| |
Rise of the Robot Security Guards
MIT Technology Review (11/13/2014) Metz, Rachel
The startup Knightscope has been developing a robot called K5 that promises to free private security guards from the "monotonous and sometimes dangerous work" they have to perform, giving them more time to perform strategic tasks, says company co-founder Stacy Stephens. So far, the company has built seven of the machines and plans to deploy four of them by the end of the year. The robot is designed to monitor areas such as corporate campuses, schools, and shopping malls for unusual behavior, such as unauthorized visitors at night, and reports its findings to a remote security center. The K5 is built with high-definition cameras, microphones, a weather sensor, navigation equipment, and electric motors in a dome-shaped body, along with a rechargeable battery and a computer. Multiple robots use Wi-Fi or a wireless data network to communicate with each other and the remote security center. The K5 is built with several warning alarms, including a chirp if someone tries to detain it and a loud alarm that prompts an operator to check in. If a person needs help, he or she can press a button near the top of the robot's head to call for someone remotely. Knightscope says its robots will cost $6.25 an hour to operate, which is less than half the hourly wage for security guards.
Bold Jewelry Heist in Manhattan's Diamond District
Wall Street Journal (11/12/14) Shallwani, Pervaiz; Wilson, Colleen; Bashan, Yoni
Two men stole an unspecified amount of jewelry and other items from a jewelry store in Manhattan's Diamond District on Tuesday in a rare armed robbery in the highly-secure block of stores and businesses that is at the heart of the U.S. diamond industry. The two men robbed the Watch Standard Inc. luxury store on West 47th Street by posing as delivery men. One of the robbers was buzzed into the store, which he robbed at gunpoint while the other man stood watch in the hallway outside. At least one of the store's employees was injured during the robbery. The suspects were clearly captured by security cameras, but remain at large despite a massive police manhunt. Michael Grumet, the executive director of the 47th Street Business Improvement District, says he can only recall one other robbery occurring in the Diamond District during his eight-year tenure. He says most of the 4,100 companies that call the district home employ private armed security, and the district itself has a significant police presence.
Security is Questioned After New York Jewelry Store Robbery
Wall Street Journal (11/12/14) Bashan, Yoni; Shallwani, Pervaiz
Many stores and building managers in Manhattan's Diamond District are reconsidering their security arrangements following a robbery on Tuesday at one of the area's ostensibly well-protected jewelry stores. The Watch Standard store, the site of the robbery, is among the merchants in the area considering whether to increase security. Those plans could include upgrading security in the entire building. Meanwhile, the owner of another store located near the Watch Standard is considering screening customers before they enter. Similar stores in the area already use mantraps to prevent members of the public from entering secure areas. Screening buzzers, security cameras, and guards are also used by many of the businesses in the area. A security guard who works near the robbed jewelry store says he and other security personnel will probably be more attentive to potential trouble going forward. The guard, whose store is next to the Watch Standard, says he is prohibited from interfering in a robbery that occurs in another store, aside from calling police.
Study Finds Spike in Cost of Retail Crime in the U.S.
Security InfoWatch (11/07/14) Griffin, Joel
Retailers worldwide lost $128 billion last year due to shrink, which includes shoplifting, fraud by employees or suppliers, and administrative errors, according to the results of the Global Retail Theft Barometer that were released on Nov. 6. Of these losses, $42 billion were from the United States alone. The study did find that shrink declined slightly overall from 1.36 percent of retail sales in 2012 to 1.29 percent in 2013. Ernie Deyle, a retail loss prevention analyst who conducted the study, said that this is partly because retailers in some countries made greater loss-prevention investments. Although U.S. shrink declined from 1.5 percent of sales in 2012 to 1.48 percent in 2013, the cost of retail crime in the country as a percentage of revenue rose 27 percent last year to 1.74 percent. Deyle says retailers should change their attitudes toward loss prevention by employing analytics and technology, and "look at their loss prevention departments as a tactical performance improvement type of group." Retailers reported that electronic article surveillance antennas, labels, and hard tags can effectively protect their most vulnerable products. More suppliers are also using source tagging radio frequency labels. Shoplifting and employee theft, however, remain issues that lack a definitive solution, Deyle noted.
