use the information they stole to acquire details about customers' bank accounts and financial information. The security breach comes on the heels of a number of high-profile data breaches at other companies, including Google, which announced June 1 that the Gmail accounts of several hundred people had been broken into. On May 30, PBS said that hackers broke into its Web site and posted a fake story about dead rapper Tupac Shakur being alive in New Zealand. The hacker group LulzSec took responsibility for the PBS security breach, saying that it carried out the attack to retaliate against the network for a documentary about WikiLeaks.
Regulators Pressure Banks After Citi Data Breach
Reuters (06/09/11) Aspan, Maria
Major U.S. banks are coming under growing pressure from banking regulators to improve the security of customer accounts following revelations that Citigroup was victimized by a cyber attack. The FDIC is preparing new measures on data security. Chairman Sheila Bair said on Thursday she may ask "some banks to strengthen their authentication when a customer logs onto online accounts." Federal banking regulators last updated their guidance on Internet banking security standards in 2005. The regulators proposed an update to those standards in December 2010, saying they were "increasingly concerned that customer authentication methods implemented several years ago may no longer be effective ... (and) have also become aware that some institutions have failed to perform periodic risk assessments and update their control mechanisms appropriately."
At Least 13 Killed in Shooting at Mexico Rehab Center
Latin American Herald Tribune (06/08/11)
More than a dozen people were killed and two others were wounded in a shooting at the La Victoria drug rehabilitation center in Torreon, Mexico, on Tuesday. The attack on patients at the drug rehab center was committed by gunmen armed with AR-15 and AK-47 assault rifles. The attack was the latest in a rash of shootings at drug rehab centers in Mexico. On Oct. 24, 13 people were killed when gunmen opened fire in the El Camino treatment center in Tijuana. Such attacks are believed to be part of an effort to target individuals who are thought to be using the drug rehab centers to sell narcotics on the turf of rival drug gangs.
Protect IP Copyright Bill Faces Growing Criticism
CNet (06/07/11) McCullagh, Declan
A group of prominent Internet researchers have joined the chorus of technological and security professionals raising concerns about the Protect IP Act. The act, if passed. would allow the Department of Justice to seek a court order against an allegedly infringing Web site, and then serve that order on search engines, certain Domain Name System (DNS) providers, and Internet advertising firms, who would be required to make the Web site inaccessible. However, the researchers' analysis found that the act is incompatible with the DNSSEC system designed to ensure Web sites that users visit are authentic. This incompatibility would cause innocent Web sites to be shut down, and would allow blocks to be bypassed using a Web site's IP address. The analysis also found that filters could be circumvented using offshore DNS servers not subject to U.S. law, thus exposing "users to new potential security threats" not present if they continued to use U.S.-based DNS servers. When commenting on this flaw, Public Knowledge attorney Sherwin Siy pointed out that circumvention by using offshore servers "will also mean that ISPs gain less data on network security threats, since they use their DNS services to monitor systems and guard against denial-of-service attacks, identify botnet hosts, and identify compromised domains." Despite these and other criticisms the Senate Judiciary committee has voted unanimously to send the bill to the floor for a vote. Sen. Ron Wyden (D-Ore.) has placed a hold on the bill, saying Protect IP takes an "overreaching approach to policing the Internet when a more balanced and targeted approach would be more effective." That hold could be overruled by a cloture vote.
Audit: Sexual Assault Incidents Within VA System Underreported
CNN International (06/07/11)
A report released by the Government Accountability Office (GAO) on Tuesday found that many of the incidents of sexual assault that have taken place at Veterans Affairs hospitals and community clinics are not being reported to the VA's top officials. Of the 284 cases of sexual assault that took place within the VA system and were reported to VA Police between January 2007 and July 2010, a large number were never reported to VA leadership officials and the VA Inspector General's Office. The GAO said that the under-reporting of the cases of sexual assault--which were committed by VA employees, patients, and individuals without any ties to the VA--was the result of several factors, including a lack of clear expectations on which incidents should be reported. The report also uncovered poor monitoring of surveillance cameras at VA hospitals and clinics and malfunctioning alarm systems. VA Police were also understaffed at many hospitals and clinics, the GAO said. For its part, the VA has said that it is working to improve reporting of allegations of sexual assault and is working to improve security at its facilities.
Plea Deal Ends Leak Case Against Former Official
Wall Street Journal (06/10/11) Kendall, Brent
Thomas A. Drake, the former senior National Security Agency official who was accused of leaking classified information to a newspaper reporter, has agreed to a plea deal with the government. Under that deal, Drake pleaded guilty to a misdemeanor charge of exceeding his authorized use of a computer. The Justice Department said in the plea deal that it would have no objections if Drake did not serve time in jail. Drake had faced 10 felony counts before reaching a plea deal with the government, including charges of illegally keeping classified documents at home. He was also facing the possibility of having to go to prison for decades. The announcement of the plea deal comes after prosecutors indicated earlier this week that they would not present some evidence at Drake's trial in order to protect information about technology used by the NSA.
