| |
Nation's Power Grid Vulnerable to Sabotage
Wall Street Journal (03/13/14) Smith, Rebecca
A recent study by the Federal Energy Regulatory Commission (FERC) found that a coordinated series of physical attacks on a small number of electric-transmission substations could have a major impact on the nation's power grid. The study simulated what would happen if a variety of combinations of substations in the nation's three electrical systems--Eastern, Western, and Texas--were taken offline. The FERC found that taking out four substations in the Eastern system, an additional three in the Western system, and two in Texas could result in the entire electric power distribution network going down for weeks or even months, if the attacks were carried out on a very hot day when demand for electricity is high. Experts say that other factors that would affect the number of substations that would need to be taken out to cause a massive power outage include available electricity generation resources. The reason why attackers would only need to take a small number of substations offline to cause a major power outage is because some of these facilities play a disproportionate role in transmitting electricity across large areas. But Energy Department Deputy Secretary David Ortiz, who was briefed on the study, downplayed the threat of a massive power grid failure caused by a physical attack, saying that electric systems have built-in resiliency and that it would be difficult to take a number of facilities offline by attacking them at the same time.
US Sees Lax Security at Japan's Nuclear Sites as Terror Risk
South China Morning Post (Hong Kong) (03/13/14) Ryall, Julian
The Washington-based Centre for Public Integrity (CPI) reported March 11 that nuclear experts and some U.S. government officials have expressed concern about the security of Japan's nuclear facilities. Of particular concern is the Rokkasho reprocessing facility, a plutonium-powered fast-breeder reactor plant which is scheduled to fully open in October. The plant will produce eight tons of plutonium a year, which Japan plans to use to feed its nuclear power plants. Nuclear experts say that this amount of plutonium could be used to build 2,600 nuclear warheads. According to CPI, the Obama administration has been trying to convince the Japanese government that security at Rokkasho needs to be increased, as terrorists might see the plutonium stockpiles it will create as a worthwhile target. CPI said in its report that Japanese officials have spoken against the need to increase security, or even to replace the current security guards - all elderly and unarmed - with younger, more capable, armed guards, claiming the "homogenous, pacifistic nature of their society makes nuclear conspiracies unlikely."
S.C. Arson Suspect Worked at Nuclear Plant
Security InfoWatch (03/12/14) Fretwell, Sammy
Federal records released by the U.S. Nuclear Regulatory Commission (NRC) on March 11 show that South Carolina Electric & Gas (SCE&G) failed to properly screen a contract employee who worked at its V.C. Summer nuclear power plant for several months in 2010 and 2011. The contract employee, a suspected arsonist, had claimed in his employment documents that a criminal charge against him had been resolved when it had not, and SCE&G failed to verify the statement. SCE&G fired the worker in early 2011, and according to spokesman Eric Boomhower, self-reported the problem to the NRC after a co-worker flagged the utility about the employee. NRC spokesman Roger Hannah noted that while the individual in question was not a terrorism suspect, the agency would not be treating the situation lightly in part because the facility was vulnerable to the threat of "radiological sabotage" while the employee worked there. SCE&G has ramped up its training and has conducted a comprehensive evaluation of its access authorization program and implemented extensive corrective actions, which the NRC said addresses the causes that led to the incident.
Employers Can Prevent Workplace Violence by Keeping Dangerous Employees Positively Engaged
News-Medical (03/12/14)
Recent research from University of Texas Arlington professors James Campbell Quick and M. Ann McFadyen indicates that positive engagement and close supervision of potentially dangerous employees can prevent workplace violence. These findings are based on an analysis of FBI reports, case studies, and human resource records, which found that approximately one out of three employees may have a higher risk of workplace aggression, including homicide, suicide, and destruction of property. But the researchers said human resources professionals and supervisors can reduce this risk by identifying high-risk employees and providing them with support and resources. Suggestions for support include social networks to help employees vent any negative feelings as well as providing training on incivility, which the researchers said can be both a trigger and a warning sign for workplace violence. "Incivility toward another includes gossiping, texting in meetings, withholding information, ignoring or simply a general lack of respect or regard for others," McFadyen said. "What is concerning is that incivility is on the rise in the workplace, with the majority of employees reporting that they have been the target of incivility by another." The full results of the study, "No Accident: Health, Wellbeing, Performance - and Danger," can be found in the Journal of Organizational Effectiveness: People and Performance.
Experian Lapse Allowed ID Theft Service Access to 200 Million Consumer Records
Krebs on Security (03/10/14) Krebs, Brian
KrebsOnSecurity detailed last October how a company owned by the U.S. credit bureau Experian sold personal and financial records to a Vietnamese man running an online identity theft service. Brian Krebs decided to look deeper at this incident after the Vietnamese man, Hieu Minh Ngo, plead guilty to running an identity theft service last week. Court records show that Ngo tricked Court Ventures, which was later bought by Experian, into believing he was a private investigator operating out of Singapore. A contractual agreement between Court Ventures and US Info Search gave Ngo direct access to personal and financial data on more than 200 million Americans - information which he made available to his identity theft clients. Ngo reportedly had more than 1,300 customers who used his service between 2007 and February 2013, with an estimated 3.1 million queries on Americans made in the last 18 months of that time frame alone. Krebs commented that his own investigation into Ngo's service suggests that those 3.1 million queries could have exposed as many as 30 million records. It is still unclear whether Experian will be penalized as a result of the incident. Ngo, on the other hand, is facing a lengthy prison sentence when he is sentenced on June 16.
US: Top Domestic Terror Suspect May be in Hawaii
Associated Press (03/13/14) Elias, Paul
After receiving credible intelligence that America's most wanted domestic terrorism suspect, Daniel Andreas San Diego, may be hiding on Hawaii's Big Island, FBI agents from San Francisco traveled to Hawaii in search of the alleged animal rights extremist. San Diego is charged with exploding pipe bombs in front of two San Francisco Bay Area companies, Chiron Corp. and Shaklee Corp., which both had ties to a lab that conducted animal testing. The attacks took place in 2003, which is the same year that FBI agents lost track of San Diego. FBI agents have focused their search in the Big Island's eastern district of Puna and a small town called Pahoa. It is believed that San Diego is looking to join "some sort of cause or movement" there, according to a deli manager in Pahoa was recently interviewed by the FBI. To date the FBI's search for the domestic terrorism suspect has spanned 13 countries, including Argentina, Denmark, Italy, and the United Kingdom.
Leading House Lawmaker Wants NSA Phone-Data Collection to End
Wall Street Journal (03/12/14) Gorman, Siobhan
Rep. Dutch Ruppersberger, the top Democrat on the House Intelligence Committee, has called for the end of the National Security Agency (NSA)'s mass collection of phone records, making him the first of the four senior lawmakers on House and Senate intelligence panels to recommend this course of action. He believes that the program needs to be overhauled now, because he does not believe that Congress will renew the provision of the Patriot Act that authorizes the program when it expires next year. Under Ruppersberger's proposal, which he said would create a "targeted, individualized and closely overseen" program, phone companies would hold the records and would use individual court orders to search them. The court orders would specify the parameters of each records search, including how many steps a search could be taken from the original surveillance target. Each order would be based on a standard of "reasonable suspicion," as would any separate orders requiring phone companies to conduct continuous searches of a phone number against newly created phone records. Ruppersberger's proposed program would not require phone companies to retain data for longer than 18 months, which is the current length of time they must retain call record data. It remains unclear whether Ruppersberger's proposal would have enough support on the House Judiciary Committee to move to a vote before the full House.
