Search This Blog

Friday, February 24, 2012

Security Management Weekly - February 24, 2012

header

  Learn more! ->   sm professional  

February 24, 2012
 
 
Corporate Security
Sponsored By:
  1. "2 Dead, 1 Wounded in Area Workplace Shootings" Virginia
  2. "Italy, India Clash Over Ocean Shooting"
  3. "Foreign Journalists Killed in Syria"
  4. "Managing Security Risks" Security Risks for Business Travelers and Expatriates
  5. "A New Order" Effects of Rules on Employees

Homeland Security
  1. "Koran Protests Resume in Afghanistan Despite U.S. Apology"
  2. "Jail Riot in Mexico Was Diversion for Escape"
  3. "US Capitol Bomb Plot Arrest Capped Yearlong Probe"
  4. "Bird Flu Research to Be Released Despite Terrorism Fears"
  5. "Scientists Probe Terrorist Talk on 'Dark Web'"

Cyber Security
  1. "Study: Users of Social Networks, Smartphones More Likely to Be Fraud Victims"
  2. "Symantec's pcAnywhere Woes May be Worse Than we Thought"
  3. "Alert on Hacker Power Play" Concern About Potential for Hackers to Attack Electric Power Grid
  4. "Researchers Defeat Video CAPTCHA Antispam Tests" Completely Automated Public Turing Test to Tell Computers and Humans Apart
  5. "IPv6 Networks Face Aggressive Attacks for First Time" Internet Protocol Version 6

   

 
 
 

 


2 Dead, 1 Wounded in Area Workplace Shootings
Richmond Times-Dispatch (VA) (02/23/12) Bowes, Mark; Macenka, Joe; Williams, Reed

Two unrelated workplace shootings in central Virginia left two people dead and one wounded on Wednesday. The first shooting occurred outside a veterans hospital in Richmond. James Stephenson Lee was shot and killed in the parking lot and the alleged gunman, Cornelius Ivan Hayes, was arrested following a highway pursuit. Hayes works as a housekeeper at the VA hospital. In the second incident, an employee at a Wal-Mart distribution center shot and wounded his supervisor before firing on two sheriff's deputies and fatally shooting himself. Authorities have not released motives for either incident. The hospital was not sent into lockdown, because the shooting was not considered to be a random incident. However, the Wal-Mart facility did go into temporary lockdown as did nearby Sutherland Elementary, which is less than three-quarters of a mile from the center.


Italy, India Clash Over Ocean Shooting
Wall Street Journal (02/23/12) Wright, Tom; Stancati, Margherita

Italian and Indian officials are investigating an incident last week involving an Italian-registered oil tanker and an Indian fishing boat. According to Indian authorities, Italian naval officers who were onboard the Enrica Lexie fired on the Indian fishing boat in international waters off India's southwestern coast. The Italian naval officer, who were onboard the Enrica Lexie in order to provide security for the vessel, fired on the fishing boat because they believed it was a pirate ship. Two fishermen were killed. Italian authorities say that the naval officers did not shoot at the fishing boat but instead fired warning shots into the air and the water in order to get it to leave the area. India wants to prosecute the case, while Italian authorities say that it is outside of India's jurisdiction since the incident took place in international waters. The deaths of the fishermen have underscored the risks of increasing the use of weapons onboard commercial ships like in the Enrica Lexie in order to deter pirate attacks. Indeed, the International Maritime Bureau has warned about the possibility of armed guards confusing fishermen for pirates since fishermen act like pirates when they are near other vessels in order to protect their nets.


Foreign Journalists Killed in Syria
Wall Street Journal (02/22/12) Horobin, William; Malas, Nour

The French government has confirmed that two international journalists were killed by artillery shelling in Homs, Syria, on Wednesday. The journalists have been identified as Marie Colvin, an American-born correspondent with The Sunday Times of London, and French war photographer Rémi Ochlik, who had initially been in Syria reporting for Paris Match. Ochlik chose to stay in the country when the French weekly magazine decided to pull one of its staff reporters for safety reasons. Syrian opposition activists say the journalists were killed when government troops shelled a safe-house that had been set up as a media center with satellite uplinks. The group added that seven activists and two other journalists were also seriously injured in the shelling, including Edit Bouvier, a freelance reporter working for French newspaper Le Figaro. The paper says it is currently working with the French foreign ministry to locate Bouvier. At least four journalists have been killed in and around Homs since November 2011, according to the Committee to Protect Journalists. Gilles Jacquier of France 2 was the first foreign journalist killed in the Syrian government's crackdown on the uprising. The government has barred foreign journalists from entering Syria or areas of unrest, but some journalists have managed to sneak into the country and into Homs illegally.


