| |
French Journalist Wounded in Syria to Leave Beirut
Associated Press (03/02/12)
Two French journalists who were injured in a rocket attack by Syrian troops on a rebel-held neighborhood of Homs last week have been smuggled out of Syria. One of those journalists, Edith Bouvier, was transported through the Lebanese mountains in a severe snow storm and taken to a hospital in Beirut. Bouvier arrived at the hospital early in the morning on Thursday. In addition to Bouvier, French journalist William Daniels has also been brought out of Syria and into Lebanon. Bouvier is expected to fly back to France on Friday, while Daniels' plans remain unknown. Bouvier and Daniels were among the six journalists who illegally snuck into Syria to report on the continued anti-government uprisings in that country. However, they eventually became trapped in the city of Homs and were caught in a rocket attack launched by Syrian troops. Two other journalists were killed in that attack, while a third was injured.
Jury Convicts 2 in $50M Bank Fraud Conspiracy
Associated Press (02/28/12)
Two people have been convicted by a federal jury for their roles in a $50 million conspiracy to commit bank fraud that authorities say relied on identity theft by employees of some of the largest U.S. banks. Julian Okeayaninneh and Olugbenga Temidago Adeniran were found guilty of multiple counts, and thus far 27 individuals have either pleaded guilty or been convicted in the scheme, which involved bank employees stealing customer identities, then buying and selling them so they could be used to create bogus accounts, apply for loans, and get cash. Victims included American Express, Associated Bank, Bank of America, Capital One, Guaranty Bank, JP Morgan Chase Bank, TCF Bank, U.S. Bank, Wachovia Bank, Washington Mutual, and Wells Fargo.
Employee Theft Costs Retailers More Than Shoplifting, Organized Crime
Dothan Eagle (02/25/12) Sailors, Jimmy
According to the National Retail Security Survey, employee theft accounted for approximately 45 percent of all retail losses in 2010. Shoplifting and organized retail crime, meanwhile, made up 31 percent, administrative error accounted for 14 percent, vendor fraud for 4 percent, and 6 percent was the result of unknown errors. Experts say that employee theft can be tough to fix. “It’s something that’s obviously been going on for a long time and it’s going to keep going on because every time the stores and your retail associations come up with new technology to try and solve it, then you’ve got this one person out there coming up with a way to circumvent it,” said Sgt. Jeff Garrett of the Dothan, Ala., Police Department’s Criminal Investigations Division.
Cracking Down on Crime in the Skies
Wall Street Journal (02/23/12) McCartney, Scott
Federal Aviation Administration (FAA) records indicate that assaults, disruptions, and other incidents aboard airplanes appear to be declining. Airlines filed 127 incidents with the FAA through October 2011, compared to 149 incidents in 2010 and 176 in 2009. In 2004, 330 incidents were reported. Experts say there are several factors that contribute to the drop in incidents. Congress initially stepped up penalties for airplane disruptions in the late 1990s, making non-compliance with crew members a federal crime. Verbal or physical threats or assaults began to carry felony charges, punishable by a maximum of 20 years in prison and a $10,000 fine. Airlines, for their part, instituted zero-tolerance policies and issued flexible handcuffs to crew members to help them restrain unruly passengers. The FAA can also issue fines for incidents that do not pose security threats or merit criminal charges, and airlines can blacklist repeat offenders. Despite these changes, airlines do still have to deny boarding or eject disruptive passengers. Most airlines do not report these statistics, but jetBlue said it denied entry or removed 594 passengers from its aircraft in 2011. Flight attendants say that the most common factors in these incidents are alcohol, drugs, medication, and mental illness, though the stress of travel can also cause some customers to break down. Congress recently approved new requirements for airlines to train flight attendants and gate agents to recognize and diffuse situations with intoxicated and/or belligerent passengers, allowing them to make better decisions about when to deny boarding or stop serving an inebriated passenger.
