Security Management Weekly - January 4, 2013

Learn more! ->     January 4, 2013     Corporate Security "Nigeria Emerges as Center for Pirate Attacks" "Newspaper That Put Gun Permit Map Online Hires Armed Guards" White Plains, N.Y. "Report to OSHA: Pa. Clinic Overlooks Worker Safety" Occupational Safety and Health Administration "Dealing With Substance Misuse in the Workplace" U.K. "Details of Proposed Sanctions Emerge in Apple-Samsung Case" Homeland Security "US Officials Taking Al Qaeda Threat to US Ambassador 'Very Seriously'" "U.S. Intelligence Agencies Faulted for Libya Fallout" "Police: NYC Couple Had 'Terrorist Encyclopedia'" "Al Qaeda Reportedly Carving Out its Own 'Country' in Mali" "Times Square Packed With Security for New Year's" Cyber Security "To Thwart Hackers, Firms Salting Their Servers With Fake Data" "New IE Zero-Day Attack Bypasses Key Microsoft Security Measures" Internet Explorer "Android, iPhone Are Top Fraud Targets, Study Finds" "Anonymous: 'Expect Us 2013'" "Global Scans Reveal Internet's Insecurities in 2012"             Nigeria Emerges as Center for Pirate Attacks Wall Street Journal (01/04/13) Hinshaw, Drew Piracy is becoming a growing problem off the coast of Nigeria, one that is beginning to eclipse the piracy problem in the waters off of the Somali coast. Statistics from the International Maritime Bureau show that there were 27 pirate attacks off the Nigerian coast last year, up from 10 in 2011 and 19 in 2010. However, there were likely many more pirate attacks in Nigerian waters that were not reported. At the same time, the number of pirate attacks off the coast of Somalia is dropping. There were 44 such attacks in those waters during the first three quarters of last year, which was down about a third from the same period in 2011. The decline in the number of pirate attacks in Somali waters has been attributed to an offensive against Somali militants that had been launched by African troops. Although the number of pirate attacks off the Somali coast is still higher than the number of incidents off the Nigerian coast, insurers now believe that the risk of piracy is similar in both areas. Despite the growing threat from piracy, the Nigerian government has largely been unable to address the problem, since it views the insurgency by Boko Haram and the theft of thousands of barrels of oil by crime syndicates as higher priorities. Web Link | Return to Headlines Newspaper That Put Gun Permit Map Online Hires Armed Guards New York Times (01/02/13) Goodman, J. David A White Plains, N.Y., newspaper has hired armed private security guards to protect its headquarters and satellite offices after it published an online map last month that showed the names and addresses of gun permit holders in two New York counties. The Journal News published the permit information, which by New York law is a public record that the Journal News legally obtained through a Freedom of Information Act request, in the wake of the Newtown, Conn., massacre last month. An editor at the paper's West Nyack office says that the paper has received "a large amount of negative feedback" about the online map, but a police report on the matter says this feedback has not amounted to actual threats of violence. However, the paper's president and publisher, Janet Hasson, says she is not taking any chances and has hired the guards as a precaution. Web Link | Return to Headlines Report to OSHA: Pa. Clinic Overlooks Worker Safety Associated Press (01/02/13) In a report to the Occupational Safety a Health Administration last year, a Maryland consultant found that poor worker safety protocols at the Western Psychiatric Institute and Clinic in Pittsburgh were partially responsible for a March 8 shooting there that left two dead and five wounded. On that day John Shick, a mentally ill man angry at doctors at another medical facility on the campus of the University of Pittsburgh Medical Center, opened fire in the clinic, killing one healthcare worker and wounding five others before he was shot and killed by campus police. OSHA hired Jane Lipscomb, a professor at the University of Maryland Nursing School, to investigate UPMC's workplace safety policies after the shooting. She alleged in her report that the center's safety policies devalued worker safety in favor of patient safety and a desire not to "stigmatize" mentally ill patients that might become violent. This charge comports with complaints by the union representing workers at the clinic, who have said that worker safety often takes a back seat to patient safety issues. However, OSHA ultimately did not cite the facility for safety violations, instead issuing a letter advising UPMC on steps to take to improve worker safety. Web Link | Return to Headlines Dealing With Substance Misuse in the Workplace HR Magazine (01/13) Carmichael, Mary Britain's Trade Unions Congress recently estimated that between 3 and 5 percent of all workplace absences in the U.K. are the result of alcohol use and misuse, while drug screener Concateno estimates that 1 in 30 U.K. employees have drugs or alcohol in their system while at work. U.K. employers have responded with an array of drug testing and anti-drug policies. The degree of testing, which can range from urine to blood tests, and the disciplinary approaches taken in the case of a positive result can vary widely between industries, with safety-critical organizations being far more rigorous. Concateno laboratory director Dr. Claire George says that, "the introduction of a balanced policy that includes an Employee Assistance Program providing support and education, as well as drug testing, has been proven to reduce the level of substance misuse in the workplace over time." Companies like South West Trains and the law firm Culina Logistics Group have found great success with various combinations of testing and offers of assistance for workers with substance abuse issues. Culina has seen a steady decline in positive results since it adopted workplace cause drug testing in 2008, while South West Trains saw great turnaround when it introduced truly random drug testing in its East Midlands Trains franchise five years ago. Web Link | Return to Headlines Details of Proposed Sanctions Emerge in Apple-Samsung Case CNet (12/29/12) Moyer, Edward The U.S. International Trade Commission on Dec. 28 published a partially redacted copy of Judge Thomas Pender's Oct. 24 ruling in a patent infringement case brought by Apple against Samsung. The lawsuit alleged that a number of Samsung devices infringed Apple design and software patents. Pender sided with Apple on one of the design and three of the software patents. The newly published decision includes Pender's suggested sanctions against Samsung, which include sales and import bans, and a large bond fee. Pender suggests a cease-and-desist order and import ban on the infringing devices, and a bond on sales of the devices consisting of 88 percent of the value of smartphones, 37.6 percent for tablets, and 32.5 percent for all media players. These measures still have to be approved by the ITC's six member commission, which has set Feb. 19 as a tentative date for its final decision in the case. However, Pender included a number of suggested "designarounds" in his ruling which could help Samsung avoid infringement. The case may be complicated by emerging signs that at least one of Apple's touch screen patents could soon be subject to review by the U.S. Patent and Trademark Office. Web Link | Return to Headlines US Officials Taking Al Qaeda Threat to US Ambassador 'Very Seriously' FoxNews.com (01/02/13) Chakraborty, Barnini U.S. intelligence and State Department officials say that they are taking a pair of bounties being offered by al-Qaida in the Arabian Peninsula for a U.S. ambassador or U.S. soldiers very seriously. The bounties on U.S. Ambassador to Yemen Gerald Feierstein and any U.S. soldier in Yemen, worth $160,000 and $23,000 in gold respectively, were announced by the al-Qaida affiliate last weekend. AQAP is one of the most notorious and violent of al-Qaida's many regional affiliate groups and has been involved in the assassinations of numerous Yemeni security and intelligence officials in recent months, after a U.S.-backed campaign by Yemen's military last year drove the group out of several towns and villages they had seized control of in 2011. Just last week two Yemeni intelligence officers were shot down by gunmen on motorcycles in the capital of Sanaa. The State Department is especially concerned over the safety of Ambassador Feierstein in the wake of a scathing congressional report that last week faulted the department for failing to respond to requests for additional security at the diplomatic mission in Benghazi, Libya last year, thus leaving the facility vulnerable to the attack that left Ambassador Christopher Stevens and another State Department employee dead in September. Web Link | Return to Headlines U.S. Intelligence Agencies Faulted for Libya Fallout Associated Press (01/01/13) Margasak, Larry In a report released on Monday, the Senate Homeland Security and Governmental Affairs Committee laid the blame for the confusion and political consternation caused by talking points used by the Obama administration in the wake of the Sept. 11 attack in Benghazi, Libya, at the feet of the U.S. intelligence community. The committee's investigation, which was led by Sens. Joseph Lieberman (I-Conn.) and Susan Collins (R-Maine), found that controversial talking points cited by U.N. Ambassador Susan Rice, which said the attack grew out of spontaneous demonstrations and made no mention of terrorism, had originally characterized the event as a series of "attacks" and had specifically mentioned the involvement of extremists and al-Qaida affiliates. However, the report says the talking points were subsequently changed at the behest of officials in the CIA, the FBI, and the Office of the Director of National Intelligence. Specifically, the references to al-Qaida and mentions of "extremists" were removed from the talking points at the request of the FBI, which believed this information should remain classified. The report found that Obama administration officials only corrected the talking points to say that the target of the attacks had been a U.S. diplomatic mission, not a consulate as was widely reported at the time. Web Link | Return to Headlines Police: NYC Couple Had 'Terrorist Encyclopedia' Associated Press (12/31/12) A New York City couple is facing weapon charges after police executing a search warrant on their upscale Manhattan apartment on Dec. 29 discovered weapons, explosives, and bomb-making instructions. Morgan Gliedman and Aaron Greene were being investigated for possible credit card fraud when police received a tip from another couple who had seen explosives and weapons during a recent visit to Gliedman and Greene's apartment. Police found 7 grams of the high explosive HMTD in the apartment, along with explosive precursor chemicals, a sawed-off shotgun and ammunition, a replica grenade launcher, and instructional documents entitled "The Terrorist Encyclopedia" and "Deadly Homemade Weapons." Police are investigating whether Gliedman and Greene had any specific plans for the explosives or if they are affiliated with any larger terrorist groups. Web Link | Return to Headlines Al Qaeda Reportedly Carving Out its Own 'Country' in Mali Associated Press (12/31/12) The coup that took place in the African nation of Mali in March allowed al-Qaida in the Islamic Maghreb (AQIM) and other Islamic militant groups to gain control over a vast swath of that country. Following the overthrow of the Malian government on March 21, government soldiers allowed rebel groups and their Islamist allies to take control over more than 240,000 square miles of northern Mali, which is an area larger than Texas or France. Now firmly in control of northern Mali, AQIM has begun preparing for military action against it that could take place sometime after September of next year. Those preparations have included the construction of a large network of underground tunnels that are used to store fuel supplies that will help AQIM and its allies ride out the proposed military intervention in northern Mali. The groups are also using their territory in northern Mali to prepare for global jihad, train forces, and stockpile weapons--including weapons pilfered from the regime of former Libyan leader Moammar Gadhafi. Experts say that the size of northern Mali and the inhospitable terrain could make it difficult to force AQIM and its allies out of the region. Web Link | Return to Headlines Times Square Packed With Security for New Year's Associated Press (12/30/12) Hays, Tom Several thousand New York Police Department personnel will join the hundreds of thousands of tourists and revelers crowding Times Square to celebrate the new year. Ever since 9/11 and a failed car bombing of Times Square in 2010, the NYPD has made securing the city's iconic New Year's Eve Ball Drop a priority. This year, as in years past, thousands of extra NYPD personnel will blanket the area around Times Square. These will include teams checking rooftops and subway tunnels, uniformed officers manning vehicle inspection checkpoints and conducting bag searches, and heavily armed counter-terrorism teams. They will also be joined by numerous plain clothes officers, bomb sniffing dogs, and personnel equipped with radiation detectors. The department is partnering with local businesses, especially hotels, to monitor any suspicious activity and is removing mailboxes and sealing manholes for the duration of the New Year's festivities. All these measures are being put into play earlier in the day this year, after the NYPD noticed last year that revelers were making their way to Times Square earlier to hear rehearsals by musical acts performing for the celebration. "We think [Times Square] is the safest place in the world on New Year's Eve," said NYPD Police Commissioner Raymond Kelly, who noted that the department has not received any specific threats against this year's event. Web Link | Return to Headlines To Thwart Hackers, Firms Salting Their Servers With Fake Data Washington Post (01/03/13) Nakashima, Ellen Some companies are increasingly making use of cyber security tactics involving the use of fake data on servers and Web sites meant to ensnare hackers. Sometimes referred to as "honey pots," these fake data can take any number of forms and are generally made to look valuable and can used to track the activity of hackers who take the bait. Columbia University computer science professor Salvatore Stolfo worked with a major U.S. bank two years ago to create a fake bank account whose log in information he then exposed to a widely used piece of malware. Monitoring the fake account, the bank was able to track numerous attempts to shift the money in the account into a real account, the owner of which the bank was able to identify. A Virginia cyber security firm that works closely with the U.S. intelligence community has also made use of honey pot data, in the form of bogus files made to look like information about Chinese military systems, to entice Chinese hackers, many of whose activities and even identities they have since been able to track. Nathan Hosper, the senior IT officer at Brown Printing, who uses honey pot data provided by Mykonos Software, says that such fake data gives IT professionals facing intrusions by hackers, "the ability to take control of the situation." Web Link | Return to Headlines New IE Zero-Day Attack Bypasses Key Microsoft Security Measures DarkReading (01/02/13) Higgins, Kelly Jackson Attackers compromised two prestigious Microsoft security features to launch targeted attacks through a previously undetected flaw in Internet Explorer. Microsoft says the flaw is found in IE6, IE7, and IE8 only, and that attacks were launched through IE8. Security experts believe cyberespionage attackers possibly based in China are behind the attacks, which targeted Web sites of the U.S.