Managing Security Risks
Human Resource Executive (02/08/12) Freedman, Anne

2011 was an "extremely turbulent" year for business travelers, expatriates, and their organizations, notes Iain Donald, vice president and director of Global Risks Analysis for the Americas at Control Risks in the New York area. Donald cites the nuclear disaster in Japan, the Arab spring, the worldwide financial crisis, and increased anti-corporate activism, and calls on organizations to take a fresh look at their security and travel policies and procedures in light of past and future global risks, which are becoming "more complex and interconnected." Such risks require senior management to both increase area-specific awareness of these issues for their expatriates and business travelers, and create effective training, policies, and procedures to ensure their safety. Pablo Weisz, regional security manager at Travel Security Services, says that in creating appropriate "duty of care" policies and procedures, it is important to increase awareness for both expatriates and the managers "responsible for those employees" of security risks in as much specificity as possible -- including specifying higher-risk and lower-risk city areas, if possible. "That's really going to help those on the ground feel that you are actually caring for their well-being because you have that level of detail," he says. Weisz says other best practices are to include all stakeholders in creating crisis-management plans that set out "who is responsible if things would go wrong, so you can quickly activate [the plan] in a crisis situation." All traveling employees should be tracked by the organization -- and they should know that, in high-risk areas, they should only travel during the day and limit their travel except to and from work.


A New Order
The Conference Board Review (02/12) Maitland, Alison

Rules can keep businesses from becoming more flexible and efficient, as the following story illustrates. Drivers for U.K.-based Abel & Cole, an organic-food company, used to be on a delivery scheduled created by a logistics expert, even though there was a more efficient way. The drivers understood where and when the worst traffic patterns occurred but could only make a change after sending a formal request subject to approval by planners. When the company reprogrammed the logistics software so the drivers could determine their own routes and hours, deliveries sped up, with some drivers rising as early as 3 a.m. to avoid bottlenecks and others switching customers to create more efficient routes. The entire delivery system was eventually reorganized, and drivers were more satisfied with their jobs now that they had more autonomy. The company also saved money and delivered more reliable service to customers. This story is recounted in a new book, "The Happy Manifesto," by Henry Stewart, founder and CEO of London-based training company Happy Ltd., which has won numerous awards for customer service and has been cited as one of the United Kingdom's best places to work. The job of a manager is to provide support, coaching, and feedback, not to micro-manage people and second guess them. He champions "pre-approval" -- giving employees clear objectives, training them, giving them all of the relevant information, and then letting them do their jobs, firm in the knowledge that what they do is in the best interests of the business. While Stewart admits this is "scary" at first, he insists that it ultimately has a positive effect on workplace culture. "Pre-approval has a very positive effect on a company culture," Stewart says. "It encourages people to take more ownership and responsibility for their work. It also encourages innovation and creates a culture of looking for solutions." Giving employees the freedom to act and tweak the rules raises some questions: Do organizations need rules at all in the new world of work?; if so, what kind?; and does truly empowering people to do their jobs necessitate getting rid of all the rules? The United Kingdom's Vodafone and Microsoft in the Netherlands both recently moved into new offices that exemplify the way they want to do business. Most employees can work anywhere, which makes the office more of a place to meet and collaborate, and open spaces replace fixed walls and individual cubicles. The top people at both organizations view rules as a necessary way to reinforce the changes and keep working from picking up old bad habits. For example, at Vodafone, no one -- including the CEO -- has more than a filing cabinet drawer for their own personal possessions, and at Microsoft Netherlands, employees are forbidden from staking a claim on an area and then going off to meetings for the rest of the day. Yet there is always a danger that a new set of rules could just replace the old set. The best approach, some say, may be to have some guiding principles and let workers decide for themselves how to put them in action.




Koran Protests Resume in Afghanistan Despite U.S. Apology
New York Times (02/24/12) Rubin, Alissa J.; Sahak, Sharifullah; Sukhanyar, Jawad

More violent protests took place in Afghanistan on Friday as fallout from the accidental burning of several copies of the Koran by coalition troops earlier this week continued. Among the cities in Afghanistan that were the scene of protests on Friday was the capital of Kabul. Demonstrations broke out there after mid-day prayers. Shots could be heard in the area near a large mosque where more than 1,000 people had assembled. In eastern Kabul, a crowd of roughly 4,000 protesters armed with rocks and sticks marched toward the center of the city, throwing stones and forcing at least seven police vehicles to withdraw from the area. Some of the protesters were waving the Taliban's flag while others wore clothing printed with jihadist slogans. The Taliban has been trying to capitalize on the situation, calling on Afghans to attack foreign troops and installations as well as NATO security forces. Meanwhile, six other Afghan provinces saw demonstrations as well, though those protests were peaceful at least at first. Friday's protests took place one day after a man in Afghan Army uniform shot and killed two U.S. soldiers. In addition, seven Afghans were killed and a number of others were injured in clashes with Afghan security forces on Thursday.