The Joint Venture and Security's Role
Security Magazine (02/12) Vol. 49, No. 2, P. 30 Knesek, Jill
When a company enters into a joint venture with another firm, chief security officers need to make an assessment of the security risks associated with the new partner and communicate those risks to upper management so that they can make a proper decision. One of the first things that CSOs should look at regardless of what industry they are in is data security, since failing to properly manage data can be a major security risk. For instance, CSOs should examine security policies governing the use of laptops and mobile devices, as well as whether the company is compliant with various regulations. In addition, CSOs should look at whether the partner company allows employees to use their personal devices on its network, since doing so can increase security risks. CSOs should also look at physical security, specifically the physical security policies for the company's offices and data centers. CSOs may want to consider taking a walking tour of the company's building, paying close attention to things such as security video, access controls, and intruder detection. Finally, CSOs need to take steps to avoid territorial disputes between the security teams at the two companies, since such arguments can result in protectionism and paranoia that can in turn cause delays. CSOs should work to foster an open and collaborative environment that encourages ideas and innovations, which can help keep any territorial disputes to a minimum.
Counter-Terrorism: US Special Forces Stationed in India, Reveals Pentagon
Times of India (03/02/12)
Admiral Robert Willard, the commander of U.S. Pacific Command, told lawmakers Thursday that the U.S. has special forces teams stationed in India and a number of other countries in South Asia as part the nation's counterterrorism efforts. Willard noted that the special forces teams, which have also been deployed to Nepal, Bangladesh, Sri Lanka, and Maldives in addition to India, are focused primarily on improving maritime security in the region. Piracy is a significant problem in South Asia, whose waters are used for shipping between Asia and the U.S. to the Middle East and Europe, Willard said. Willard also said that the U.S. is working closely with Indian government agencies to help them deal with the threat from terrorists and insurgents, particularly the Pakistan-based terrorist organization Lashkar-e-Taiba (LeT). LeT is believed to have ties to al-Qaida and was responsible for carrying out the attacks in Mumbai in 2008. In addition, LeT contributes to terrorism in Afghanistan and is working to carry out attacks elsewhere in Asia, as well as in Europe and North America, Willard said. He added that Bangladesh has also been a big help to the U.S. in efforts to combat the threat from LeT.
North Korea Agrees to Halt Nuclear Tests, Missile Launches
Bloomberg (03/01/12) Tiron, Roxana; Gaouette, Nicole
The U.S. and North Korea have reached an agreement that Secretary of State Hillary Clinton called a "modest step" towards getting Pyongyang to abandon its nuclear weapons program. Under the agreement, which was the result of talks between representatives from the U.S. and North Korea in Beijing on Feb. 23 and Feb. 24, Pyongyang will halt nuclear tests and will refrain from launching long-range missiles. In addition, North Korea will stop enriching uranium at its Yongbyon facility and will allow inspectors from the International Atomic Energy Agency (IAEA) to verify that it has done so. The nuclear reactor at Yongbyon and associated facilities will then be disabled. This will also be verified by IAEA inspectors. In exchange for these steps, the U.S. will provide North Korea with several hundred thousand metric tons of food aid. That aid will not be provided to North Korea until distributors are fully operational in order to ensure that the food is not being directed to the communist country's military or elite. Reaction to the agreement has been mixed. Some have said that the accord is a significant diplomatic surprise, while others have said that it does not represent a breakthrough because it is just part of North Korea's long history of alternating confrontations and negotiations with its enemies. Others noted that while the agreement calls for an end to nuclear activities at Yongbyon, it does not apply to work that may be taking place at other unknown facilities.
U.S. Sees Iran Attacks as Likely if Israel Strikes
New York Times (02/29/12) Shanker, Thom; Cooper, Helene; Bronner, Ethan
U.S. officials believe that they have come up with a scenario for how Iran would respond to an Israeli attack on its nuclear facilities. Officials believe that Iran would not likely launch direct attacks on U.S. military targets in the Persian Gulf region in the event Israel decides to launch an attack, since doing so would prompt Washington to retaliate. That in turn would hurt Iran's goal of quickly reconstituting or even accelerating its nuclear program following an Israeli strike. Instead, officials in the Obama administration, the military, and the intelligence community believe that Tehran would be most likely to retaliate by launching anonymous, indirect attacks against the U.S. and other countries that support Israel. Such a strategy could allow Iran to publicly deny any involvement, these officials said. The officials noted that the attacks could come in the form of car bombings against civilian targets in capitals around the world. In addition, Iran could smuggle powerful explosives into Afghanistan so that they could be used to attack coalition troops. Iran could also try to ratchet up tensions in Iraq, Afghanistan, Syria, and Lebanon in order to keep the U.S. occupied, said Vali Nasr, a professor of international politics at Tufts University. Israeli officials, meanwhile, believe that Iran could launch missile strikes against Israeli cities if attacked.
