| |
Some San Francisco Hospital Security Performed by Low-Level Officers
San Francisco Examiner (11/08/13) Lamb, Jonah Owen
Questions are being raised about the effectiveness of security staff at San Francisco General Hospital following revelations on Wednesday about several breakdowns in the case of Lynne Spalding, a patient who disappeared from her hospital bed on Sept. 21 and was found dead in a nearby stairwell weeks later. Hospital records indicate that civilians called "institutional police officers" (IPOs), who are only required to take an introductory, 40-hour course in law enforcement rather than the highly-technical training that sheriff's deputies participate in, are in charge of handling some of the security duties at the hospital. Though it remains unclear how many IPOs participated in the search for Spalding, the family's lawyer called the possibility that these undertrained individuals could have contributed to the breakdown disturbing. IPOs were members of the existing security staffs at hospitals in San Francisco when the San Francisco Sheriff's Department took over security at city-run hospitals in 2002. IPOs were kept on so they could receive more "comprehensive law enforcement training" and be incorporated into a city law enforcement agency. Currently, 13 IPOs still work for the Sheriff's Department at San Francisco General, Laguna Honda Hospital or one of nine clinics, though their positions will be filled with deputies when they retire or leave their jobs.
Chinese Army's Industrial Espionage Continued Even After Exposure
International Business Times (11/07/13) Jacob, Jijo
The Chinese military continues to support widespread corporate espionage against U.S. companies, according to a report from the US-China Economic and Security Commission, a congressional advisory panel. The report noted that hacking attempts by the Unit 61398 of China's People's Liberation Army appeared to decrease earlier this year following Mandiant's release of a report about alleged attacks by the unit. However, a draft of the commission's report, which will be published in a finalized form next month, said "There are no indications the public exposure of Chinese cyber espionage in technical detail throughout 2013 has led China to change its attitude toward the use of cyber espionage to steal proprietary economic and trade information." Instead, the report maintains that Unit 61398 has simply changed hacking strategies and its infrastructure to make itself harder to track. "From what we can tell, they are still stealing the same type of data from the same industries," the report argued, indicating that cyberattacks are likely to continue unabated, despite their discovery. China is continuing to deny that it is carrying out cyberattacks.
N.J. Mall Gunman Kills Himself, Authorities Say
CBS News (11/05/13)
A gunman fired at least six rounds into an escalator near closing time at Westfield Garden State Plaza Mall in Paramus, N.J., on Nov. 4 before taking his own life, authorities say. One mall employee told reporters that she saw a man carrying a rifle, and another witness tweeted that the shooting occurred by the Nordstrom department store on the second floor. The body of 20-year-old Richard Shoop was subsequently found behind a construction storage area of the shopping center, Bergen County prosecutor John Molinelli reported. A gun, which looks like an AK-47 assault rifle but may be a modified handgun, was found with the body. Shoop did not shoot anyone else, although he had the opportunity to do so, prompting authorities to believe that his motive was to kill himself or to allow himself to be killed by police. According to Molinelli, Shoop's family told police that he had a history of drug abuse. A note was found at Shoop's home, but authorities are not calling it a suicide note and have not disclosed its contents.
Calif. Men Admit Roles in Kan. Cargo Theft Case
Associated Press (11/05/13) Hegeman, Roxana
Two California men on Tuesday admitted to participating in an attempted theft from a Kansas slaughterhouse in 2011. Oganes Nagapetian pleaded guilty to conspiracy to commit interstate shipment fraud, and his brother, Tigran Nagapetian, pleaded guilty to misprision of a felony for lying to Kansas state troopers and hiding his brother's actions. In what prosecutors say is a relatively new type of identity theft, the two men allegedly stole the identity of a Pennsylvania freight hauler to get the contract to pick up $87,500 worth of meat from the Tyson Fresh Meats plant in Holcomb, Kan. According to court documents, the theft was foiled after a suspicious Ohio freight broker found discrepancies in the trucking firm's insurance and called the FBI, which had the impostors under surveillance when they dropped off a refrigerated truck at the Kansas slaughterhouse for loading. The indictment also alleges that someone fitting Oganes Nagapetian's description who was using the same falsified commercial driver's license stole truckloads of almonds, shoes, and electric heaters in three other incidences in California. Oganes Nagapetian was not charged in those other thefts, but U.S. District Judge Monti Belot said he can consider those other losses as "relevant conduct" when determining a sentence.