Jail Riot in Mexico Was Diversion for Escape
Wall Street Journal (02/21/12) De Cordoba, Jose

Mexican officials said Monday that the riot that took place in a state prison in Monterrey on Feb. 19 was part of an effort to allow drug-gang members to escape from the facility. During the riot, members of the Zetas drug cartel attacked members of the rival Gulf Cartel. More than 40 members of the Gulf Cartel were killed. Although the two gangs had worked together at one point, they have been fighting each other for the last several years over control of drug routes and drug markets in northeastern Mexico. The attack allowed 30 members of the Zetas drug cartel to escape from Apodaca state prison. Prison personnel may have also been complicit in the riots and the escapes. Rodrigo Medina, the governor Mexico's Nuevo Leon state, said that four top prison officials and 18 guards who were on duty at the time of the riot have been fired.


US Capitol Bomb Plot Arrest Capped Yearlong Probe
Associated Press (02/20/12) Tucker, Eric

A FBI sting operation has resulted in the arrest of a 29-year-old Moroccan man who is accused of planning to bomb the U.S. Capitol. Amine El Khalifi, who came to the U.S. from Morocco in 1999 and has been in this country illegally since his visitor visa expired, was arrested in a parking garage near the Capitol on Feb. 17 before allegedly intending to carry out the plot. The FBI first learned about El Khalifi in January 2011, when a confidential informant told the bureau that the Moroccan man had been present at a meeting in which the attendees discussed the need to engage in battle to fight against the U.S.'s "war on Muslims." the informant told the FBI that El Khalifi had agreed on the need for such a battle. By December 2011, El Khalifi had traveled to Baltimore to meet with a man he thought was an al-Qaida associate, as well as one other individual. However, both were undercover FBI agents. El Khalifi allegedly told one of the men that he wanted to attack a military office building in Alexandria, Va. More meetings ensued, and El Khalifi's target changed from the military office building to the U.S. Capitol. The undercover officers gave El Khalifi a non-functioning automatic weapon and an inert suicide bomb vest that he wanted to detonate inside the Capitol. On Feb. 17, the agents drove El Khalifi to the Capitol to carry out the attack but arrested him when he got out of the van. El Khalifi, who is not believed to have ties to al-Qaida, could face life in prison if convicted on the charges against him.


Bird Flu Research to Be Released Despite Terrorism Fears
Sydney Morning Herald (Australia) (02/20/12) Grady, Denise

The World Health Organization (WHO) has announced that the full details will be released on experiments that allowed scientists to make the deadly H5N1 bird flu more easily transmissible between humans. The decision to release more information on the experiments follow a recommendation by the U.S. government that they not be published due to concerns that terrorists could exploit the research to spread the virus. Twenty-two flu and public health experts debated the potential consequences of releasing the unredacted studies in Geneva, concluding that the risk of the virus being used by terrorists was outweighed by the need to study and freely share information on H5N1 and other viruses that could mutate and cause a pandemic. The natural form of the virus does not often affect humans, but the lab-made version of the virus could be transmitted via airborne contact between people.


Scientists Probe Terrorist Talk on 'Dark Web'
Science News (02/19/12) Ehrenberg, Rachel

Researchers working on the Dark Web Project have developed methods for tracking the spread of potentially dangerous ideas through certain rogue and jihadi Web forums. Using a mathematical model known as SIR, which is used by epidemiologists to describe the transmission of disease, the researchers have found that the infection rate for becoming a suicide bomber is two in 10,000, according to University of Arizona researcher Hsinchun Chen. The Dark Web Project, based at the University of Arizona, collects information from blogs, forums, and other Web sites in hidden areas of the Web. Search engines typically explore only what is known as the publicly indexable Web, but the invisible Web, which includes unindexed Web forums, is estimated to contain 500 times as much information as the publicly indexed Web. The analyses of the Dark Web forums suggest that the longer participants are involved in a forum, the more violent their messages become. The collected threads are currently available to researchers through the Dark Web Forum Portal, which contains more than 15 million messages.




Study: Users of Social Networks, Smartphones More Likely to Be Fraud Victims
Dark Reading (02/23/12) Wilson, Tim

Social networking and smartphone users are more likely than members of the general public to be victims of identity fraud, according to a new study by Javelin Strategy & Research. Users of social networking sites such as Facebook and Twitter had the highest incidence of fraud. However, the authors of the report cautioned that they did not find a direct link between use of social networking sites and identity fraud. But the study did note that social networking users are sharing significant amounts of personal information on their profiles that could be used to verify their identities. The study also found that LinkedIn users were the most likely to be victims of fraud, given the fact that these individuals were more likely to accept a friend request from someone they did not know. Meanwhile, smartphone users had a 33 percent higher chance than members of the general public of being victims of identity fraud. The study noted that this is because many smartphone users do not update the operating systems on their phones when a new one is made available or use a password on their home screens. Turning the GPS feature on also raises the risk of identity fraud, the study found.


Symantec's pcAnywhere Woes May be Worse Than we Thought
PC Magazine (02/22/12) Poeter, Damon

The Boston-based vulnerability management and penetration testing company Rapid 7 is warning that hundreds of thousands of computers running Symantec's pcAnywhere software could still be vulnerable to cyber attacks. Rapid 7 recently searched the Internet and found that between 150,000 and 200,000 computers were at risk of being hijacked by hackers because they were running unpatched versions of pcAnywhere. That includes as many as 5,000 systems that were running point-of-sale software used to collect and process credit card information. Symantec issued patches for a variety of versions of pcAnywhere last month following reports that an anonymous entity published the software's 2006 source code online. At the time, security experts said the patch would protect users from possible attacks stemming from the hackers' access to the source code. However, one researcher warned that even patched versions of pcAnywhere could still be vulnerable to attacks.


Alert on Hacker Power Play
Wall Street Journal (02/21/12) Gorman, Siobhan

National Security Agency Director Gen. Keith Alexander has reportedly told attendees at meetings at the White House and elsewhere that he is concerned about the possibility of the hacking group Anonymous attacking the U.S.'s electric grid. Alexander said he believes that Anonymous could be able to carry out a cyberattack that would result in a limited power outage a year or two from now. However, other officials at the White House meeting believed that it would be three to five years before Anonymous was able to carry out an attack that had such a result. They noted that such attacks could take a number of different forms, including a foreign government developing the ability to attack the U.S.'s power grid and giving that capability to Anonymous so that it could carry out the attack. Others said that al-Qaeda could hire hackers to launch a cyberattack. U.S. intelligence officials say they do not believe that Anonymous has the ability to hack into computer systems that run the U.S. electric grid, although they said it would be more likely for the group to attack the electricity system if it did acquire or develop such a capability. The electric power industry has said that it is taking steps to address the potential threat from Anonymous and others, and that it has a number of backup systems in place to ensure the quick restoration of electricity following a cyberattack.


Researchers Defeat Video CAPTCHA Antispam Tests
IDG News Service (02/21/12) Constantin, Lucian

Stanford University researchers have developed DeCAPTCHA, a tool that uses specialized algorithms to defeat image-based Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) implementations, such as NuCAPTCHA, which uses animation techniques to make it harder for spambots to decipher the characters. "The most difficult part of this research turned out not to be breaking NuCAPTCHA, which I've known how to do since December 2010, but rather to come up with the right abstraction to explain why video CAPTCHAs might offer better security than image CAPTCHAs and to synthesize where the extra security comes from," says Stanford's Elie Bursztein. The researchers also want to identify the best methods of improving video CAPTCHA security. Bursztein notes that although animating the individual CAPTCHA letters, as well as adding confusing backgrounds, can be defeated, it is possible to make the isolation of the correct moving object very difficult. This technique, known as track resistance, involves adding decoy objects that have the same properties as the CAPTCHA string to confuse the tracking algorithm. "When successfully implemented, tracking resistance makes video CAPTCHA secure against vision/machine-learning attacks and more secure than standard text-based CAPTCHAs," Bursztein says.


IPv6 Networks Face Aggressive Attacks for First Time
Government Computer News (02/21/12)

Distributed denial-of-service attacks are targeting IPv6 networks for the first time since the Internet protocol rolled out last year, according to an Arbor Networks report. The report found that because organizations increasingly are switching over to IPv6, attackers now view them as lucrative targets worth their attention. Four percent of the network operators surveyed by Arbor Networks reported that a DDoS attack has been initiated against their IPv6 network one or more times in the past year. More than 60 percent of respondents cited weak IPv4/IPv6 features parity as a major security concern pertaining to IPv6, followed closely by the lack of visibility of data. Arbor Networks' Bill Cerveny says many infrastructure solutions do not include the same features and functionality for IPv6 as they do for IPv4, and that the lack of feature parity means that security teams do not have the same tools at their disposal when trying to identify and thwart IPv6-based attacks against targets. More than half of the respondents said they were concerned about the threat of an attacker wielding a DDoS attack, and many security teams responded that they have not had ample training to deal with the "unique vulnerabilities" of IPv6. However, Cerveny concludes that network engineers are now taking IPv6-based threats much more seriously and are steadily gaining in knowledge in how to combat such attacks.


Abstracts Copyright © 2012 Information, Inc. Bethesda, MD


  ASIS also offers a daily and a non-sponsored, special-content Professional Edition of
Security Newsbriefs. Please click to see a sample or to contact us for more information.

Unsubscribe | Change E-mail | Advertising Opportunities | Security Management Online | ASIS Online

No comments: