| |
Businesses Reeling After Attacks
Wall Street Journal (04/19/13) Levitz, Jennifer; Dawsey, Joshua
The recent Boston Marathon bombing has had negative financial repercussions for businesses in the area, which saw their customers disappear during what has traditionally been one of the busiest times for eateries and retail stores alike in the city. The marathon has an estimated economic impact of $140 million on the city every year, attracting about 25,000 runners and about half a million spectators. Some 400 businesses located in the five city blocks around the Boylston bombing scene that remained cordoned off April 18 are still forcibly closed, and many businesses outside the crime scene have seen a significant reduction in foot traffic. "This is one of Boston's key retail districts and it's a real economic engine for the entire city," said Sheila Dillon, director of the city's Department of Neighborhood Development. The city, meanwhile, is taking steps to help businesses make it through this tough time, including urging insurers to be responsive to the businesses and identifying private loan sources to help stores remain afloat in the wake of the bombing. Some 100 lawyers in the Boston area are offering pro bono legal help for merchants as well. The Department of Neighborhood Development has in the meantime set up a business-assistance center at a hotel in the city, where merchants can seek information on how to recover from their losses.
Alleged Retail Theft Ringleader Indicted
Cincinnati.com (OH) (04/18/13) Richardson, Rachel
A grand jury in Warren County, Ohio, indicted a man who allegedly acted as the ringleader for a retail theft operation that stole personal care items at Wal-Mart stores in the area and sold them at a local flea market. Police said Jeremy Barrett hired Bonnie Coldiron and Farrah Jones to steal personal care products from the Wal-Mart stores, which he then later resold at a flea market that is allegedly rife with merchants selling pilfered merchandise. Police said they were made aware of the crimes when Warren County sheriff's deputies responded to a theft in progress at a Wal-Mart in Deerfield Township. Store security reported two women shoplifting medications, razors, deodorant, and body spray, but the pair of women allegedly fled in a van when security moved to apprehend them. Police said they later located the van, conducted a traffic stop, and found it to be filled with some $20,000 to $30,000 worth of stolen merchandise. When questioned, Coldiron allegedly told police Barrett had paid her $60 to steal the items and that she had worked for him in the past to support her drug addiction. Barrett faces charges of receiving stolen property, which is a fourth-degree felony, as well as several misdemeanor charges. He faces up to 30 months in prison and a $7,000 fine if convicted.
Fake Goods Rival Drug Profits for Asia's Criminals
Wall Street Journal (04/16/13) Henshaw, Caroline
The U.N.'s Office on Drugs and Crime (UNODC) has released a report indicating that counterfeit products are now as profitable as illegal drug trafficking for criminals in Asia. This inaugural report on the issue by UNODC looked at international organized crime in the Asia-Pacific region. Investigators concluded that the surge in profits from counterfeiting likely stems in the rapid rise of exports from the region. With the estimated $5 trillion in exports in Asia comes about $24.4 billion in counterfeit products and $5 billion in fake pharmaceuticals. Many of those goods can be traced back to China, which is believed to be the point of origin for two-thirds of the world's counterfeit products. Many companies are fighting back-- particularly in the pharmaceutical industry, where counterfeit goods can be dangerous. Harry Waskiewicz, the regional director of global security in the Asia-Pacific region at Pfizer, says that his company's 10-year campaign against counterfeiting estimates that there are 80 million fake doses of its products reaching consumers. Neither companies nor regulators seem to be able to stop the criminal counterfeiters from expanding, and it is often hard for China even to catch the counterfeiters since products may be made in the same factories as the legitimate versions before branding occurs.
Authorities: Burglars Cut Into Calif. Bank Roofs, Steal $6M
Los Angeles Times (04/15/13) Winton, Richard
A crew of five burglars from California's Inland Empire region, who walked away with some $6 million by cutting through the roofs of multiple banks in the San Gabriel Valley over the past year were caught in the act on April 5 and arrested on charges including burglary and grand theft. Undercover detectives arrested Laurentiu Penescu, Lucian Isaia, Alceu Andreis, Dean Andrew Muniz, and Daniel Soto, when the men allegedly cut their way through through the roof of a CitiBank in Diamond Bar. The detectives, who were monitoring the bank, stopped the men before they could leave. "These are not your typical burglars," sheriff's Lt. Kent Wegener said. "They showed some sophistication in their planning and the execution of the actual crime. " The police had been searching for clues and gathering DNA evidence from crime scenes for more than a year before they made the arrest. The police said some of the men had met in jail and prison and had previous criminal records.
Arming Security Officers - an Insurance Perspective
Security Magazine (03/13) Vol. 50, No. 3, P. 28 Brownyard, Tory
Chief security officers and the private security firms they contract with should consider the perspective of insurers and risk managers when deciding whether to use armed security officers. Recent highly publicized mass shootings have led to a call for armed security officers, but chances of an incident occurring are slim and the actual trend in mass killings is on the decline. Insurers often view the risks of using armed officers as outweighing the benefits, considering the introduction of another firearm increases the chances someone will be seriously hurt or killed. Situations like banks and federal buildings warrant an armed officer, but insurers believe a show of force in other venues is counterproductive and they are not looking to expose themselves to that level of risk. In general, it will be more difficult to find coverage for armed security officers and will cost more. And firms that work with high-risk organizations such as power plants will need to provide high-quality training in order to secure affordable and good coverage. From many perspectives, using officers with non-deadly weapons would be safer, less expensive and more effective.
Search for Marathon Bombing Suspect Locks Down Watertown, Surrounding Communities
Boston Globe (04/19/13) Murphy, Shelley; Valencia, Milton J.; Lowery, Wesley; et al.
One suspect in the Boston Marathon bombings is dead and another is the focus of a massive manhunt following a violent confrontation between them and police on Thursday night. The violence began shortly after images of the suspects were released, when Boston police received reports of a convenience store robbery and a carjacking. Police pursued the vehicle, which had been stolen by the Boston Marathon bombing suspects, from Boston to Watertown, Mass. The two suspects opened fire on police and threw grenades, resulting in injuries to a Transit Police officer. One of the suspects was wounded in the firefight and was taken into custody. He later died from his injuries, which included not only gunshot wounds but also injuries that appear to have been caused by an explosive device. An explosive trigger was also found on his body. Police eventually followed the second suspect, Dzhokhar A. Tsarnaev of the Russian region of Chechnya, to Watertown and surrounded a home there. Authorities are also looking for Tsarnaev, who is the brother of the deceased suspect, in Boston and other surrounding communities. Officials have urged residents in Boston and other nearby locales to stay inside and only open their doors for police. Much of the region, including universities and the public transit system, is shut down.
Arrest Made in Ricin Case; Mailings are an Eerie Echo of 2001 Anthrax Attacks
Washington Post (04/18/13) Davis, Aaron C.; Brown, David
The FBI has identified Paul K. Curtis of Corinth, Miss., as a suspect in the mailing of letters to President Obama and Sen. Roger Wicker (R-Miss.) that tested positive for the toxic chemical ricin in preliminary tests. Curtis, who as been arrested, is also believed to have sent a third ricin-laced letter to a Mississippi justice official. The laced-letters were discovered within a few days of the Boston Marathon bombings, though the FBI says it saw no immediate connection between the two cases. While initial tests showed the letters were laced with ricin, the FBI says it is still waiting on final word as to whether the substance was actually ricin. Past tests for the substance have been inaccurate, such as in 2004 when a letter sent to then-Senate Majority Leader Bill Frist (R-Tenn.) was found to be harmless after initially testing positive for the poison. Law enforcement officials said on Wednesday final testing of the substance could take another 24 to 48 hours. Ricin is known to be highly potent and easily made. The substance is left behind in the mashed material of castor beans when they are crushed for oil, and it has been shown in animal tests to cause bleeding in the lungs that can cause suffocation within days of initial exposure.
Boston Marathon Security Stayed at High Level
Boston Globe (04/17/13) Estes, Andrea; Cramer, Maria; Springer, Shira
Security for the Boston Marathon stayed at a high level for this year's event, and in some cases surpassed the amount of security present at the event last year. State and local authorities took extensive measures to protect the runners and spectators along the 26-mile course, including the deployment of air patrols, K-9 units, and more than 1,000 uniformed officers and soldiers. The 864 officers and civilians scheduled to work the day of the race was a 6 percent increase over last year, according to police documents. "We've done as much as we can. Our aim is not to turn this into a police state," said Boston Police Commissioner Edward Davis. "We have to allow commerce to occur. When you sweep an area to make sure there are no explosives, you have to control access to the area. Trying to do that along a 26-mile route is very difficult." Several bomb-sniffing dogs swept the finish line area prior to the explosions, but police said the large crowds made it more difficult for the dogs to detect explosives. In addition, the pressure-cooker devices used in the attack were sealed, meaning they likely contained the smell of gunpowder that would have otherwise been detected by the dogs. Former Boston Police Commissioner Paul Evans said true security could be achieved by getting rid of the crowds of spectators during the race, but he explained that would negate the purpose of the marathon.
FBI Uses 'Tripwires' to Nab Bomb Makers
Wall Street Journal (04/16/13) Barrett, Devlin
The FBI has for years been refining its so-called "tripwire" system for detecting individuals who purchase materials for bomb construction before they are able to make such a device. Under the system, the FBI asks businesses that sell materials that could be used in bomb manufacturing to alert it about any suspicious orders. In the 1990s, suspicious orders entailed items that could be used to make fertilizer bombs, such as those used in the April 1995 bombing attack in Oklahoma City. More recently, the bureau has shifted its sights to chemical bombs. The tripwire system has proven successful on multiple occasions. One such occasion happened in February 2011 when FBI agents followed a tip from a North Carolina chemical-supply company about a man, Khalid Ali-M Aldawsari, who bought $435 worth of potentially-hazardous material. The company shipping the material also tipped off the FBI, saying it was unlikely Aldawsari was using the material for commercial purposes. The agency launched an investigation and found a journal entry by the man where he laid out plans for a terror attack in the United States. He was convicted in June 2012. The tripwire system could be modified in the wake of Monday's bombing at the Boston Marathon as investigators look for ways to improve the system. FBI investigators are currently analyzing bomb blast marks to determine how the bombs were created. They are also conducting thorough searches of discarded bags around the city with the hope of finding an unexploded device, which could help them determine who was behind the bombing.
With Al Qaeda Shattered, U.S. Counter-Terrorism's Future Unclear
Los Angeles Times (04/15/13) Dilanian, Ken
Work by U.S. intelligence agencies, including drone missile strikes and other clandestine operations, has left al-Qaida fragmented and functioning mostly in smaller, autonomous groups. Director of National Intelligence James Clapper said the potential for a large coordinated attack against the United States has declined as the group has been dismantled and forced to operate in a decentralized fashion. Despite this, he said, "lone wolves, domestic extremists, and jihad-inspired affiliated groups are still determined to attack Western interests." Other analysts argue that the splintered groups are focused mostly on perpetrating events in their own countries rather than launching an attack on U.S. soil. Even those that have the desire to launch such an attack do not have the ability, they say. Meanwhile, there is evidence that the Obama administration is adjusting to this new reality. The recent reduction in CIA drone strikes hints at a throttling back in targeted killings by the Obama administration. The Long War Journal, which tracks such attacks, reports there have only been 16 strikes in Pakistan and Yemen this year, compared to 88 over all of last year. The Obama administration has also begun to try more accused terrorists in civilian courts rather than through military tribunals at Guantanamo Bay. "There's clear recognition, from the White House on down, that as we wind down these wars we need to address the hard question of what does a sustainable counter-terrorism policy look like for the next phase," said Shawn Brimley, the National Security Council's former director for strategic planning.
Fueled by Super Botnets, DDoS Attacks Grow Meaner and Ever-More Powerful
Ars Technica (04/17/13) Goodin, Dan
Prolexic reports that the average amount of bandwidth being used to carry out distributed denial-of-service (DDoS) attacks has surged dramatically in the last three months. Prolexic estimates that the average bandwidth used in DDoS attacks was 48.25 Gbps in the first quarter, nearly eight times the average during the same period last year. The duration of the average attack also grew in the first quarter, from 28.5 hours in 2012's first quarter to 34.5 hours this year. Prolexic says it has seen attacks using as much as 160 Gbps and expects to see attacks using up to 200 Gbps by the end of June. This massive surge in attack volume has been blamed on the growing use of super-botnets, which send malicious traffic using infected servers rather than infected personal computers, with hackers targeting servers for common Web applications. The most well-known of these new DDoS attacks have targeted major U.S. banks and been attributed to the militant wing of Hamas, but Prolexic says the manpower, technical skill, organization, and resources required to pull them off suggest they are the work of highly coordinated bands of veteran cybercriminals, likely hiring their services out to third parties.
Microsoft Says Worm Infections Declining, but Web Attacks Rising
eWeek (04/17/13) Lemos, Robert
Microsoft notes in its latest Security Intelligence Report that the number of infections by worms such as Conficker and Autorun has fallen, while infections from Web-based attacks are on the rise. Infections by network worms in the last half of 2012 were down more than one-third compared to the same period in 2011, while Web-based attacks had risen to the point that they account for seven of the top 10 threats faced by corporate users. The report also found that enterprise users were much more likely to experience infections from worms and viruses than consumers, who experience more unwanted software and adware. The report found that unpatched and unprotected systems were on average 5.5 times more likely to be infected, with the highest infection rate found among systems running the original unpatched, non-Service Pack 1 version of Windows 7. Vulnerability reports were down by 8 percent in the second half of 2012, and the report noted that six of the top 10 exploits identified in 2012 were linked to the Blackhole exploit kit. To combat malware infections, Microsoft recommends that enterprises keep their software up to date, make use of anti-malware programs, ensure they do business with vendors that use a strong security development lifecycle, and consider using whitelisting to restrict Internet browsing.
Symantec: Industrial Espionage on the Rise, SMBs a Target
ZDNet (04/16/13) Osborne, Charlie
Symantec's latest Internet Security Threat report indicates that intellectual property (IP) theft is a growing problem for all businesses, with small and medium-sized businesses (SMBs) remaining attractive targets. The report found that the number of cyber attacks in which IP was stolen rose 42 percent in 2012 compared to 2011. Of those attacks, 31 percent were against SMBs with fewer than 250 employees. Many of those attacks used "watering hole" techniques in which a trusted Web site is used to divert users to a site infected with malware. These attacks are so damaging because the infected company may not even realize it has been targeted until it is too late. In fact, 61 percent of malicious Web sites are legitimate sites that have vulnerabilities targeted by hackers. Business, technology, and e-commerce Web sites are the most common targets of such attacks. Manufacturers, meanwhile, remain the most popular victims of IP theft, accounting for 24 percent of targeted attacks. The report noted that hackers choose targets that are part of a supply chain instead of targeting large firms because doing so makes it more likely that they will be able to identify vulnerable third parties.
Digital Certificates Need to Regain Users' Trust
Government Computer News (04/15/13) Jackson, William
The U.S. National Institute of Science and Technology (NIST) has released a draft report outlining new baseline security controls and practices for the secure issuance of digital certificates. The report notes the key to successful use of digital certificates is the trust placed in publicly trusted certificate authorities (CAs) and that this trust has eroded in recent years as the malicious use of stolen and counterfeit certificates has proliferated. Both the Stuxnet and Flame malware exploited compromised certificates, which also have been used in attacks on advocacy groups and thefts from online gaming services. The NIST report says security breaches at CAs resulting from insufficient security controls and weak record keeping have exacerbated the problem, and called on CAs to do better. Some CAs are already taking action, with seven of the largest publicly trusted CAs co-founding the Certificate Authority Security Council to address certificate security issues in February. NIST's new security controls are based on the Federal Public Key Infrastructure Common Policy and the draft is open to comments through June 7.
Microsoft Discovers Trojan That Erases Evidence of Its Existence
Dark Reading (04/15/13) Higgins, Kelly Jackson
Microsoft researchers have uncovered a Trojan downloader that deletes its own component, prohibiting analysis or identification. Microsoft found two components of the Trojan malware comprising the file infector, dubbed Virus:Win32/Nemim.gen!A, which tries to infect executable files in removable drives. The password-stealer, dubbed PWS:Win32/Nemim.A, targets user credentials in email accounts, Windows Messenger/Live Messenger, Gmail Notifier, Google Desktop, and Google Talk. The malware sometimes appears as part of a display graphics driver in order to hide, typically as a file called igfxext.exe, according to Microsoft. "If you're infected with TrojanDownloader:Win32/Nemim.gen!A, we recommend you change all account passwords after you've cleaned your system, as it's likely you've also encountered PWS:Win32/Nemim.A," the password-stealer, says Microsoft's Jonathan San Jose. The malware is unusual in that it itself is the payload, unlike other Trojan downloaders that are used to deliver a separate payload, San Jose notes. He also says analysis might be difficult even when using file recovery tools.
Abstracts Copyright © 2013 Information, Inc. Bethesda, MD |
No comments:
Post a Comment