Search This Blog

Friday, May 16, 2014

Security Management Weekly - May 16, 2014

header

  Learn more! ->   sm professional  

May 16, 2014
 
 
Corporate Security
Sponsored By:
  1. "Bill Calls for Dry Storage of Spent Nuke Reactor Fuel Rods"
  2. "Riots in Vietnam Leave 1 Chinese Dead, 90 Injured"
  3. "Man in Custody After Vehicle Crashes Into TV Station in Towson" Maryland
  4. "Utilities Approve New Rules for Grid Security"
  5. "Physical Security Market for Data Centers to Grow Rapidly"

Homeland Security
  1. "Vacationers Evacuated From Kenya After Warnings of 'High Threat' of Terrorism"
  2. "EMP Attack on US Would Be ‘Catastrophic,’ Congress Told" Electromagnetic Pulse
  3. "Nigerian Militant Makes a Name for Himself Through Terror"
  4. "Greenwald: NSA Plants ‘Backdoors’ in Foreign-Bound Routers"
  5. "New York Police Recruit Muslims to be Informers"

Cyber Security
  1. "Top U.S. Retailers to Share Data in Fight on Cybercrime"
  2. "Average Enterprise Generates 10,000 Security Events Daily"
  3. "POS Malware Advances, Outpacing Defenders' Efforts"
  4. "Facebook Experiment Helps Battle Man-in-the-Middle Attacks"
  5. "New NIST Guidance: Don't Make Security an Afterthought" National Institute of Standards and Technology

   

 
 
 

 


Bill Calls for Dry Storage of Spent Nuke Reactor Fuel Rods
Cape Cod Times (05/15/14) Legere, Christine

U.S. Senator Edward Markey (Mass.) along with Sens. Barbara Boxer (California) and Bernie Sanders (Vermont) have filed three bills intended to improve safety and security at nuclear reactors. The Dry Cask Storage Act of 2014 would require reactor operators, within 180 days of the bill's enactment, to submit plans for moving spent fuel rods from wet pools to dry casks. Dry casks are considered the safer storage method. Furthermore, nuclear plant operators would have seven years to get the fuel rods moved into the dry casks. Finally, the bill would provide funding to implement the switch and any plant that doesn't comply will have the emergency planning zone around its facility increased to 50 miles. A separate bill, known as the Safe and Secure Decommissioning Act of 2014, would ban the Nuclear Regulatory Commission from permitting exemptions from its emergency response and security efforts at decommissioned reactors, until all fuel rods have been moved into dry casks. The final bill, the Nuclear Plant Decommissioning Act of 2014, would permit states and communities to participate in the crafting of decommissioning plans for nuclear reactors in their areas.


Riots in Vietnam Leave 1 Chinese Dead, 90 Injured
Associated Press (05/15/14)

A mob of 1,000 people attacked a Taiwanese steel mill in Ha Tinh, Vietnam, Wednesday night and Thursday morning, killing at least one Chinese worker and injuring 90. The attack was part of a series of anti-China protests in Vietnam that followed China's decision to put an oil rig in a disputed area of the South China Sea on May 1. Most of the protesters' displeasure has been directed at Taiwanese companies that employ large numbers of Chinese nationals. A number of foreign-owned factories in southern Vietnam were also targeted earlier this week, including some that were Taiwanese or South Korean run. In this most recent incident, at the Formosa Plastics Group Mill, rioters lit fires and hunted Chinese workers. Observers warn that continued violence could have a significant effect on companies operating in Vietnam. Willy Lin, who heads a Hong Kong trade group representing knitwear manufacturers and exporters, said the continuation and spread of violence could make it difficult for exporters to deliver their products.