Shutting Down Retail Theft
Security Management (11/13) Vol. 57, No. 11, P. 52 Anderson, Teresa
The hunting, fishing, and outdoor gear retailer Cabela's has taken a number of steps over the last several years to better tailor its security measures to its needs--steps which have simultaneously saved the company money and have not resulted in degraded security. For example, Cabela's performed an analysis of shrink, key performance indicators, and other factors about five years ago and determined that it needed new and improved security policies in a number of areas, including merchandise tagging. In order to determine which products should be tagged and which ones should not, Cabela's used an equation that compared the cost of a particular product to the cost of the tag and then compared that to the shrink that would occur if it did not tag the product. Cabela's subsequently went from tagging more than 60 percent of clothing items to focusing on items that were easy to resell, those that had a history of theft, and/or those that were expensive. The move did not result in an increase in either theft or shrink, though it did bring down Cabela's merchandise protection costs--including the absorption of shrink--by 40 percent over a one-year period. Cabela's also says that it was able to bring down physical security costs at its stores with no reduction in security over the last two years by developing tailored security plans for stores based on their risk levels.
Pakistan Taliban Warns Government of Revenge Attacks After Leader's Killing
CNN (11/08/13) Mohsin, Saima
Following the death of former Pakistan Taliban leader Hakimullah Mehsud in a U.S. drone strike in northwestern Pakistan, former interim leader Asmatullah Shaheen said Thursday that the group would carry out revenge attacks on Pakistani Prime Minister Nawaz Sharif and his government. Shaheen said that "All areas will come under attack but Punjab will come first," naming the nation's most populous province, which is also Sharif's home province and political stronghold. He placed the blame for Mehsud's death on Sharif and said that the prime minister was turning Pakistan into a U.S. "colony." Shaheen also said that the proposed peace talks with the government are now off the table. Shaheen's threats came the same day that the Pakistan Taliban's Central Shura Council announced the appointment of a new leader, Maulana Fazlullah, a longtime militia commander who may be connected to the assassination attempt on teenage activist Malala Yousafzai last year. Fazlullah, who is well known as a hard-liner who broadcast fiery sermons and hard-line ideology on an extremist radio station, has yet to make a public statement following his appointment as the group's new leader. According to Pakistani forces, Fazlullah is thought to be in Afghanistan and is ordering attacks in Pakistan from there.
C.I.A. is Said to Pay AT&T for Call Data
New York Times (11/07/13) Savage, Charlie
Federal officials say the CIA is paying AT&T more than $10 million a year in order to access the company's vast database of phone records--which includes data on foreign-to-foreign calls that travel over its network as well as some international calls made by Americans--during the course of counterterrorism investigations. This cooperation is part of a voluntary contract between AT&T and the CIA. As the CIA is not allowed to spy on the domestic activities of Americans, privacy safeguards are implemented so that any records of international calls involving a party in the U.S. are protected. The identities of Americans are not disclosed and AT&T "masks" several digits of their phone numbers. Many American companies that operate telephone networks or provide Internet communications services have argued that they have been legally compelled to cooperate with the National Security Agency's surveillance programs, but this agreement between AT&T and the CIA shows that other agencies conduct such surveillance and that sometimes cooperation is voluntary. Phone companies are usually legally forbidden to provide customers' calling records to the government, except when there is an emergency or when a subpoena or court order has been issued. However, lawyers who reviewed the CIA program concluded that AT&T's partial masking of American phone numbers satisfied those restrictions, citing a statutory exception to data privacy laws covering "the acquisition by the United States government of foreign intelligence information from international or foreign communications."