1 Dead, 4 Wounded in Shooting at Ohio School; Student Described as Outcast is Arrested
Associated Press (02/28/12)
One person was killed and four others were injured in a shooting at a high school outside of Cleveland on Monday. Witnesses say that the suspected shooter, a boy named T.J. Lane, targeted a group of students who were sitting together in the cafeteria at Chardon High School at the start of the school day. Lane allegedly opened fire and killed one of the students, Daniel Parmertor, as he was trying to duck under the cafeteria table for safety. School officials do not know why Parmertor was targeted. After the shooter opened fire, some students in the area ran down the school's hallways to escape, while others ran outside to a nearby school. Teachers at the school, meanwhile, locked down their classrooms to protect the students inside until the all-clear came. One teacher chased the gunman outside of the school. The gunman was captured a short distance away by FBI agents. It remains unclear what the motive for the shooting was. Lane was characterized by some students as a loner who had been bullied, while others said that he was a quiet boy who had friends. Lane was a student at Lake Academy, an alternative school for children who have had academic or behavioral difficulties. The investigation into the shooting is continuing.
Secrets of 'Shadow CIA' Revealed
Daily Mail (UK) (02/27/12)
The file sharing site WikiLeaks is planning to publish more than 5 million e-mails that were stolen from the global security analysis form Stratfor by the hacking collective Anonymous earlier this year. Some of the messages, which were either sent or received by roughly 100 Stratfor employees, could reveal the identities of Stratfor's sources or provide information about intelligence gathering efforts. Anonymous said that it wanted to publish the e-mails so that the truth about Stratfor's operations would be exposed to the public. Stratfor has been described by some as being a shadowy version of the CIA. However, Stratfor says that the release of the e-mails is part of an attempt to silence and intimidate it. Stratfor also noted that some of the e-mails that are being published by WikiLeaks were either forged or altered but that it would not provide information as to which messages are authentic and which are not. In addition, Stratfor has said that it will not explain the thinking that went into the messages.
FBI Chief Warns Cyber Crime on Par With Terrorism
Agence France-Presse (03/01/12) Rice, Stephanie
FBI Director Robert Mueller told attendees at the RSA Conference in San Francisco on March 1 that cyber attacks could be the biggest threat to the nation's security at some point in the future, and could even pose as big as a risk as the threat from terrorist attacks. Mueller went on to outline ways that the threat from cyber attacks could be mitigated, including getting law enforcement, intelligence agencies, and the private sector to work together. Such alliances are necessary to protect digital assets because hackers have also formed alliances to carry out cyber attacks, Mueller said. Mueller added that nation states have also been known to carry out cyber attacks in order to steal secret government or business information. One way that private industry could work together with government agencies is to share information about the security breaches they suffer, Mueller said. However, many companies are hesitant to report security breaches because they are afraid that doing so could hurt their reputation. Mueller said that the FBI would try to keep the disruption caused by investigations of cyber attacks to a minimum and would work to protect the privacy of companies that report such attacks.
Cyber Security: Locking Down Your Computers a Safety Essential
County News (02/27/12) Pelgrin, William
County governments face cybersecurity threats from a variety of different sources, including hacktivist groups out to make a political point, disgruntled employees, and other cybercriminals. Successful attacks on a county's IT systems can have serious repercussions, such as citizens being unable to access the county's Web site and the loss of sensitive information belonging to employees or citizens. However, counties can take several steps to protect themselves before they become victims of cyberattacks. One thing that a county can do is to designate someone, such as the county IT director or a third-party consultant, as its go-to person for cybersecurity. Whoever is selected, this person should know how the county is protecting its IT systems and what types of sensitive data are being stored on those systems. This individual also should know how the county plans to respond to a cybersecurity breach, what policies are in place to prevent such a breach, and whether or not employees have been trained to follow those policies. In addition, counties should ensure that their employees are adhering to cybersecurity best practices, including locking down computers when not in use, using strong passwords, and not opening unknown email attachments. Counties that need help protecting against cyberattacks can additionally turn to the Multi-State Information Sharing and Analysis Center, which provides its members with free services such as incident response and cyber alerts.