-based Council on Foreign Policy, in addition to Capstone Turbine Corp. But experts say a new Metasploit module using the bug makes attacks more likely against numerous targets. The exploits highlight a new variation of the APT attack that uses drive-by Web site or watering hole techniques. With this new attack, hackers compromise Web sites where their potential targets frequent, in hopes of infecting them and gaining entree to their targeted organization. Waterholing works, experts say, because it can gather multiple targets at once, and it may be an alternative to netting users who have become more savvy about about clicking on links or attachments in emails. Microsoft says the bug is a variety of remote code-execution vulnerability because of the way that IE accesses an object in memory that has been deleted or has been improperly allocated. The flaw may corrupt memory in a way that could let an attacker execute arbitrary code in the context of the current user within IE, according to Microsoft's security advisory. As Microsoft prepares a patch for the flaw, it is urging users to install the MSHTML Shim Workaround Fix It to ensure maximum protection. Web Link | Return to Headlines Android, iPhone Are Top Fraud Targets, Study Finds Bank Systems & Technology (01/02/13) Yurcan, Bryan Android and iPhone users who use their devices to conduct mobile transactions are the top targets for fraudsters, according to a new Javelin Strategy & Research report. Javelin says Android is especially susceptible because of its expanding user base and open source platform, but iPhone users also are alluring because their average spending and shopping frequency with smartphones tops that of their Android counterparts. Javelin estimates that Android users spend 38 percent more money shopping via their phone's mobile browser than via mobile apps, spending $2.9 billion through the former and $2.1 billion through the latter. Similarly, iPhone users spend 49 percent more via the browser than via mobile apps. In comparison, users of all other smartphones spend some $1.3 billion through a mobile browser. Javelin notes that mobile browser-enabled shopping is riskier for smartphone owners because browsers have greater vulnerability to dangers such as phishing, Web site spoofing, and man-in-the-mobile attacks than mobile apps. Javelin analyst Al Pascual suggests that businesses and consumers use apps for their mobile purchases to minimize risk. Web Link | Return to Headlines Anonymous: 'Expect Us 2013' CNet (01/01/13) Kerr, Dara The hacking collective Anonymous has released a statement warning of new cyberattacks in 2013. The group also released a video outlining its exploits in 2012, which included successful assaults against the Web sites for the U.S. Department of Justice, the FBI, Universal Music, and the Motion Picture Association of America as well as the Syrian government, the Israeli government, and the Westboro Baptist Church. "The operations which are listed in the video are only examples, there are far more operations," Anonymous wrote in the statement. The group claimed that some of the attacks were still in action, particularly Operation Syria. Despite the claims, cyber security experts say Anonymous' influence may diminish in the coming year. In its report "2013 Threat Predictions," McAfee Labs maintains that the group was on the decline, lacking structure, making false claims, and occasionally hacking without a specific agenda, all of which has diluted its influence. Web Link | Return to Headlines Global Scans Reveal Internet's Insecurities in 2012 Dark Reading (12/28/12) Lemos, Robert There was much discussion among security researchers in 2012 about the rising use of large-scale port scanning by hackers trawling the Internet for vulnerable protocols. Early in 2012 researcher H.D. Moore and Rapid7 CEO Mike Tuchen presented research conducted by Moore, who scanned roughly 3 percent of the Internet for videoconferencing systems using a vulnerable protocol. Moore found about 5,000 systems and estimated that there could be as many as 150,000 such systems cross the entire Internet. A Cambridge University student found similar results when he scanned the SHODAN port scan archive for industrial control systems connecting to the Internet with vulnerable protocols. One documented case of hackers doing the same, with the goal of finding exploitable targets, was the Sality botnet, which researchers last year found had scanned the entire IPv4 address space for vulnerable voice-over-IP servers in February 2011. Moore notes that for the most part, hackers are looking for systems using default configuration passwords and user names, or protocols that are easy to brute force. These protocols include remote desktop protocol (RDP), virtual network computing (VNC), and universal plug-and-play (UPnP). Verizon's Wade Baker says the popular target systems include point of sale and payment processing systems, especially at restaurants and retailers. Web Link | Return to Headlines Abstracts Copyright © 2013 Information, Inc. Bethesda, MD   ASIS also offers a daily and a non-sponsored, special-content Professional Edition of Security Newsbriefs. Please click to see a sample or to contact us for more information. Unsubscribe | Change E-mail | Advertising Opportunities | Security Management Online | ASIS Online