Search This Blog

Friday, December 28, 2012

Security Management Weekly - December 28, 2012

header

  Learn more! ->   sm professional  

December 28, 2012
 
 
Corporate Security
  1. "U.S. Appeals Court Revives Workplace-Cybertheft Lawsuit"
  2. "Marvell Slammed With $1.2 Billion Patent-Infringement Judgement"
  3. "Nigeria Attacks Pair Piracy, Kidnappings"
  4. "Take Actions to Control Employee Theft"
  5. "Surveillance System Technology Trends"

Homeland Security
  1. "Libya to Retool Security for Diplomats"
  2. "CIA's Global Response Staff Emerging From Shadows After Incidents in Libya and Pakistan"
  3. "New York Gunman Left Note Declaring Plan to Kill People"
  4. "New Pentagon Effort Will Send Army Teams to Africa as Terror Threat Grows"
  5. "Newtown School Shooting Puts the Focus on Safety, Security"

Cyber Security
  1. "Health-Care Sector Vulnerable to Hackers, Researchers Say"
  2. "Ransomware Scammers Push Panic Button With Bogus Claims"
  3. "Stuxnet Attacks Iran Again, Reports Say"
  4. "Chrome 25 Blocks Sneaky Add-Ons"
  5. "Cyberattack: The Silent Nightmare" Cyber Security Initiatives in Michigan

   

 
 
 

 


U.S. Appeals Court Revives Workplace-Cybertheft Lawsuit
Reuters (12/27/12) Stempel, Jonathan

The 2nd U.S. Circuit Court of Appeals in New York on Wednesday ruled that a Denver-based chemical company's lawsuit against a former account manager accused of unauthorized computer access and the misappropriation of trade secrets can proceed, overturning a ruling by a lower court. Wednesday's ruling means that MacDermid Inc. may pursue civil damages claims against former MacDermid Chemicals account manager Jackie Deiter under Connecticut state law, even though she carried out her alleged theft of the company's trade secrets from her home in the Toronto area. Connecticut law is applicable in this case because the trade secrets that Deiter allegedly stole were stored on a server located in the state. The ruling could make it easier to crackdown on computer theft that is carried out remotely, including from locations outside of the U.S. Deiter, who worked for MacDermid Chemicals from May 2008 until she was fired for reasons unrelated to the case in April 2011, stands accused of e-mailing customer data, laboratory reports, and pricing lists taken from the company's server in Connecticut. Deiter has said that she did send the e-mails containing the information and documents in question but said that she did so in the course of her job, not as part of an effort to steal trade secrets.


Marvell Slammed With $1.2 Billion Patent-Infringement Judgement
San Jose Mercury News (12/27/12) Wolverton, Troy

The U.S. District Court for the Western District of Pennsylvania on Wednesday ordered computer chip maker Marvell Technology to pay Carnegie Mellon University $1.17 billion in damages for willfully infringing on its patents. The verdict was rendered after a jury found Marvell guilty of using a Carnegie Mellon technology that allows chips to read data stored on high-speed hard drives more accurately in billions of its own chips for PCs and servers without licensing it from the university. Although the jury ruled that Marvell must pay Carnegie Mellon nearly $1.2 billion in damages, the company could be forced by the judge in the case to pay three times that amount since it was found to be willfully infringing on the university's patents.


Nigeria Attacks Pair Piracy, Kidnappings
allAfrica.com (12/25/12) Hultman, Tami

Kidnappings by Islamist militants and pirates are on the rise in Nigeria, both in the waters off the country's coast and on land. One of the most recent incidents took place on Dec. 23, when an Italian ship located in the Gulf of Guinea was attacked by pirates. Four crewmembers, all of whom are Italian, were kidnapped. That incident took place less than a week after a similar attack on a Belgian ship on Dec. 17 that ended with five Indian sailors being taken hostage. The Nigerian criminal gangs that are carrying out these and other pirate attacks off the coast of Nigeria may be turning to kidnapping because doing so provides them a source of revenue, along with the money that comes from stolen shipments of goods. Meanwhile, kidnappings are on the rise on Nigerian soil as well. Once motivated primarily by money, those who carry out these kidnappings now seem to be motivated by other reasons. One recent example is the recent kidnapping of the French engineer Francis Colump by the Islamic militant group Ansaru. Colump worked for the energy firm Vergnet, which is working with power officials in Nigeria to develop a wind farm. The company's involvement in that project may have provided a motivation for the militants to carry out the kidnapping of Colump.


Take Actions to Control Employee Theft
Tulsa World (12/20/12) Rumley, Scott

The difficult economy and the tough financial straits that many people find themselves in have caused some employees to turn to stealing and defrauding their employers as the answer to their problems. In fact, employee theft is the fastest-growing crime in the U.S., according to statistics from the FBI. Small businesses are particularly vulnerable to employee theft and fraud, with most cases of these crimes taking place at companies with less than 100 employees. However, there are steps that businesses can take to reduce their risk of being victims of theft. For example, businesses should assign two people to the task of writing checks and managing the books, rather than just one person. Another option for reducing the risk of fraud would be to outsource the job of bookkeeping completely. Experts also advise businesses to have employees change jobs every once in a while, preferably without being told in advance that they are being rotated. In addition, internal systems can be partially outsourced in order to detect possible theft without having the offender manipulate the system.


Surveillance System Technology Trends
Security Management (12/01/12) Harowitz, Sherry

The advent of several new technologies has helped address the bandwidth and storage problems that have been traditionally associated with the use of surveillance systems, which in turn has made these systems more affordable. For example, some surveillance systems are using a compression format called H.264 to reduce their bandwidth usage by as much as 90 percent. Reducing bandwidth is important because only a limited amount of bandwidth is sometimes available to send video taken by surveillance cameras back to a monitoring center. Meanwhile, the falling price of SD cards has made it more practical for these storage media to be used in surveillance cameras to store video, which has also helped reduce the need for expensive bandwidth. Software has also been developed to reduce the data load when it is necessary to stream back video to a monitoring center. One such application uses the resolution of the monitor used by the person viewing the video to determine precisely how much data needs to be sent in order to achieve a good picture. This makes it possible to use an existing 4G network to transmit video. Other applications only send 10-second video clips when there is an alert-level event so that a cell phone network can be utilized for video streaming.




Libya to Retool Security for Diplomats
Wall Street Journal (12/27/12) P. A7 Coker, Margaret

Libyan officials have announced plans to create a new security unit to protect diplomats in the country, following criticism over Tripoli's response to the attack on the American consulate in Benghazi on Sept. 11. The new diplomatic security unit will be controlled by the Libyan armed forces and will be commanded by the armed forces chief of staff. The creation of the new diplomatic security unit comes amid a lack of faith in the abilities of existing Libyan security agencies to protect diplomats operating in the country. American and other foreign diplomats in Libya typically rely on Libyan militia units to protect their offices and homes. However, some diplomats say that they lack faith in the militia units, which are loosely tied to the Libyan government, because they are unreliable. U.S. officials share this assessment, saying that the poorly-trained and undisciplined Libyan security forces were partially responsible for the attack on the U.S. consulate. The sense of distrust Libyan security agencies is also being fueled by the inability of these agencies to track down those responsible for the U.S. consulate attack. Libyan security commanders in Benghazi say that the lack of trained Libyan investigators and the inadequate intelligence force in the country mean that it is unlikely that those involved in the attack will ever be found.


CIA's Global Response Staff Emerging From Shadows After Incidents in Libya and Pakistan
Washington Post (12/26/12) Miller, Greg; Tate, Julie

A secret CIA security force that was created in the aftermath of the September 11, 2001 attacks is drawing increased attention following its involvement in a number of incidents in Libya and Pakistan over the last several years. The security force is known as the Global Response Staff (GRS), and is meant to provide undercover protection to CIA officers working in dangerous locations. For example, GRS personnel were on hand the night of Sept. 11 when the U.S. consulate in Benghazi, Libya, came under attack. While GRS has been praised for its role in providing security at the consulate, GRS has also been at the center of a diplomatic crisis between the U.S. and Pakistan. That crisis was sparked when GRS contractor Raymond Davis killed two Pakistani nationals on a busy street in Lahore after the Pakistanis allegedly tried to rob him. That incident resulted in Davis being jailed for weeks. Despite the controversy over the Davis incident, GRS teams have become an important part of the CIA's conventional espionage activities by providing protection for case officers on risky counterterrorism assignments. GRS has also played a role in the expansion of the CIA's paramilitary capabilities over the past decade. Those paramilitary activities have included cooperation on the mission to kill Osama bin Laden and the killing of Islamist militants by armed drones.