In Attack on Vatican Web Site, a Glimpse of Hackers' Tactics
New York Times (02/27/12) Perlroth, Nicole; Markoff, John
The computer security firm Imperva is planning to release a report about an attack on a Vatican Web site by the hacking collective Anonymous last summer. Although the report does not mention the Vatican and Imperva refused to reveal who the target of the attack was, sources with knowledge of the investigation say that a Web site for last summer's World Youth Day was the target of the distributed denial-of-service (DDoS) attack. The report provides insight into the tactics used by Anonymous. For example, hackers from Anonymous spent weeks before the attack promoting their plans through Anonymous' Web site and social networking sites such as Twitter and Facebook. The Anonymous Facebook page implored volunteers to download free software that would be used in an attack to disrupt World Youth Day and draw attention to the Catholic Church's sex abuse scandal. After recruiting enough people to launch the attack, a number of skilled hackers who were associated with Anonymous used automated tools to find security weaknesses that they could exploit to hack into the World Youth Day Web site. Finding none, the attackers decided to launch a DDoS attack instead. As many as a thousand people downloaded the free attack software or visited a Web site that allowed them to participate in the DDoS attack by using their smartphones. Hackers from Anonymous said the DDoS attack slowed down the Web site and made it unavailable in a number of countries, though Imperva--which had been hired by the Vatican to block and record the attack--said that the effort was unsuccessful. Imperva said that the attack on the World Youth Day Web site did not succeed because the Vatican invested in infrastructure that helped prevent the site from being hacked or taken down by the unusual amount of traffic directed against it during the DDoS attack.
Cloud's Future Security Depends on Mobile
DarkReading (02/27/12) Lemos, Robert
With more organizations moving parts of their infrastructure to the cloud, a large volume of corporate data will soon be accessible from anywhere in the world. Although great for productivity, this poses a significant security threat, a panel of experts said at the recent Cloud Security Alliance Summit. Speakers at the summit said organizations depend too strongly on password protocols, with one expert calling passwords the Achilles heel of cloud security. Experts suggest instead that smartphones be outfitted with biometric security—such as a fingerprint scanner or facial recognition—that more strongly verifies a user's identity and strengthens the protection surrounding cloud data. Experts also note that mobile devices and cloud security are strongly linked, and there are greater risks that mobile device users will download unauthorized apps that can gain remote access into the company. Fiberlink's David Lingenfelter says companies must adapt and create policies to secure their information before the devices are used to transmit corporate information into the cloud. However, the summit's speakers agreed that the industry is still far from knowing how to turn mobile devices into trusted gatekeepers. Incentives to spur the system-wide adoption of authentication technology by smartphone developers does not yet exist, nor do the software systems needed to manage that process.
Experts Consider Cyberthreats to Power Grid
Cherry Hill Courier Post (02/27/12) Serrano, Ken
While the country has seen its share of power outages caused by downed tree limbs or freak October snowstorms, a cyber-attack could lead to a total loss of power in portions of the country, leaving homes in the dark. Experts say such attacks could leave residents with no running water, no phones, and downed banking, hospital and transportation systems. Former chairman of the Joint Chiefs of Staff Adam. Michael Mullen, who recently retired, said during his tenure that cyber-attacks pose an "existential threat" to the United States. Hackers have caused significant losses for numerous private companies and governmental agencies over the past few years, but experts said damage to critical infrastructure presents a much greater risk. While penetrating the power grid is not something the average hacker can pull off, individuals backed by nation-states could cause significant damage. Experts believe there are about five or six nations able to inflict massive damage to critical infrastructure in cyber-attacks, but that many others are chomping at the bit. Little oversight by the government has left the 85 percent of the country's critical infrastructure in the hands of the private sector, which is also problematic.
Abstracts Copyright © 2012 Information, Inc. Bethesda, MD |
No comments:
Post a Comment