Conflict Erupts in Public Rebuke on C.I.A. Inquiry
New York Times (03/12/14) Mazzetti, Mark; Weisman, Jonathan
Senate Intelligence Committee Chairwoman Dianne Feinstein (D-Calif.) on Tuesday publicly accused the CIA of spying on staffers from her panel who were working on a report about the agency's terrorist detention and interrogation program. Feinstein said that the CIA had searched a network drive that Intelligence Committee staffers had used to store their work and communications. In addition, Feinstein said that the CIA removed documents from a computer server used by her staffers on two separate occasions in 2010. Feinstein also claimed that the CIA was attempting to intimidate Intelligence Committee staffers working on a report about the detention program, and that the CIA attempted to hinder the panel's investigation by referring a criminal case to the Justice Department. The CIA, for its part, says that it searched the Intelligence Committee's network drive because it was trying to determine whether the panel's staffers had gained access to an internal agency review of the detention and interrogation program without authorization. Feinstein, however, has denied that claim by saying that the CIA provided her committee with the internal review. CIA Director John O. Brennan has also said there was no broad effort to spy on the Intelligence Committee's investigation into the detention program. Feinstein, who until now has generally been supportive of the CIA, says the outcome of this dispute could have ramifications for the oversight of the nation's intelligence agencies.
CIA Chief: Not Ruling Out Terrorism in Malaysia Airlines Tragedy
ABC News (03/11/14) Ferran, Lee; Meek, James Gordon
CIA Director John Brennan told the Council on Foreign Relations that his agency has not ruled out the idea that terrorism may have played a role in the disappearance of Malaysian Airlines Flight 370 on March 8. Brennan noted, however, that analysts at the National Counterterrorism Center did not pick up any chatter about the flight before its disappearance, and a senior counterterrorism source noted that there has been no chatter about it since the incident. Reports that the transponder on Flight 370 was either disabled or turned off were confirmed by Brennan. There has been widespread speculation that the flight became a target for terrorists, particularly after revelations that two Iranian passengers used stolen passports to board the plane. However, authorities have since downplayed any connection between the two Iranians and militant groups. The CIA is working together with the FBI, Transportation Security Administration, Malaysian police and others to determine what happened.
Missing Plane: Traveler on Stolen Passport Had no Terrorism Ties
Los Angeles Times (03/11/14) Demick, Barbara
Authorities investigating the March 8 disappearance of Malaysia Airlines Flight 370 say that the two men who were traveling on the Kuala Lumpur to Beijing flight with stolen passports do not have ties to terrorism, though terrorism still has not been entirely ruled out as an explanation for what happened to the plane. Malaysian Police Inspector General Khalid Abu Bakar said Tuesday that a 19-year-old Iranian man who was using one of the stolen passports was trying to migrate to Germany, where his mother was. The other man is also believed to be an Iranian was trying to immigrate to Europe. Both men are thought to have been using passports stolen from European tourists in Thailand. The owner of the Thailand travel agency where the tickets were purchased said the men likely chose to fly through Beijing and then on to Europe because that route was the cheapest one available. Meanwhile, investigators are still trying to determine what brought down Flight 370 about an hour after it took off. Abu Bakar said investigators are examining several possible explanations, including a hijacking, sabotage, a mentally-ill crew member or passenger who brought down the plane, or an accident. No debris from the plane's wreckage has yet to be found, despite an extensive search.
Antivirus Software Not So Useless as People Say
eWeek (03/12/14) Lemos, Robert
A new report from research firm NSS Labs claims that antivirus, or rather anti-malware, software continues to be saddled with misconceptions about its capabilities and responsibilities. The report found that users continue to think of anti-malware software as simply using virus signatures to identify and remove known threats from systems, even though modern anti-malware software makes use of a host of capabilities, including firewalls, host intrusion detection, behavioral heuristics, and anomaly detection. NSS's Randy Abrams compares the modern anti-malware software to banks conducting credit checks on potential customers. "If you want a loan at a bank, you have to have a reputation that they call a credit score," he says. Abrams compares the variety of information used to calculate a credit score to the signals, signatures, and other data modern anti-malware software uses to identify possible malware. He points out that anti-malware software often receives most of the blame when a system is compromised because it is the last line of defense. This creates a sense that anti-malware software is uniquely ineffective, even though a recent Mandiant report found that only 24 percent of advanced malware is ever caught by any end-point solution, Abrams notes.