NSA and GCHQ Mass Surveillance is Violation of European Law, Report Finds
Guardian (United Kingdom) (11/07/13) Rettman, Andrew
A report presented at a hearing of the EU parliament on Nov. 7 accused the National Security Agency (NSA), the U.K.'s Government Communications Headquarters (GCHQ), and other European intelligence agencies of breaking European law in carrying out their surveillance programs. The report was presented by Spanish lawyer Sergio Carrera and Francesco Ragazzi, a professor of international relations at The Netherland's Leiden University. They said that NSA and GCHQ surveillance had violated the basic articles of the EU treaty as well as privacy clauses in the EU charter of fundamental values and the European charter of fundamental rights. As a result, they called on the parliament to use "all the powers at their disposal" to put a stop to such programs. For example, they said the parliament could threaten to block an upcoming EU-US free-trade agreement until the NSA and the GCHQ provide more information on their surveillance programs. They could also, Carrera and Ragazzi argued, force EU members states to draft a "professional code for the transnational management of data." In addition, Carrera and Ragazzi called on the European Parliament to create new EU-wide laws to prevent Internet companies from handing over data to intelligence agencies and to protect those who leak information on such privacy breaches, including former NSA contractor Edward Snowden.
LAX Shooting: Latest on Suspect, Victims and Warning That May Have Come Too Late
CNN.com (11/04/13) Simpson, David
Authorities investigating the Nov. 1 shooting at Los Angeles International Airport say that the family members of suspect Paul Ciancia were worried about his behavior and reported those concerns to police, though the warnings came too late to prevent the shooting. Ciancia had reportedly been sending text messages to his family in New Jersey in the days before the shooting, one of which suggested that something bad would happen. The concerns were passed onto Los Angeles Police, who were asked to check on Ciancia at his apartment. However, officers did not arrive at Ciancia's apartment until 45 minutes after he had left for the airport with one of his roommates, who is not believed to have been involved in the shooting. Meanwhile, investigators have found a note that could shed light on Ciancia's motive for allegedly carrying out the shooting, which resulted in the death of one Transportation Security Administration (TSA) officer. That note reportedly said that Ciancia wanted to kill TSA employees to "instill fear into their traitorous minds." Ciancia, who was shot by airport police officers responding to the shooting, is in critical condition and cannot speak to investigators. He has been charged with murdering a federal officer and committing an act of violence in an international airport.
The State of Bioterrorism Surveillance
Security Management (11/13) Vol. 57, No. 11, P. 36 Chapa, Lilly
Although the BioWatch bioterrorism surveillance system was introduced more than a decade ago, there are ongoing concerns about its effectiveness and its impact on local governments. The system consists of sensors in 34 cities that collect air samples in order to detect the presence of pathogens that could be part of a bioterrorist attack. Although there have not been any bioterrorist attacks since BioWatch was introduced, there have been 149 so-called BioWatch Actionable Results (BARs), or cases where the system has detected a pathogen that was later found to be of natural origin. According to RAND analyst Arthur Kellermann, each of these BARs has a devastating impact on the public health funds of the cities where the sensors are installed because they require local officials to take costly precautionary steps in case the alerts turn out to be the result of a bioterrorist attack. Another concern associated with BioWatch is that efforts to develop technology that would allow air samples collected by the sensors to be analyzed without human intervention have been largely unsuccessful. However, Boeing--which works on such technology for the Department of Homeland Security--says that adjustments simply need to be made in order to get the technology to work properly. Kellermann said that despite these and other criticisms of BioWatch, Congress is unlikely to take steps to defund the program because it is afraid of the potential political fallout if there is a subsequent bioterrorist attack.
Microsoft Books Critical IE, Windows Fixes for Next Week
Computerworld (11/07/13) Keizer, Greg
Microsoft has announced that it will release eight critical and important security updates for Windows, Internet Explorer (IE), Office, and Outlook on Nov. 12. Those updates will not, however, address a flaw in Windows Office and the Lync communications platform that was revealed earlier this week. Microsoft is set to release an additional set of updates next month to correct that flaw. Andrew Storms, the director of DevOps at California's CloudPassage, recommends that users make updating IE their biggest priority, since the update for all versions of the browser is deemed critical. Security experts often recommend that IE users quickly patch the browser when updates are released because hackers can exploit critical vulnerabilities in attacks that can redirect the browser to a malicious Web site. The remaining pair of critical updates will patch all versions of Windows that are still being supported, including Windows XP and Windows 8.1. Storm said that the specifics of what will be fixed in the code on those versions remains unclear. Regardless of content, both Storm and other cybersecurity professionals say that the patches should remain a priority for all users.
