| |
PPL Launches Reward Program to Stop Copper Theft
Allentown Morning Call (PA) (09/13/13) Sullivan, Dan
Pennsylvania's PPL Electric Utilities announced Sept. 12 that it was introducing a rewards program that would pay $1,000 to those who provide it with information leading to the arrest and conviction of any individual stealing copper wire or other materials from its substations. Company spokesman Joe Nixon said that so far in 2013, there have been around 50 incidents of metal theft at company facilities, which has cost the company nearly $500,000 in materials, replacement, and labor costs. The money is not the issue for PPL, according to David Bonenberger, PPL vice president of Distribution Operations. "The worst aspect of the vandalism and theft [...] is that someone could get seriously injured or killed," he said. "Damaging electrical facilities also puts PPL Electric Utility workers, and our contractors, at risk." In addition to the rewards program, PPL has also begun painting its copper wire blue so that the wire can be identified if it is sold, and has strengthened security at its substations. The company has also introduced other methods it has not disclosed to help catch thieves.
Statoil Questions Reliance on Military in Report on Algerian Attack
Wall Street Journal (09/12/13) Hovland, Kjetil Malkenes
Senior leadership for the Norwegian oil company Statoil released the results of an internal investigation on Sept. 12 into the January terrorist attack on the In Amenas gas plant in Algeria. The investigation, which was led by former Norwegian Intelligence Service head Torgen Hagen, found that the companies that operate the facility should have anticipated the attack and placed less trust in the Algerian military, despite the fact the plant is located in an area controlled by Algerian forces. Hagen's report also included a total of 136 recommendations to further improve security for the company, including improvements in both electronic and physical security. Statoil Chief Executive Helge Lund, meanwhile, added that the company should have paid more attention to how effective the Algerian military would have been in preventing a fatal hostage scenario like the one that unfolded at the In Amenas plant. To prevent such an incident in the future, Lund said the company is implementing "a very extensive program to strengthen security" in its operational plants. The company has also been more careful about placing employees in unstable regions, pulling workers out of Egypt and Libya and choosing not to return any staff to In Amenas.
Zynga Settles With Employee Over Alleged Theft of Game Secrets
IDG News Service (09/12/13) Ribeiro, John
The games company Zynga settled a lawsuit filed against a former employee it accused of misappropriating its trade secrets before he went to work for the competing company Kixeye. According to the complaint filed by Zynga last fall, Alan Patmore, who had served as the general manager for the company's CityVille game, copied over 760 Zynga files to his computer that he later transferred to his personal Dropbox cloud storage account before he left the firm. Zynga said that this data "could be used to improve a competitor's internal understanding and know-how of core game mechanics and monetization techniques, its execution and ultimately its market standing." Following the settlement, Patmore said in a statement that he accepted responsibility "for making a serious mistake by copying and taking Zynga confidential information" when he resigned from Zynga. He added that he understood the consequences of his actions and that he "sincerely" apologized to Zynga and his former colleagues. A mutually agreeable settlement was also reached between Zynga and Kixeye in a case involving Patmore, and Zynga has asked that the case be dismissed.
Lessons From Mumbai: How Hotels Have Changed Their Security, Risk Considerations
Wall Street Journal (09/10/13) DiPietro, Ben
The November 2008 attack on Mumbai that included several hotels taught the hotel industry a number of lessons about security. According to Chris Gernentz, the director of safety and security for the Americas for the Carlson Rezidor hotel group, the Mumbai attacks led hotels--particularly those in high-risk areas--to hire more security staff, put in place new security procedures, and form better relationships with local and federal law enforcement. Gernentz reports that his group, for example, has partnered with the Department of Homeland Security to train workers on how to identify suspicious behavior and how to react if they see it. The group has also developed written plans and training programs to prevent and react to potential threats. Despite these changes, Jimmy Chin, a vice president at IPF Hospitality, said the hospitality industry needs to remain abreast of evolving risks and trends. "As the bad guys change their tactics we good guys change our tactics in regard to protecting and response," he explains. One example of these changing trends is the risk of cyberattacks, which usually cannot be spotted until they are already underway. Regardless of the threat, however, Gernentz says that the hotel's biggest concern is to keep staff and guests safe by ensuring they are communicating carefully and effectively.
How to Crack Down on Insider Threats
Wall Street Journal (09/10/13)
Insider theft of intellectual property (IP) is easily preventable, as is accidental information loss, according to Gordon Hannah and Kelly Bissell of Deloitte & Touche's Security & Privacy practice. They call on organizations to develop insider threat mitigation strategies that take into account sensitive company information as well as the policies, technologies, and response procedures designed to protect them. To start, organizations should determine what data requires the most protection and who in the company can access that data. This assessment can then lead to better data security systems that control and monitor access to that information. There are a number of technology solutions that can support these efforts, such as Identity and Access Management (IAM) Systems that prevent unauthorized data access; Compliant Provisioning Systems that help track any security and compliance risks; Data Loss Prevention Systems that stop employees from altering, e-mailing, printing, or downloading certain information; Digital Rights Management (DRM) that monitors employee access to files; Privileged User Management Systems that control and record the activities of even the highest-ranking company officials; and Encryption Solutions that protect systems and mobile devices containing sensitive data. Even with these protections, data theft can still occur, so Bissell recommends managers immediately disable employee access if they have reason to suspect data has been mishandled. Additionally, Hannah explains that companies can determine which insiders might pose higher risks by performing behavior profiling and better background checks.
U.S.-Born Militant Believed Killed by Former Allies in Somalia
Wall Street Journal (09/13/13) Vogt, Heidi
There are reports that an American member of the Somali militant group al-Shabaab was killed by his comrades on Thursday. A Western official who has been briefed on the matter said that there was specific intelligence that indicated that Omar Hammami, an Alabama man who traveled to Somalia in 2006 to join al-Shabaab, was shot and killed along with another individual by gunmen loyal to al-Shabaab leader Mukhtar Abu Zubeyr. Despite the specificity of the intelligence cited by the Western official, a U.S. counterterrorism official said that Washington is trying to gather definitive proof that Hammami has indeed been killed. Hammami's death has been reported several times this year, though each of those reports was eventually found to be not true. If Hammami was in fact killed on Thursday, it would be the latest sign of infighting between members of al-Shabaab. Hammami, who is wanted in the U.S. on charges of providing material support to terrorists, has been distancing himself from al-Shabaab's leadership for at least the past year and has said that he feared for his life. Hammami was shot in the neck by a fellow member of al-Shabaab in April. He subsequently said in a Twitter message that Abu Zabeyr had "gone mad" and that he was "starting a civil war."
Declassified Court Documents Highlight NSA Violations in Data Collection for Surveillance
Washington Post (09/11/13) Nakashima, Ellen; Tate, Julie; Leonnig, Carol
More than a dozen documents related to the National Security Agency's surveillance programs that were declassified Tuesday by the Obama administration indicate that the agency violated privacy rules when accessing a database containing the phone call records of Americans. The violations took place between May 2006 and January 2009, when they were reported to the Foreign Intelligence Surveillance Court (FISC)--the judicial body that oversees the NSA's surveillance programs--by officials at the Justice Department. One of the problems identified by Justice Department officials in their report to the court involved NSA's use of an automated "alert list" on certain phone numbers without meeting the court's requirement that it must have a "reasonable and articulable suspicion" that such numbers have a connection to terrorists. NSA Director Keith Alexander told FISC that the violations were the result of a belief among NSA personnel that not all of the databases were covered by the same privacy rules--an explanation that FISC Judge Reggie Walton said he found difficult to believe. In response to the violations, FISC implemented restrictions on the government's use of the phone records database in March 2009, saying that the government could only query the system when there was an imminent threat to human life. Walton also questioned the usefulness of the phone data collection program, saying that information from the database resulted in just three FBI investigations.
U.S. Pays Growing Attention to Insider Threats
Homeland Security News Wire (09/10/13)
Former National Security Agency (NSA) contractor Edward Snowden has released new classified documents that discuss the growing amount of attention the federal government is giving to insider threats within the nation's intelligence community. One classified budget document released by Snowden noted that background checks on job applicants at intelligence agencies have revealed that al-Qaida, Hezbollah, and Hamas have repeatedly attempted to infiltrate the nation's intelligence community by having sympathizers apply for jobs. According to the CIA, 20 percent of applicants who had questionable backgrounds had "significant terrorist and/or hostile intelligence connections." The exact nature of those connections was not discussed in the documents released by Snowden. In addition, the documents revealed that there have been concerns among officials at NSA about the threat from insiders there. NSA analyzed the keystrokes of its employees and found that some were engaging in suspicious behavior, including downloading several different documents and accessing classified databases that they did not need to access in order to perform their jobs. That analysis prompted NSA to make plans last year to investigate 4,000 people with security clearances. Contractors such as Snowden were excluded from participating in the investigations due to security concerns following his release of classified documents, an NSA spokeswoman said.
Diffuse Terror Groups Said to Be a Threat to U.S.
Wall Street Journal (09/09/13) Barrett, Devlin
The Bipartisan Policy Center's Homeland Security Project and the Soufan Group have released two separate reports warning of the growing threat from extremists in Syria and elsewhere. The report from the Bipartisan Policy Center's Homeland Security Project, which is chaired by the two former heads of the 9/11 Commission, noted that the Syrian al-Qaida affiliate Jabhat al-Nusra could ultimately reorient itself away from fighting the Syrian government and toward attacking Western interests. That threat would become more grave should Jabhat al-Nusra access the Syrian government's cache of chemical weapons and smuggle them out of the country, the report said. The report also addressed the threat from extremists in Middle Eastern countries that experienced revolutions during the Arab Spring, warning that such groups could eventually pose a threat to nations around the world. The Soufan Group's report, meanwhile, included many of the same warnings as the report from the Bipartisan Policy Center. Both reports recommended that steps be taken to prevent jihadist groups from recruiting new members and to counter extremist propaganda, particularly as part of an effort to prevent lone-wolf terrorist attacks. The Soufan Group's report found that the U.S. is behind other countries in taking these steps.
Report: Surveillance Court Ruling Allowed NSA Search of Domestic Email
Associated Press (09/08/13)
According to a report published on Sept. 7 by the Washington Post, Obama administration officials in 2011 were able to get the Foreign Intelligence Surveillance Court to lift the ban preventing the National Security Agency from looking through its databases of intercepted e-mails and phone calls. In addition, the court expanded the amount of time that the NSA could retain the intercepted information from five to six years. The court's ruling means that the NSA is now able "to query the majority" of its communications databases using the e-mail addresses and home numbers of American citizens and legal residents without first obtaining a warrant. These searches are conducted under the Foreign Intelligence Surveillance Act, under which the target of the searches must be foreigner "reasonably believed" to be outside the U.S. Such surveillance must first be approved by the court for a span of one year. There are concerns that warrants for each target are no longer needed, meaning that the available communications could be used without a court determining that there was probable cause.
Santander Cyber Gang Attack Foiled
Belfast Telegraph (Ireland) (09/13/13)
Police in the U.K. have made 12 arrests in relation to a failed plot by a cyber gang to steal millions of pounds by taking remote control of a computer at a Santander bank branch in London. Posing as a third-party engineer to gain access, one of the plotters tried to fit the computer with a "keyboard video mouse" device that allowed the cyber gang to transmit the contents of the computer's desktop. According to the Spanish bank, the gang was unable to steal any money, despite managing to take control of all the computers in the branch. According to Detective Inspector Mark Raymond of Scotland Yard's Police Central e-crime Unit, the attack was sophisticated, and "could have led to the loss of a very large amount of money from the bank." A spokesman for Santander said that no money was ever at risk as a result of the security breach and no Santander staff members were involved in the attempted fraud.
Vodafone Hacker Accesses 2 Million Customers’ Banking Data
Bloomberg (09/12/13) Weiss, Richard
Vodafone announced that it detected a hack into one of its servers in Germany at the beginning of September, and said that it was able to stop the attack and report it to police. According to Vodafone spokesman Kuzey Esener, the attack was carried out by a person with insider knowledge who stole data including the names, addresses, birth dates, and bank account information of 2 million customers. He added that the hacker had no access to credit-card information, passwords, PIN numbers or mobile-phone numbers. Esener said that impacted clients will be notified by mail, and can also check to see if they were impacted on Vodafone’s German Web site. Vodafone also plans to warn clients about the possibility that they will face phishing attacks following the hack. Vodafone says that only clients in Germany were impacted by the incident. Esener noted that authorities have identified a suspect, but offered no indication as to whether the suspect was a company employee or an outsider.
Cyberweapons Likely to Be an Integral Part of Any U.S.-Syria Clash
Homeland Security News Wire (09/11/13)
Any clash between the United States and Syria will likely see cyberattacks used by both sides, as the U.S. would likely use cyberattacks to try to blind Syria's air defense systems and paralyze other targets, while Syria would likely respond by launching cyberattacks against U.S. infrastructure and prominent targets such as government Web sites. Experts say that the cyber attack capabilities currently demonstrated by Syria, and the Syrian Electronic Army, do not seem to pose a threat to the United States. But by appealing to anti-American hacktivists worldwide, Syria would be able to greatly enhance its limited capabilities, and could increase the amount of damage it was capable of inflicting. Meanwhile, experts say that the chances of an Iranian cyberattack launched against the U.S. in retaliation for military action against its ally Syria are not high, given that the new Iranian president seems to be open to reconciliation with the West. Some say that a cyberattack is not the best choice of weaponry against Syria, as many cyberweapons become worthless after the first use because the entity being attacked may be able to develop better defenses. However, other experts support the use of cyberweapons, since the use of such weapons is generally non-lethal.
Firefox OS Likely to Face HTML5, Boot-to-Gecko Process Attacks
IDG News Service (09/11/13) Kirk, Jeremy
Trend Micro expects the Firefox OS to see HTML5-related attacks and assaults on a crucial operating system process. Mozilla's Firefox OS is geared toward high-performance, low-cost phones running applications using the HTML5 Web programming language, and some mobile phone operators are already shipping devices with the OS. Firefox OS borrows much from the Firefox Web browser and Gecko application framework, which is used to render Web pages and display applications. Trend Micro pointed out potential areas of Firefox OS for hackers to exploit. For example, the platform underpinning Firefox OS, called Boot to Gecko (B2G), borrows 95 percent of its code from the mobile browser and Gecko. B2G contains a process within the OS that prevents unauthorized requests by applications that have permission to run. Trend Micro researchers say some applications can request additional permissions, but those requests must be verified and signed by an application store. The B2G process has high privileges and vets those requests, and Mozilla acknowledges this process as a possible attack vector.
Are PHP SuperGlobal Parameters Really That Big a Deal?
Dark Reading (09/11/13) Chickowski, Ericka
New research from Imperva exploring the potential risk for attacks through vulnerable PHP SuperGlobal parameters recommends that organizations running PHP servers reject the use of these variables in application requests. The report chronicled the attack methods that Imperva researchers observed throughout a sample of 24 applications containing attack vectors related to SuperGlobal variables, noting that they spotted 144 related attacks per application within a month, with some attacks lasting a full five months. The report specifically showed how attackers are frequently able to chain together multiple low-impact vulnerabilities related to SuperGlobal in order to achieve variable manipulation, security filter evasion, and arbitrary code execution. Imperva's Tal Be'ery says enterprises need to defend themselves even against what appears to be a small vulnerability because when it is combined with other smaller vulnerabilities, together they can turn into a risky exploit. However, some security experts are taking issue with Be'ery and Imperva's stance against SuperGlobal, instead calling on organizations to update their PHP.
Abstracts Copyright © 2013 Information, Inc. Bethesda, MD |
No comments:
Post a Comment