Split Verdicts for Man Accused of Terrorism
New York Times (06/09/11) Fitzsimmons, Emma G.; Thompson, Ginger
A federal jury has convicted Tahawwur Rana of supporting plans to attack a Danish newspaper, while he was acquitted on charges that he helped plan the 2008 terrorist attacks on Mumbai, India. However, Rana was found guilty of providing support to the group thought to be behind those attacks, Lashkar-e-Taiba. Rana now faces a possible sentence of 30 years in prison. The government expressed disappointment regarding his acquittal on the Mumbai charge, which relied primarily on the testimony of David C. Headley, who testified against Rana and confessed his own role in the attacks in order to avoid the death penalty and extradition to India. In addition to Rana, Headley also implicated Pakistani intelligence officers in the attacks, exacerbating tensions between India, Pakistan, and the United States.
Fukushima Meltdown Could Be Template for Nuclear Terrorism, Study Says
Christian Science Monitor (06/07/11) Clayton, Mark
A report released Monday by the Belfer Center for Science and International Affairs at Harvard's Kennedy School of Government concluded that the recent disaster at Japan's Fukushima nuclear power plant may prompt terrorists to try attacking nuclear facilities. The report noted that terrorists concluded after the Sept. 11 attacks that it would be too difficult to crash a plane into a nuclear power plant or to sabotage one. However, terrorists could come to the conclusion that what happened after the Fukushima disaster could also happen as the result of a deliberate attack, the report said. Specifically, terrorists could try to damage the support and water-supply systems at a reactor, along with its control and protection systems, to cause a heat explosion, the report noted. Pools of water used to cool spent nuclear fuel rods could be particularly attractive because radiation would be released if water drains from those pools. The report noted that terrorists could accomplish this by cutting the flow of electricity to the pools. Even if terrorists do not disperse radioactive material, their efforts could still result in widespread fear and the shutdown of a reactor, the report noted.
Homeland Security Department Curtails Home-Grown Terror Analysis
Washington Post (06/07/11) Smith, R. Jeffrey
Several current and former officials from the Department of Homeland Security say that the department has taken steps to reduce its intelligence gathering efforts and analysis of domestic extremist groups. For instance, the officials noted that DHS has reduced the number of personnel studying non-Islamic terrorism to just two. In addition, the officials said that DHS has reduced the number of briefings it provides to state and local law enforcement agencies and has delayed the dissemination of nearly 12 reports on extremist groups. The officials noted that the moves followed criticism of a 2009 report that warned that the recession and the election of President Obama could result in an increase in radicalization. Some felt that the report was an attack on groups with conservative beliefs. For its part, DHS said that claims that there are just two people studying non-Islamic terrorism are untrue. DHS also said through a spokesman that the briefings and products that have been released over the past year reflect the growing risk of violence by individual extremists or extremist groups.
Yemen Unrest Complicates Anti-Terrorist Effort
Voice of America News (06/06/11) Thomas, Gary
The continued political unrest in Yemen could seriously complicate counterterrorism efforts there, experts say. President Ali Abdullah Saleh, who had been a key part of the United States' strategy against Yemen-based al-Qaida in the Arabian Peninsula (AQAP), was forced to seek medical treatment in Saudi Arabia after he was wounded in an attack on his compound. Although Saleh has said he is determined to return, it could be very difficult for him to do so. Whether or not he is successful in his efforts, his departure could be a setback for the fight against AQAP, because the United States has already invested so much money in Saleh and his family in order to gain their support. As Kate Nevens, director of the Middle East and North Africa Program at the British think tank Chatham House, points out, "This transition means that Saleh's family lose power, the U.S. will lose their counter-terrorism allies and will have to renegotiate some kind of deal in Yemen. Whether al-Qaida in Yemen will be able to take advantage of this remains to be seen, I think." The situation is further complicated by the number of factions in Yemen who might potentially make a grab for power in Saleh's absence including political, military, and tribal leaders. "We are looking at a fight between elite factions that could go on for some time, where they negotiate between themselves," Nevens says.