Microsoft Warns of Office Zero-Day, Active Hacker Exploits
Computerworld (11/05/13) Keizer, Gregg
Microsoft warns that attackers are taking advantage of a critical and unpatched flaw in Office 2007 using malformed documents to hijack Windows PCs, and says Office 2003 and Office 2010 also are vulnerable. The vulnerability can be triggered by a malformed image file viewed on a website or in an email message if one of those versions of Office is installed on the system. Although Microsoft listed only Windows Vista and Windows Server 2008 as vulnerable in its initial advisory, the McAfee security researcher who reported the hole to Microsoft in late October says both Windows XP and Windows 7 also could be exploited through malicious Office files. Microsoft attempted to correct the situation on its Security Research & Defense blog, but did not list every affected Windows-Office combination. According to details described by one systems engineer, anyone running Office 2003 or 2007, regardless of what operating system powers the PC, is susceptible, while only those running Office 2010 on Windows XP or Server 2003 are at risk. Microsoft is urging customers to apply a temporary workaround until a patch is available.
Malware Alert: Is 'BadBIOS' Rootkit Jumping Air Gaps?
InformationWeek (11/05/13) Schwartz, Mathew J.
Security experts are puzzled by reports from security consultant Dragos Ruiu, who says he has discovered a piece of malware capable of relaying data from air-gapped computers using ultrasonic sound. Ruiu claims he first saw signs of the malware, called badBIOS, three years ago, and that curious happenings and odd device behaviors have led him to identify a BIOS rootkit as the culprit. Ruiu says badBIOS can survive reboots and flashing the BIOS, and seems to spread by reprogramming the flash controllers on USB drives and CD drives. Ruiu also says the malware appears to transmit small amounts of encrypted data in the form of ultrasonic signals using internal or external microphones and speakers. Many researchers have balked at Ruiu's description and some have said that such a piece of malware would have to be more advanced than either the Stuxnet or Flame malware. However, Errata Security CEO Robert David Graham points out that everything described by Ruiu is technically feasible, saying "that it's plausible [lends] credence to the idea that Dragos isn't imagining it." Graham says its unlikely that anything definitive will be known about badBIOS anytime soon, though Ruiu will likely present his research at the next CanSecWest conference in March 2014.
NSA's Reported Tampering Could Change How Crypto Standards Are Made
Government Computer News (11/04/13) Jackson, William
The U.S. National Institute of Standards and Technology (NIST) is formally reviewing its cryptographic standards development processes to address a loss of public confidence following reports that the U.S. National Security Agency (NSA) weakened NIST standards. A random number generator included in NIST recommendations for developing cryptographic keys is vulnerable to attacks that can uncover the cryptographic keys, according to documents released by former NSA contractor Edward Snowden. "Our mission is to protect the nation's IT infrastructure and information through strong cryptography," says an NIST statement announcing the review. "We cannot carry out that mission without the trust and assistance of the world's cryptographic experts." NIST is cataloging its development processes' goals and objectives, principles of operation, processes for identifying algorithms for standardization, and methods of review. Public comments will be considered, and an outside organization will assess the process. In addition, NIST will review its existing cryptographic work to ensure that its development is in line with the standards. NIST develops standards in partnership with government and industry, and the agency does not intend to stop working with the NSA, says NIST's Matthew Scholl. "We have worked with the NSA for a long time on many different projects and will continue to do that," he says.
NSA Chief Likely to Be Stripped of Cyber War Powers
The Hill (11/04/13) Sasso, Brendan
Senior military officials are strongly considering removing the National Security Agency director's authority over U.S. Cyber Command. NSA director Gen. Keith Alexander plans to step down in the spring. The Pentagon has already come up with a list of possible civilian candidates for the next NSA director, with a separate military officer leading the Cyber Command. Alternatively, the administration might decide to have two military officers lead the two agencies. Despite his impending departure, Alexander is lobbying policymakers to keep the positions united. "If you try to break them up, what you have is two teams not working together. Our nation can't afford—especially in this budget environment—to have one team try to rebuild what the other team does," Alexander says. However, Cyber Statecraft Initiative director Jason Healy argues that uniting the two commands centralizes too much power in the hands of one general.
Abstracts Copyright © 2013 Information, Inc. Bethesda, MD |
No comments:
Post a Comment