Gulfstream Accountant Held in $8.5M Theft Scheme
Associated Press (11/07/14) Melley, Brian
A former finance director at Gulfstream Aerospace was arrested Nov. 7 for allegedly planning to steal at least $8.5 million from the company, the FBI said. The suspect, Marvin Caukin, who served as the finance director of the company's Long Beach, Calif., and Las Vegas operations, has been charged with identity theft and conspiring to launder money and commit mail fraud, said FBI spokeswoman Laura Eimiller. Special Agent Sherine Ebadi said Caukin asked some of his friends and family members to establish fake businesses to bill Gulfstream for services that were never provided. Caukin and his co-conspirators then allegedly kept the money. He was fired from Gulfstream in May 2013 when the company found he lied on his application in 2000 when he said he had not been convicted of a felony in seven years. Gulfstream found Caukin spent almost three years in prison in the 1990s for embezzling $2.4 million from USA Petroleum Corp., where he was finance director.
'Comedy of Errors': Secret Service Officer Chatted on Cell Phone as Intruder Scaled White House Fence
Fox News (11/14/14)
The Department of Homeland Security (DHS) has released an executive summary of a report about the White House fence jumper incident on Sept. 19, which the report found was the result of several failures on the part of the Secret Service. The report noted that three Secret Service officers recognized accused fence jumper Omar Gonzales before the incident took place, as he had come to their attention just several weeks before for possessing a hatchet while walking near the White House, although they did nothing because he was not engaged in any unusual behavior. When Gonzales jumped the fence about an hour later, officers stationed at the White House did not hear messages about the security breach because they were using outdated or inefficient communications technologies. Among the officers who were initially unaware of the breach was a canine officer who had taken his earpiece out to make a personal phone call in a van on the White House grounds. The report noted that this officer and two others who responded erroneously believed that bushes planted on the grounds would stop Gonzales from entering the White House. Gonzales was ultimately able to make it into the White House due in part to poor Secret Service training and bad staffing decisions, the report found. The Secret Service says it is working to address the problems.
ISIS Chief Emerges, Urging 'Volcanoes of Jihad'
New York Times (11/14/14) Kirkpatrick, David D.; Gladstone, Rick
Abu Bakr al-Baghdadi, the leader and self-appointed caliph of the Islamic State, released an audio recording Thursday in which he mocks the U.S.-led coalition and calls for his disciples to "erupt volcanoes of jihad." The recording, which references events that occurred as recently as Monday, appears to dispel rumors that the IS leader was killed in an American airstrike last weekend. In his speech, Baghdadi mocks President Obama's recent decision to deploy an additional 1,500 U.S. soldiers to Iraq as military advisers, saying that coalition airstrikes have failed to impede IS' expansion. Baghdadi predicts that the Western members of the coalition will soon be forced to engage in ground combat with IS fighters. Baghdadi also accepts recent pledges of allegiance from militant Islamist groups from around the Arab world, including Ansar Beit al-Maqdis, a major Egyptian militant group that is the first significant group outside of Iraq and Syria to swear fealty to Baghdadi. The IS leader instructs the Egyptian militants and others to report to and obey the nearest IS-appointed governor. The speech also contains instructions for IS fighters to focus their violence against Shiite Muslims and the Saudi royal family.
Missouri Governor Outlines Ferguson Preparations
Associated Press (11/12/14) Salter, Jim
Missouri Gov. Jay Nixon on Tuesday announced some of the steps that are being taken to prevent an outbreak of violence following a grand jury's decision later this month on the case of the racially-charged shooting death of Michael Brown in Ferguson, Mo. Local police are working on their methods of protecting peaceful protesters, and more than 1,000 officers have received a combined 5,000 hours in special training. The National Guard will also be available if needed. Nixon has warned that there will be consequences for any protestors who turn to violence. Compared to the days after Brown was killed in August, when police were criticized for wearing riot gear and patrolling in armored vehicles, police leaders this time have reached out to civil-rights and protest groups, calling for cooperation. However, there are fears that police will still be too heavy-handed after the grand jury announcement. Meanwhile, a coalition of more than 50 activist groups has asked for 48 hours notice before a grand jury decision is announced, which it says will help prevent violence.
Coburn Questions the Value of Terrorism Prevention Centers
The Hill (11/11/14) Cox, Ramsey
A new report by the Government Accountability Office suggests that the nation's 78 terrorism-prevention centers may not be worth the federal funds they use, according to Sen. Tom Coburn (R-Okla.). The report showed that the Department of Homeland Security (DHS) has failed to track the effectiveness of the money that has been spent to establish the centers. Coburn says there is a lack of evidence that the centers do much to prevent terrorism. "The fact that after seven years, we still cannot tell whether fusion centers are keeping us any safer means that DHS needs to take a long, hard look at whether it needs to stop funding projects that don't advance its mission," Coburn said Monday.
Surveillance, Protection & Detection: Exposing Terrorist Networks Focus of New NGO Led by Francis Townsend
Homeland Security Today (11/09/14) Charlaff, Joe
Frances Townsend, a former assistant to President George W. Bush for homeland security and counterterrorism, has launched a new non-governmental organization for counterterrorism. The Counter Extremism Project (CEP) seeks to learn how extremist Islamist groups are being funded and how the money is moved through financing networks. For example, the CEP hopes to find the shell corporations for the illicit activity used to fund the Islamic State and determine exactly where the money is coming from and how it is being moved and laundered. Making such information public could change the behavior of these companies, Townsend suggests. CEP also aims to fight jihadist ideology by gathering a global network of counterextremism and security experts to establish a database of the extremists' financial supporters. CEP intends to put pressure on these financial networks, intervene in extremists' recruitment efforts, and advocate for stronger counterterrorism laws and policies.
Chinese Hack U.S. Weather Systems, Satellite Network
Washington Post (11/13/14) Flaherty, Mary Pat; Samenow, Jason; Rein, Lisa
On Wednesday, the National Oceanic and Atmospheric Administration (NOAA) acknowledged for the first time that it had been affected by a data breach in late September that is believed to have been carried out by Chinese hackers. The agency has been evasive about the nature of the hacks, their origin, and why it failed to announce them publicly sooner. NOAA says that four of its Web sites were affected by the attack. It is believed that the attack influenced NOAA's decision last month to take its online satellite image data service offline for several days. The attack also caused a week-long outage of NOAA's National Ice Center Web site. The agency claims to have taken action to mitigate the attacks immediately upon discovering them in late September, but Commerce Department Inspector General Todd Zinser says his office was not notified of the breach until Nov. 4, more than a month later. Zinser says this is a violation of agency policy, which requires Commerce Department agencies to report security incidents to the Office of the Inspector General within two days of discovery. Meanwhile, Rep. Frank Wolf (R-Va.) says the agency confirmed to him that the attacks originated in China, though NOAA has not stated this publicly. A Chinese Embassy official said the consulate was not aware of the NOAA cyberattack, but said accusations that Beijing was involved are groundless.
Microsoft Fixes '19-Year-Old' Bug With Emergency Patch
BBC News (11/12/14) Lee, Dave
Microsoft has issued a patch for a nearly two decade old vulnerability in Windows, the Microsoft Office suite, and Windows Server that could enable an attacker to gain complete control over a victim's machine. The vulnerability exists in Microsoft Secure Channel, which is used to facilitate the secure transfer of data. A security researcher at IBM, which discovered the flaw in May and has worked with Microsoft on a fix since then, says an attacker could exploit the vulnerability through the use of drive-by attacks. The researcher said the attacks would involve the use of malware that would enable cybercriminals to remotely take over the victim's computer. Web servers that run Windows Server also could be at risk. There are no indications an attacker has successfully exploited the flaw, known as WinShock, since it was discovered. However, experts say attacks could be carried out against unpatched machines now that the vulnerability has been revealed. Users of the affected applications and operating systems are being urged to apply the patch as soon as possible.
U.S. Postal Service Breached, Employee and Customer Data Stolen
Naked Security (11/11/14) Vaas, Lisa
The U.S. Postal Service (USPS) announced Monday that it was affected by a data breach earlier this year that exposed the personal data of its customers and employees. The attack was reportedly discovered in mid-September and the USPS briefed Congress about the breach in two classified meetings before making the breach public. The full extent of the breach is unclear. In its public statements, USPS said the only employees affected were letter carriers, those working in the inspector general's office, and the postmaster general, but other reports say all of the USPS' more than 800,000 employees may have been affected. Employee data compromised by the breach includes names, dates of birth, taxpayer numbers, addresses, employment dates, and more. USPS says the breach did not compromise customer's credit card data, only names, email addresses, and phone numbers. Affected customers include those who called or emailed the agency's Customer Care Center between Jan. 1 and Aug. 16. Those that visited the USPS website reportedly were not affected. The FBI is leading the investigation into the attack, which the agency does not believe was motivated by a desire to commit fraud.
U.S. Agencies Struggle vs. Cyberattacks
Associated Press (11/10/14) Mendoza, Martha
A recent Associated Press investigation found cyberattacks are a growing problem at government agencies, and many of these attacks resulted from accidental or deliberate violations of security protocols by employees or contractors. The investigation found the number of cybersecurity breaches on federal government and military networks that were reported to the U.S. Computer Emergency Readiness Team (US-CERT) rose from 26,942 in 2009 to 46,605 in 2013. Approximately 21 percent of the breaches that occurred last year were the result of government employees who violated policies, while 16 percent were the result of lost or stolen devices. The probe also found the number of cyberincidents involving federal agencies, critical infrastructure operators, and contractors has more than doubled between 2009 and 2013 to 228,700. The incidents involved attack vectors such as phishing messages that included links to malicious sites employees clicked on, videos that redirected employees to malicious sites, and deliberate security breaches such as the one carried out by Edward Snowden. U.S. Assistant Secretary of Defense Eric Rosenbach, principal cybersecurity adviser at the Pentagon, says human factors such as deliberate breaches by insiders and accidental security violations will continue to be a problem until the federal workforce is better educated about cybersecurity threats.
Cyberattackers Creating More Sophisticated Apple OS Malware
eWeek (11/09/14) Lemos, Robert
Despite its reputation as very secure, Apple has found its two main OSes, OS X and iOS, targeted by sophisticated malware in recent years. The latest, WireLurker, used Trojanized applications downloaded through third-party app stores to infect users systems and any iOS devices connected to the systems. This roundabout way of infecting Apple devices is typical, due to precautions the company has taken to keep them secure. With its OS X update Mountain Lion, Apple introduced Gatekeeper, a tool that limits the applications that can run on a Mac system, while applications require a signed code to run on iOS devices. These protections mean malware authors and cyberattackers have to get creative and target systems that are made vulnerable by their users, for example by jailbreaking an iPhone. Some other methods demonstrated by security researchers in the last year include using duped code to run apps as though they are legitimate and using the Us cable as a vector to infect iOS devices. However, even with a rising number of new Apple malware, Palo Alto Networks' Ryan Olsen says it is unlikely the numbers will increase too dramatically, and unless users make themselves vulnerable by jailbreaking their devices or using third-party app stores, they should not be concerned.
Abstracts Copyright © 2014 Information, Inc. Bethesda, MD |
No comments:
Post a Comment