New York Gunman Left Note Declaring Plan to Kill People
Reuters (12/25/12) Simpson, Ian

Webster, N.Y., Police Chief Gerald Pickering said Tuesday that authorities have discovered a typewritten note from the man who killed two volunteer fire fighters and injured two others in an ambush on Monday. The note from William Spengler, who deliberately set fire to his home in Webster and shot at the fire fighters who responded to the blaze, said that he planned to burn down his entire suburban Rochester neighborhood and start "killing people." The note did not say why Spengler, who shot and killed himself during a fire fight with police on Monday, wanted to start the fires and ambush fire fighters. However, Pickering said that the Spengler may have been upset about the contributions that his mother made to the local fire department.


New Pentagon Effort Will Send Army Teams to Africa as Terror Threat Grows
Associated Press (12/24/12)

The Pentagon is stepping up its efforts to help African nations combat the threat posed by extremist groups like al-Qaida in the Islamic Maghreb, Boko Haram, and al-Shabab. As part of that effort, teams from the U.S. Army's 2nd Brigade, 1st Infantry Division will be sent to as many as 35 countries in Africa to assist with training and equipping efforts. Among the nations where the teams will be sent are Libya, Algeria, and Niger--all countries where groups linked to al-Qaida have been active. Teams will also be sent to Kenya and Uganda, two countries in East Africa that have been fighting militants from the Somali extremist group al-Shabab. The mission, which also aims to establish a military force to respond to a potential crisis in Africa, is scheduled to begin next spring. The Pentagon's decision to send the teams to Africa comes amid widespread violence by insurgents in North Africa. One of the countries in North Africa that has been affected by this violence is Mali, whose northern region was taken over by militants earlier this year. The creation of the teams also comes as the threat from al-Qaida-allied terrorist organizations in Africa is growing. The attack on the U.S. consulate in Libya in September, for example, is believed to have been carried out by militants with ties to al-Qaida in the Islamic Maghreb.


Newtown School Shooting Puts the Focus on Safety, Security
Business Insurance (12/23/12) Zolkos, Rodd

In the wake of the shooting at Sandy Hook Elementary School in Newtown, Conn., school district officials across the country are reviewing their own safety and security policies with the hope of preventing similar tragedies. Although existing security measures vary depending on the type of school district, experts say there are common elements that all districts should consider to protect students and reduce the risks of school violence. Kevin Wilkes, vice president and security practice leader at Willis North America Inc., says that while no form of security is absolute, schools should stop managing security, and start managing the risk. Wilkes says security plans should all include access control, direct alarms that summon local law enforcement, and the installation of proper surveillance devices. Planning, prevention, and protection are the most important elements of any security plan, he says. Sandy Hook Elementary did have perimeter security, a door buzzer system, and a tested and practiced emergency response plan, but even these measures were not enough to prepare the school for an attack with assault weapons, says Ronald D. Stephens, executive director of the National School Safety Center. He says schools are likely to turn to academy-trained officers on campus in light of the most recent shootings, but Wilkes says that districts will want to conduct due diligence and make risk-based decisions. Any officers hired should be properly trained, and the district must have policies in place regarding the use of force and the types of weapons officers can carry on school grounds, says Wilkes.




Health-Care Sector Vulnerable to Hackers, Researchers Say
Washington Post (12/26/12) O'Harrow Jr., Robert

Cyber security experts say that the information systems used by healthcare organizations are riddled with security vulnerabilities that could leave them open to attack. According to Avi Rubin, a computer scientist and technical director of Johns Hopkins University's Information Security Institute, the healthcare industry is arguably the worst at securing the information systems it uses. These vulnerabilities stem from a number of poor security practices, Rubin said, including the failure to fix known software flaws in older technologies as well as healthcare workers refusing to use even the most basic security measures. At the University of Chicago medical center, for example, new residents were using the same username and password to login to a single Dropbox account so that they could manage patient care through their iPads. Both the username and the password for that account were published in an online manual, which means that hackers who obtained the login information could have broken into the account to upload malicious documents that would have infected the residents' iPads and allowed them to gain control over the hospital's network. Despite the presence of such vulnerabilities, hospitals and other medical facilities have not been targeted by hackers as much as financial, corporate, and military networks. But officials with the Department of Homeland Security and others have noted that this could change as malicious hackers become increasingly tempted to steal the sensitive patient data stored on healthcare systems.