Most Malware Tied to 'Pay-Per-Install' Market
Technology Review (06/09/11) Krebs, Brian
Researchers at the University of California, Berkeley and the Madrid Institute for Advanced Studies in Software Development Technologies have found that most personal computers that get infected with malware were targeted by pay-per-install (PPI) services, which charge hacking gangs up to $180 per 1,000 successful installations. Typical installation schemes involve uploading tainted programs to public file-sharing networks, hacking legitimate Web sites to automatically download the files onto visitors' machines, and quietly running the programs on PCs they have already compromised. The researchers developed a map of the distribution of malware and PPI services, and the system classified the collected malware by type of network traffic each sample generated when run on a test system. The researchers found that Europe and the United States were the most common targets. They also found that PPI programs almost always installed bots that engage infected machines using click fraud schemes. "Going into this study, I didn't appreciate that PPI is potentially the number one vector for badness out there," says Berkeley's Vern Paxson. "We have a sense now that botnets potentially are worth millions [of dollars] per year, because they provide a means for miscreants to outsource the global dissemination of their malware."
Experts: Few Cyberattacks Are Cause for Major Retaliation
IDG News Service (06/08/11) Gross, Grant
Most countries' cyberattacks on U.S. networks do not merit commensurate retaliation, according to a panel of national security experts speaking at a cyberwar discussion at the Center for Strategic and International Studies (CSIS). They said that attacks on private companies and even on the U.S. Defense Department (DoD) network happen all the time and are part of a long tradition of international espionage that the United States and other nations have practiced for years. The CSIS panel came just days after DoD's announcement that it was ready to respond offensively to some cyberattacks. Robert Giesler, formerly with DoD's Office of the Secretary of Defense, said that clear indications of displeasure can be sent through cyberspace. Panelists also said that nations may need to negotiate cyberespionage rules of engagement, with Giesler pointing out that part of the problem with retaliation is the difficulty of precisely identifying a cyberattack's point of origin. In regard to attacks on DoD networks by other countries, the panelists said that a U.S. response is necessary, but should be limited. Former DoD official Judith Miller said a response with force is only warranted when an attack causes major damage or kills U.S. residents. Consultant Franklin Miller said an attack that cripples a large portion of the U.S. electric grid or banking system would probably justify significant retaliation.
Survey: Nearly Half of Cloud Services Users Have Had a Breach in the Past Year
DarkReading (06/07/11) Wilson, Tim
Nearly 50 percent of IT executives have reported a security breach or issue with their cloud service provider within the last year, according to a Trend Micro survey of 1,200 decision makers in the United States, Britain, Germany, India, Canada, and Japan. The poll found that just over 10 percent of the respondents currently have cloud computing projects in the works, and close to half are either implementing or piloting new cloud services. "Based on our data, we see about five times more cloud applications coming online in the next few years, yet 43 percent of existing cloud users had a security incident last year," says Trend Micro's Dave Asprey. He also notes that some respondents did not even know they were using the cloud, much less securing it. The survey found that the main obstructions to adopting cloud computing services are anxieties over security of data or cloud infrastructure and the performance and availability of cloud services. Eighty-five percent of respondents said they encrypt cloud-stored data, and more than 50 percent said they would be more likely to consider a cloud provider if encrypted data storage were part of the offering.
Security 'Tokens' Take Hit
Wall Street Journal (06/07/11) Gorman, Siobhan; Tibken, Shara
RSA Security, whose parent company announced in March that its SecurID products had been the target of a sophisticated cyberattack, said June 6 that it would replace millions of SecurID tokens that are currently in use at government agencies and a variety of businesses. The tokens are used to provide additional security for computers and sensitive software systems used by employees. Among the companies that use the tokens is Lockheed Martin. According to RSA Security's parent company, EMC Corp., hackers breached its security systems at Lockheed with the help of data that was stolen from RSA. Art Coviello, the chairman of RSA Security, did not say what happened to the tokens at Lockheed, though he did say that the hackers did not steal any data associated with Lockheed's customers or employees. By replacing nearly all of RSA's SecurID tokens, Coviello said, additional attacks will be prevented. In addition to replacing almost all of its security tokens, RSA will also provide transaction monitoring and other detection capabilities for its customers, especially financial institutions, despite the fact that the attack appears to have targeted defense contractors.
Hackers Attack Nintendo
Wall Street Journal (06/06/11) Osawa, Juro
A server for the Web site of Nintendo's U.S. unit has been hacked, the Japanese video game company said Sunday. However, the security breach did not result in the unauthorized access of information about Nintendo or its customers. The breach may have been perpetrated by the group Lulzsec, which published data on the Internet that it says was a Nintendo server configuration file. After it posted the file online, Lulzsec--which is also believed to have been behind recent attacks on Web sites run by Sony and PBS--said that it was not targeting Nintendo, and that it hoped that the company patched the vulnerability that allowed it to hack the server. Nintendo's announcement that one of its servers had been breached came several days after Sony Pictures Entertainment's Web site was hacked. Customer e-mail addresses and passwords were stolen in that attack, though they came from a site that had not been used for a number of years.
Abstracts Copyright © 2011 Information, Inc. Bethesda, MD |
No comments:
Post a Comment