290k+ Users Possibly Affected in North Dakota University Breach
Help Net Security (03/12/14) Zorz, Zeljka
The North Dakota University System (NDUS) says foreign cybercriminals were able to use existing login credentials to break into one of its servers beginning last October and may have been able to access the records of more than 290,000 current and former students as well as about 780 faculty and staff members. The information contained on the breached server, which investigators believe the cybercriminals wanted to use in additional attacks on other computers and systems, included Social Security numbers but not credit or bank account information. Because the criminals had wanted to use the server to carry out other attacks, they may not have even been interested in that information or even realized it was being stored on the server, university officials say. They note that no one's personal information has yet to be used in a fraudulent manner following the discovery of the breach on Feb. 7. NDUS says it has taken several steps to improve cybersecurity following the breach, including using more stringent intrusion-detection measures and creating a data security task force that will draw up additional recommendations.
Next Thing to Worry About: Cybercrime as a Service
Federal Computer Week (03/11/14) Rockwell, Mark
Cybersecurity experts say recent cyberattacks on retailers such as Target should serve as a warning for government agencies. They say one of the reasons why those attacks are so concerning is because they involved the use of cloud-based tools known as cybercrime-as-a-service. These tools give cybercriminals hacking capabilities that are more sophisticated than what many of them could develop on their own. In addition, cybercrime-as-a-service tools can be easily customized for a particular target and redistributed even by those whose knowledge of programming or malware functionality is limited, according to McAfee analysts. McAfee's Patrick Flynn warns that such tools could not only be used to attack retailers, but government agencies as well. He notes agencies that run public-facing sites and/or those that store large amounts of personal information are the most likely targets for cybercriminals using cybercrime-as-a-service tools.
Researchers Attack Secured Internet Activity to Mine Personal Data
CSO Online (03/10/14) Gonsalves, Antone
University of California, Berkeley researchers have found that governments and Internet service providers (ISPs) may be able to track the Web sites someone visits by analyzing HTTPS traffic. The researchers found that an "analysis attack" could show the Web pages a user visits with 89 percent accuracy. This bypass allowed the researchers to collect information on users' medical conditions, sexual orientation, financial status, and marital problems. In order for the attack to work, an attacker would have to visit the same Web sites as the person being targeted so that he could identify patterns in the victim's encrypted traffic. "It would be like if somebody gave you a bicycle but took it apart and wrapped each piece individually," said Brad Miller, the co-author of the study. "It's the same way with a Web page. Because we watch each of the parts be delivered individually, there ends up being so much information which you can observe without decrypting the packets that you can quite likely figure out the exact Web page." However, the researchers also developed a way users can reduce the accuracy of such tracking to 27 percent.
IPv6 Could Open Networks Up to Zero-Day Attacks
Network World (03/10/14) Breeden II, John
A National Institute of Standards and Technology working group recently released a document warning of the potential for cybersecurity vulnerabilities to be introduced during the transition to IPv6, although some experts are downplaying the warning. NIST says one of the risks associated with the switchover from IPv4 to IPv6 is that cybercriminals may have written malware designed to attack networks as soon as the transition to IPv6 is made. Such malware would behave much in the same way as a zero-day exploit does, according to NIST. The report also said the cybersecurity products that have been made available for IPv6 networks might not be as capable of protecting against security threats as similar tools that have been made for IPv4 networks. NIST concluded that federal agencies, which are in the process of transitioning to IPv6, should hold off on that process until adequate security is in place to address these and other issues. But Microsoft's Sean Siler disagrees, saying IPv6 can be introduced now. Siler says Microsoft's efforts to integrate IPv6 functionality in its operating systems means any Windows OS can be installed on an IPv6 network without introducing new security vulnerabilities.
Abstracts Copyright © 2014 Information, Inc. Bethesda, MD |
No comments:
Post a Comment