Ransomware Scammers Push Panic Button With Bogus Claims
Computerworld (12/26/12) Keizer, Gregg

Symantec researcher Jeet Morparia issued an advisory on Dec. 24 about a new variant of ransomware called "Trojan.Ransomlock.G," saying that the malware's threat of erasing victims' hard drives is an empty one. Ransomlock, which is also known as Reveton, claims to encrypt victims' hard drives and demands a $300 payment within 48 hours in exchange for unlocking the machine. The malware also claims that it will format victims' hard drives if they attempt to bypass the lockdown feature without making the ransom payment. However, Morparia said that researchers at Symantec have not found any disk wiping capability in Ransomlock's code. Morparia also noted that Symantec researchers were able to remove Ransomlock from an infected machine and unlock the files without any formatting or file deletion taking place. Morparia said that the threats of formatting the victim's hard drive are simply an attempt by the cyber criminals behind Ransomlock to "take advantage of human weakness when under panic and pressure" to extort money from victims.


Stuxnet Attacks Iran Again, Reports Say
CNet (12/25/12) Weinstein, Natalie

Cyber attacks using the Stuxnet worm were reportedly carried out against a number of Iranian targets last fall. Among the targets of the cyber attacks were a power plant and other sites in southern Iran. However, an Iranian news agency reported that the attacks were not successful. Stuxnet, which was originally discovered in June 2010, spreads through USB drives and exploits four previously unknown security vulnerabilities in Windows. The worm was originally designed to shut down centrifuges at Iran's Natanz uranium enrichment plant. Other forms of malware, including Flame, Wiper, and Shamoon, have also been used to target systems in Middle Eastern nations since the discovery of Stuxnet.


Chrome 25 Blocks Sneaky Add-Ons
Computerworld (12/24/12) Keizer, Gregg

Google's Chrome 25 browser includes a feature that protects users from malicious browser add-ons. The feature, which is currently available on the "dev" channel version of Chrome and will be more widely available in late February, will automatically disable browser extensions that are surreptitiously installed by other applications and will prevent extensions that have already been installed by third-party software from running. Malicious browser extensions are sometimes used by cyber criminals to carry out attacks. For example, malicious hackers could create Web sites that automatically install malicious extensions into browsers used by victims. These extensions can track the information victims enter on Web sites and can send that information back to the hackers, who then reuse it for other purposes. However, automatically disabling browser extensions does not protect users from malicious add-ons that users willingly download and install themselves. This was seen recently when a malicious add-on was placed in the Chrome Web store despite the fact that Google analyzes extensions that are uploaded to the store and removes those that are thought to be malware.


Cyberattack: The Silent Nightmare
Stateline.org (12/20/12) Maynard, Melissa

Michigan has partnered with the state police and private companies in a multi-pronged effort to prevent cyberattacks before they take place. Among the initiatives the state is undertaking is the creation of a Cyber Command Center, which will bring state police and cybersecurity professionals in both the private and the public sectors under one roof to share information with one another about cyberthreats. Michigan has been focusing on the sharing of cyberthreat information between the public and private sectors for some time, and the creation of the Cyber Command Center is part of an effort to physically centralize these efforts in one location. Another initiative underway is the Michigan Cyber Range, a public-private partnership that will enable cybersecurity professionals to try their hand at responding to real-world cybersecurity scenarios in a simulated environment. Don Welch, CEO of Cyber Range operator the Merit Network, says the system will provide cybersecurity professionals with the opportunity to learn how to work together as a team and think critically in order to outsmart hackers. Finally, all state government employees will be taking a training course to educate them on how to prevent cyberattacks such as an October data breach in South Carolina. That breach was the result of an employee clicking on an attachment in a phishing email.


Abstracts Copyright © 2012 Information, Inc. Bethesda, MD


  ASIS also offers a daily and a non-sponsored, special-content Professional Edition of
Security Newsbriefs. Please click to see a sample or to contact us for more information.

Unsubscribe | Change E-mail | Advertising Opportunities | Security Management Online | ASIS Online

1 comment:

hamid said...

A premier consulting investigation and crisis management firm specializing in threat management risk assessments and security solutions for the affluent community and major corporations.