Man in Custody After Vehicle Crashes Into TV Station in Towson
Baltimore Sun (05/14/14) Knezevich, Alison; George, Justin

Police in Baltimore County, Md., arrested Vladimir M. Baptiste after he allegedly stole a landscaping truck and crashed it into the offices of WMAR-TV in Towson on May 13. Baptiste parked in front of the station shortly before noon and shook the doors, but security guards refused to let him enter. Police say that Baptiste then drove the truck through WMAR's front entrance and barricaded himself inside the building for several hours until police found him armed with a golf club and watching news coverage of the incident. No one was injured in the incident, as nearly all employees were safely escorted from the building after the crash. The only exception was a worker who was found hiding safely in the basement. No motive was released, but police say that Baptiste claimed to be God and that he likely suffers from mental illness. Baptiste has been charged with first-degree assault, burglary, and malicious destruction of property.


Utilities Approve New Rules for Grid Security
Wall Street Journal (05/13/14) Smith, Rebecca

New rules designed to help protect the electric grid from physical attacks were unanimously approved by the North American Electric Reliability Corp. (NERC) on Tuesday and will be sent to the Federal Electric Regulatory Commission (FERC). Under the proposed rules, utilities that operate vital substations will be required to develop physical security plans for detecting and fending off attacks. Critics have said the measures will be ineffective at improving the physical security of the nation's electric grid due to their vague language and the fact that they require security to be upgraded at only a few dozen of the country's 55,000 electric substations. Additionally, critics have panned the fact that the rules allow utilities to act as third-party reviewers for other utilities' security plans. The NERC was ordered by regulators to develop new security measures in March following media coverage of the sabotage attack on a transmission substation in California in 2013. The rules could be made mandatory by the FERC.


Physical Security Market for Data Centers to Grow Rapidly
Security Director News (05/12/14) Kothe, Leif

A new report from the market analysis company TechNavio Research predicts that the global data center physical security market will experience a compound annual growth rate of more than 22 percent between 2014 and 2018. The report added that the value of the North American market is expected to grow to $3.4 billion during that time period. This growth is being driven in part by the recent proliferation of large-scale data centers. Enterprises and data-service providers have begun placing increased focus on including security equipment and services into their data centers, including enclosed infrastructures, bomb-resistant concrete walls, and laminated glass structures. Further, the report noted that research and development efforts are working to develop new designs for data center facilities. Data centers are also increasingly investing in biometric devices, identity authentication systems, and alarms to improve physical security.




Vacationers Evacuated From Kenya After Warnings of 'High Threat' of Terrorism
CNN (05/16/14) Karimi, Faith; Lindsay, Isaac

The tour companies First Choice and Thomson Airways have canceled vacations and evacuated a number of foreigners from Kenya following several international travel warnings regarding a "high threat" of terrorist attacks in the coastal area of Mombasa. The companies already evacuated 200 tourists to London, and expect to have all 400 vacationers out by the night of May 16. They also canceled trips to the coastal area of Mombasa until the end of October. The travel warnings that triggered these decisions came from the U.K., the U.S., and Australia. "There is a high threat from terrorism, including kidnapping ... from extremists linked to al-Shabaab," which has carried out attacks in response to Kenya's military intervention in Somalia, the U.K. alert said. The U.S., meanwhile, has warned about the potential for terrorist attacks in the Kenyan cities of Nairobi and Diani, in addition to Mombasa. The Kenyan Foreign Ministry responded to the warnings by saying that security remains a top priority.


EMP Attack on US Would Be ‘Catastrophic,’ Congress Told
Homeland Security Today (05/14/14) Vicinanzo, Amanda

Vincent P. Pry, the executive director of the Task Force on National and Homeland Security, recently told the Cybersecurity Subcommittee of the House Homeland Security Committee that an Electromagnetic Pulse (EMP) attack on the United States would kill nine out of 10 Americans. Pry said those deaths would come from starvation, disease, and the collapse of modern society. “A natural EMP catastrophe or nuclear EMP attack could blackout the national electric grid for months or years and collapse all the other critical infrastructures -- communications, transportation, banking and finance, food and water -- necessary to sustain modern society,” Pry said. Subcommittee chairman Scott Perry (R-Pa.) warned that both Russia and China have the capability to launch an EMP attack, and that Iran and North Korea may be developing similar technology. One House member has proposed the Critical Infrastructure Protection Act (CIPA) to better protect the U.S. electrical grid from EMP attacks. The legislation authorizes the Department of Homeland Security to take steps to protect the nation's electric grid from such an attack.


Nigerian Militant Makes a Name for Himself Through Terror
Wall Street Journal (05/14/14) Hinshaw, Drew

Abubakar Shekau, the once obscure second-in-command of the Nigerian militant group Boko Haram who is now the organization's current leader, has become a more prominent figure in the world of Islamic militants following the kidnapping of hundreds of schoolgirls from northern Nigeria last month. The kidnapping has sparked campaigns on Twitter and other social media platforms calling for the return of the girls, and has also resulted in increasing attention for Shekau from the media and world leaders like President Obama. But Shekau has also become notorious for the large number of people his group has killed in its campaign to rid Nigeria from what it says is corruption, the practice of a liberal strain of Islam, and Western education, says one security expert. One analysis pegs the number of people killed by Boko Haram over the last two years at more than 7,000. That brutality has not gone unnoticed by the U.S. government, which has placed a $7 million bounty on Shekau's head--which is the largest ever for one person in Africa. Officials also say that the bloody attacks carried out by Boko Haram could help bring in more money for the group as well as training from al-Qaida affiliates.


Greenwald: NSA Plants ‘Backdoors’ in Foreign-Bound Routers
Wall Street Journal (05/12/14) Clark, Don; Yadron, Danny

Guardian reporter Glenn Greenwald has accused the National Security Agency (NSA) of planting "backdoors" in U.S.-produced routers and other networking hardware purchased by foreign users. These allegations are contained in an excerpt from Greenwald's new book and are reportedly based on a June 2010 report from the head of the NSA’s Access and Target Development department, which was given to Greenwald by Edward Snowden. “The NSA routinely receives–or intercepts–routers, servers, and other computer network devices being exported from the U.S. before they are delivered to the international customers,” Greenwald writes. He adds that this practice allows the NSA to gain full access to networks that use the equipment, and to the computers of any users logged into those networks. Greenwald also said that there is no evidence U.S. companies were aware of the NSA's activities. A spokesperson for Cisco commented on the excerpt, reiterating that the company--which is the largest maker of networking equipment--does not work with any government to weaken the security of its products.


New York Police Recruit Muslims to be Informers
New York Times (05/11/14) Goldstein, Joseph

The New York Police Department (NYPD) has allegedly been recruiting Muslim immigrants it has arrested to be informers who can provide information on potential terrorist activity in their communities. While the NYPD in April said it no longer sends plainclothes officers to eavesdrop on conversations in Muslim communities, detectives are still looking for ways to gather intelligence on those communities. One strategy for doing so appears to involve detectives bringing up religion with people who were arrested for a variety of crimes completely unrelated to terrorism. Police say that their conversations were voluntary, although several Muslim immigrants who participated in them say they were unnerved by questions about how and where they worshiped. Some also said they felt coerced to become NYPD informants. Members of the NYPD's Citywide Debriefing Team--which reportedly tried to recruit potential informants--have defended their actions, saying they are expanding tactics used to learn about traditional crime and applying them to counterterrorism.




Top U.S. Retailers to Share Data in Fight on Cybercrime
Associated Press (05/14/14)

The Retail Industry Leaders Association and several leading retailers have launched an intelligence-sharing center with the goal of preventing cybercrimes targeting merchants. The association says the center will let retailers share information about data breaches and potential threats as well as notify industry analysts and members of law enforcement. The group's retailer members include Walgreen, Gap, Nike, Target, and Lowe's. Association president Sandy Kennedy says the industry has been concerned with data crime long before recent high-profile retail breaches at Target, Neiman Marcus, and Michaels Stores. “All of our members have been focused on this for a long time,” she notes. “We’re looking at how we can deal with this long term.”


Average Enterprise Generates 10,000 Security Events Daily
Help Net Security (05/14/14)

The average company's network generates an average of 10,000 security events a day, with those at the top generating about 150,000 events a day, according to Damballa Labs' quarterly State of Infections Report. However, the report, which analyzed half of the ISP and a third of the mobile Internet traffic in North America, along with a sizable amount of global traffic, notes that on average, these events only result in 97 infected devices a day. Damballa says this discrepancy demonstrates one of the reasons it can be difficult for enterprise security teams to quickly identify and eliminate infections: the truly dangerous events are overwhelmed by the inconsequential ones. The task is made even harder when attackers use techniques such as Domain Generation Algorithms, which generate massive quantities of random domain names attackers can use to launch attacks from, making it difficult to keep black lists up to date. After conducting its own tests, Damballa concluded it was nearly impossible for the average enterprise to manually identify events likely to lead to infections out of the thousands it is likely to encounter every day. However, the report notes that current rates of discovery are so low, taking an average of 90 days to identify to an infection, there is still ample room for improvement.


POS Malware Advances, Outpacing Defenders' Efforts
eWeek (05/13/14) Lemos, Robert

Point-of-sale systems increasingly are being overcome by hackers' expanding use of malware to compromise credit and debit card data, according to an Arbor Networks study. Although the study found that most types of malware lack sophistication and could be detected by watchful companies, in many public retail breach incidents attackers had access to the victim's network for more than 100 days. Arbor analyst Curt Wilson says small businesses lack the security expertise to contend with protecting their networks and spotting attacks, while detecting attacks in large and complex corporate networks is problematic. Wilson says the diversity of malware indicates POS breaches have matured from simple exploits that exfiltrated card data to memory-scraping malware run by botnet infrastructure. He also says detecting and impeding such attacks should be relatively easy. Arbor urges companies to focus on monitoring for indicators of exploitation among POS terminals and other highly sensitive systems. Wilson argues that rapid detection of breaches and fast incident response could potentially be more important than blocking attacks. "The ability to detect an incident quickly is important, and having intelligence that gives good context and allows personnel to prioritize activities helps immensely," he says.


Facebook Experiment Helps Battle Man-in-the-Middle Attacks
CSO Online (05/13/14) Gonsalves, Antone

Researchers at Facebook and Carnegie Mellon University (CMU) have adapted a detection tool for man-in-the-middle attacks for Facebook, proving the method would work on a large-scale network. The team embedded a Flash applet in Web pages served to Facebook users chosen at random. The code bypassed the network protocol stack of the browser and sent information on the certificates to a server run by the researchers. The team analyzed more than 3 million SSL connections to the website and found 6,845 contained tampered or forged certificates. Most of the changes were related to antivirus and corporate content filters. The experiment demonstrated the method would be useful to corporate security professionals who want to watch for man-in-the-middle attacks on users of company websites, says CMU professor and study co-author Collin Jackson. "This would be one way to identify if any employee's traffic is being tampered with, at least when they're communicating internally," Jackson says. He notes the research also emphasizes potential security risks introduced by antivirus products and content-filtering technology that function as proxies through which all Internet traffic flows.


New NIST Guidance: Don't Make Security an Afterthought
NextGov.com (05/13/14) Sternstein, Aliya

The National Institute of Standards and Technology has released a draft set of guidelines that aim to help agency technologists and industry engineers ensure the security of critical IT systems. The guidelines, which will be finalized later this year, cover the entire lifecycle of a system, beginning with defining system requirements with the help of end users. The document also discusses how to integrate security into vital IT systems during the design and testing phases, as well as during maintenance, operations, and the disposal of the systems. Additional instructions will be added before the final document is published, including how to incorporate systems security engineering requirements into contracts as well as guidelines that deal specifically with the Pentagon's acquisition process. The goal of the guidelines is to reduce the number of security vulnerabilities in important IT systems, says document co-author Ron Ross. He notes that in order to achieve that goal, IT professionals will need to explain to management in layman's terms that current cybersecurity measures are generally insufficient and the guidelines will help ensure that new IT systems are more secure.


Abstracts Copyright © 2014 Information, Inc. Bethesda, MD


  ASIS also offers a daily and a non-sponsored, special-content Professional Edition of
Security Newsbriefs. Please click to see a sample or to contact us for more information.

Unsubscribe | Change E-mail | Advertising Opportunities | Security Management Online | ASIS Online

No comments: