Everything related to Computer Security - Security Audits, Security Vulnerabilities, Intrusion Detection, Incident Handling, Forensics and Investigation, Information Security Policies, and a whole lot more.
Movie Studio Offers to Pay for Security at 'Compton' Screenings Wall Street Journal (08/13/15) Schwartzel, Erich
Prompted by recent attacks at movie theaters and ongoing racial tensions, Universal Pictures has offered to reimburse theaters for security guards employed during opening-weekend screenings of the film “Straight Outta Compton.” The rap biopic, which is expected to draw large crowds, is the story of the controversial rap group N.W.A. that became known for tales of gang life and drug dealing. The film includes several scenes of gang violence in south Los Angeles and aggressive police tactics. Some theaters in major cities are taking the studio up on its offer, one film buyer says, as exhibitors try to guess how much security is needed for large auditoriums. Security for the film's premiere in Los Angeles on Monday night included metal detectors for guests and several street closures, but the event was peaceful. Protests in Ferguson, Mo., this week prompted more theater operators to agree to the plan, but it is unclear to what extent Regal Entertainment Group, AMC Entertainment Holdings Inc., and Cinemark Holdings Inc. are increasing security.
U.S. to Charge That Hackers Tapped Early Deal News Wall Street Journal (08/11/15) Matthews, Christopher M.; Eaglesham, Jean; Yadron, Danny
U.S. authorities will soon unseal sweeping charges against a group of traders and computer hackers who allegedly conspired to obtain early access to press releases and trade on their information before the deals became public. Federal prosecutors in Brooklyn and New Jersey could charge at least six people with securities fraud and other charges. Authorities believe that the alleged scheme made tens of millions of dollars in illicit profits, and may be the largest case of its kind. Sources say that the alleged plan involved hacking the systems of news-wire services that publish press releases about mergers and acquisitions, and then using that information to make early trades on the deals. It is an example of how the lines between cybertheft and traditional financial crimes are becoming thinner. While cyberattacks have long targeted information that was potentially helpful for investors seeking an illegal advantage, former U.S. officials and experts at security firms say they have rarely seen evidence that hacked information was used in suspicious trading. The financial-services sector intends to increase cybersecurity budgets by a combined $2 billion during the next two years, according to a November report by PricewaterhouseCoopers.
Bastille Promises to Find Malicious Wireless Devices in Corporate Networks Network World (08/12/15) Greene, Tim
Startup company Bastille has developed a product that they say will help enterprises monitor the wireless connections in their enterprise, possibly offering a means of monitoring Internet of Things (IoT) devices. The product consists of a system composed of radio-frequency sensors that are deployed in an overlapping mesh, similar to Wi-Fi access points, throughout a given area. The sensors continuously scans all radio frequencies in the area between 50MHz and 60GHz. This data is then encrypted and sent to Bastille's private cloud to be processed. The sensor network allows CISOs visibility into the wireless connections being made within their facilities and can identify unwanted and potentially dangerous connections, such as an employee trying to connect to network devices using an infected personal mobile device. Founder and CEO Chris Rouland believes the system could be particularly useful for monitoring the security of IoT devices, which often lack security features. The system is meant to be deployed in facilities where important assets reside, such as data centers or executive suites. The system is currently in beta and will likely be available in the first quarter of 2016, with its release possibly coinciding with the RSA security conference.
CFOs See Cyber and Malicious Attacks as Major Threats, Lack Preparedness Wall Street Journal CFO Journal Blog (08/10/15)
Many CFOs are concerned about cyberattacks and other malicious attacks, including terrorism and tampering, Deloitte's second-quarter 2015 CFO Signals survey found. About 25 percent of CFOs claim that they are insufficiently prepared for each of these types of incidents, and only 10 percent said they were well-prepared. CFOs from technology and financial-services companies are most likely to say they are insufficiently prepared. Although malicious attacks, such as terrorism, are an area of concern for 85 percent of respondents, only 4 percent say they are well-prepared for such attacks. Based on survey findings, CFOs feel most prepared for legal and ethics violations. While more than 85 percent of respondents consider natural disasters a major threat, just over 20 percent say they are well-prepared for them. CFOs from the manufacturing and retail/wholesale sectors were the most likely to see confrontations, such as boycotts and picketing, as a major threat.
White House Issues Cybersecurity Rules for Contractors The Hill (08/11/15) Bennett, Cory
The Obama administration has proposed guidelines that would require government contractors dealing with sensitive data to meet certain security requirements and to report digital intrusions to authorities. Under the draft rules, the Department of Homeland Security also would be allowed to launch its own network monitoring programs at a contractor if necessary standards are not met. These new rules are part of a wider effort to secure government networks after numerous cyberattacks at agencies and contractors. Hackers recently were able to penetrate the Office of Personnel Management's networks after lifting the security credentials of the contractor, KeyPoint Government Solutions. The administration is hoping that the new guidelines will prevent future contractor breaches. Under the new rules, agencies would be directed to ensure that contractors running government systems are following security processes set by the National Institute of Standards and Technology. “The proposed guidance will strengthen government agencies' clauses regarding the type of security controls that apply, notification requirements for when an incident occurs, and the requirements around assessments and monitoring of systems,” said proposal from the Office of Management and Budget.
Tianjin Explosions Leave Warehouse District a Smoky Ruin New York Times (08/13/15) Jacobs, Andrew
At least 44 people are dead and more than 500 injured after two explosions Aug. 12 in Tianjin, China. The blasts occurred at a company licensed to sell hazardous chemicals and produced shock waves felt for miles. At least 12 of the dead were firefighters who responded to earlier reports of a blaze at Ruihai International Logistics, a four-year-old company that unloads and stores hazardous cargo, government officials said. Many of the injured were hit by debris as thousands of apartment windows blew in, some more than a mile from the site of the explosions. Residents of the Binhai district said they were unsure if it was safe to breathe the air. According to the Tianjin Tanggu Environmental Monitoring Station, the company stored a collection of toxic industrial chemicals, including sodium cyanide, toluene diisocyanate and calcium carbide. Greenpeace warned that sodium cyanide is toxic and toluene diisocyanate is a known carcinogen and highly explosive. Wang Dong, who sustained a head injury when the door of his apartment blew off its hinges, said there were thousands of people that the government could have notified to evacuate. "I’m not sure why they did nothing at all to alert us," he said.
Emergency Declared in Ferguson After Shooting New York Times (08/11/15) Eligon, John; Smith, Mitch
The St. Louis County executive, Steve Stenger, declared a state of emergency in Ferguson, Mo., on Monday following a police-involved shooting the night before that left an 18-year-old black man critically wounded. The shooting occurred near the area of Ferguson where protestors were commemorating the one year anniversary of the killing of Michael Brown by a Ferguson police man, which kicked off months of protests in the city and nationwide discussions about police violence towards African-Americans. Police say that two groups of people at a strip mall near the protests exchanged gunfire Sunday night and that Tyrone Harris Jr. fired on plain-clothes police who responded to the shooting. Police fired on Harris, who remains in critical condition. Under the state of emergency declared by Stenger, the St. Louis County police have taken over policing in Ferguson. Acts of civil disobedience were carried out by several protestors on Monday, with a group of around 60 blocking traffic on Interstate 70 during rush hour before being arrested. While some protestors have taken issue with the police version of the Sunday night shooting, others have backed it up. St. Louis Alderman Antonio French says he was at the strip mall where the shooting occurred and that the incident "was not initiated by police."
Attackers in Istanbul Open Fire Outside U.S. Consulate New York Times (08/11/15) P. A4 Arango, Tim
Attackers in Istanbul opened fire outside the U.S. consulate on Monday morning, setting off a gun battle with the police before the assailants fled. No Americans or Turkish police officers were hurt, but Turkish special forces later caught an injured woman who was suspected of participating in the attack. Violence in Turkey has escalated in the nearly two weeks since the government began a counterterrorism effort that includes increased cooperation with the United States against the Islamic State (ISIS). Turkey saw a total of four major incidents of violence on Monday, though none were attributed to ISIS. Instead, they were linked to the Revolutionary People's Liberation Party-Front, which claimed responsibility for the consulate attack, and the Kurdistan Workers' Party, a group that has fought an insurgency in Turkey for more than three decades. The consulate attack came one day after the United States announced that it had sent six fighter jets to Turkey's Incirlik air base. The Revolutionary People's Liberation Party-Front has attacked U.S. interests in Turkey on previous occasions.
Attacks on Fiber Networks in California Baffle FBI Wall Street Journal (08/13/15) Fitzgerald, Drew
According to the Federal Bureau of Investigation, San Francisco's Bay Area has suffered more than a dozen intentional attacks on its fiber optic infrastructure over the past year, slowing Internet service and disrupting financial transactions and emergency phone calls. The fiber optic cables that carry the majority of the country's Internet traffic suffer hundreds of breaks and cuts every year, but the majority are accidental, caused by car crashes, animals, construction, and other accidents. However, the FBI is sure that the incidents in the Bay Area are malicious attacks, and they highlight how vulnerable the fiber networks are. Most of the attacks have taken place around midnight, with the attacker or attackers entering manholes and cutting the cables. All they would need, in most cases, was a manhole lifter and a hacksaw. The latest incident occurred at the end of June near a highway bridge in Livermore, Calif., knocking out phone and TV signals around Sacramento and slowing Internet service for some business customers as far north as Seattle. It took work crews the better part of a day to repair the damage after investigators finished at the scene. The FBI currently has few leads on what has motivated the attacks or who is responsible.
Islamic State Suspected of Using Chemical Weapon, U.S. Says Wall Street Journal (08/13/15) Entous, Adam
There is evidence that Islamic State (ISIS) has obtained banned chemicals, which would indicate an upgrade in the militant group's fighting capabilities. U.S. officials say that militants may have used mustard agent against Kurdish forces in Iraq this week. ISIS could have obtained mustard agent in Syria, as the government there admitted to having large quantities in 2013 when it agreed to surrender its chemical weapons. Inspectors have subsequently said they could not verify claims that the Syrian government had burned hundreds of tons of mustard agent in earthen pits, and believe that it may have been hidden instead. At the time, Syria also admitted to having deadlier nerve agents, such as sarin and VX, but U.S. intelligence agencies do not have any evidence to suggest ISIS has either of those agents. The advancing weaponry of ISIS raises new questions about the group's evolving capabilities and the ability of U.S. allies on the ground to fight it. Frontline Kurdish, Iraqi, and moderate Syrian forces say that they already are not receiving enough U.S. support to counter ISIS's conventional capabilities.
Private-Public Collaboration Puts Pittsburgh at Fore of Cybercrime Fight Wall Street Journal (08/13/15) Hong, Nicole
The Federal Bureau of Investigation and the U.S. attorney's office in Pittsburgh have become one of the leading lights of the federal government's efforts to combat cybercrime, and their success has come in part thanks to a robust public-private collaboration between the FBI and the city's companies. The National Cyber Forensics & Training Alliance (NCFTA) was formed by the Pittsburgh FBI as a nonprofit in the early 2000s. Operating out of a nongovernment building, the alliance offers a non-threatening space where private sector analysts and experts from nearby Carnegie Mellon University can share information with and educate FBI agents about current and emerging cyber threats. The NCFTA played a role in the Pittsburgh FBI and U.S. attorney's takedown of the GameOver Zeus banking Trojan, an investigation that was kicked off when a PNC Bank analyst noticed an unusual wire transfer from a Pittsburgh plastics firm to a bank in Atlanta. Since David Hickton took over as Pittsburgh U.S. Attorney in 2010, the Pittsburgh office has aggressively pursued cybercrime. Its cases include the indictment of five members of the Chinese military last year on charges that they sponsored hacking activities.
John Kerry: Russia and China Likely Read My Emails Wall Street Journal (08/12/15) Schwartz, Felicia
Secretary of State John Kerry this week said that he believes Russian and Chinese hackers read his emails, and that U.S. officials have seen China launch attacks on U.S. interests in recent days. Kerry said that fighting cyberattacks is a top priority for the United States. He noted that officials are working on “a code of conduct and a system of behavior that hopefully could rein some of it in.” President Barack Obama plans to discuss China's cyber behavior in September when President Xi Jinping visits the United States. The United States and China said in June they had agreed to begin a working group to share concerns. Last week, the Pentagon said it believed that Russia was behind a cyberattack on an unclassified email system used by the Joint Staff. U.S. officials have reported that federal agencies are targeted by hundreds of cyber intrusions daily.
China Cybersecurity Fears Prompt Business Groups to Press Obama Wall Street Journal (08/12/15) Wong, Gillian
As President Barack Obama prepares for a visit from Chinese President Xi Jinping in September, 19 U.S. business and technology industry groups have asked that he call on Beijing not to use cybersecurity measures to protect its domestic technology industry from foreign competition. The groups said in a joint letter to the White House that China is pursuing policies that harm foreign companies' ability to do business, such as a new national security law and restrictions on the flow of data. American businesses are concerned that they may be pushed out of the market or pressured into complying with rules set by China's national security agenda. The letter's signatories include the U.S. chambers of commerce in the United States and China, the Business Software Alliance, and the Coalition of Services Industries. The groups hope that both sides would commit to open markets and narrow cybersecurity measures that contribute to the least trade restrictions as possible. Their worries focus on China's proposed requirements that technology vendors subject their network security equipment to third-party audits or hand over source codes and encryption keys. Some Chinese proposals would restrict the flow of data out of the country, creating problems for multinational businesses that need data to be unhindered across borders.
Airlines Under Siege from Hackers The Hill (08/10/15) Bennett, Cory
In recent months it has become clear that the aviation industry, and airlines in particular, face major threats from hackers. Earlier this year the Federal Aviation Administration (FAA) admitted that hackers had infected its networks. Last month both United Airlines and American Airlines announced that they were investigating suspected data breaches that are believed to be related to breach of the Office of Personnel Management by Chinese hackers earlier this year. As the FAA moves forward with development of its NextGen flight control system, there are worries that the new system could be more vulnerable to hackers. Lawmakers are hoping to address the looming cyber threat facing the industry through legislation that would apply more rigorous reporting standards to airlines and that would create formal channels for cyber information sharing with the government. However, consensus has been hard to find. Congress has been wrangling over the Cybersecurity Information Sharing Act (CISA) recently, and a proposed amendment that would have mandated critical infrastructure industries, including aviation, share cyber threat information with the government was voted down by the Senate Intelligence Committee. Elsewhere, the bill that would reauthorize spending for the FAA contains provisions related to private-public threat information sharing. However, that bill has been delayed into September.
Are Fingerprints the New Passwords? Security Experts Sure Hope Not Washington Post (08/11/15) Peterson, Andrea
Security researchers are expressing concerns about the ever-growing use of fingerprint scanners on smartphones. At the recent 2015 Black Hat USA Conference, a team of researchers from FireEye revealed that several Android smartphones featured vulnerabilities that could allow hackers to steal users' fingerprints. Yulong Zhang, a member of the FireEye team, noted that if a password is leaked, it can be changed, but if a fingerprint is leaked, it is lost for good. While the phone makers have provided patches for the issues, the FireEye research has highlighted some of the potential risks of the technology. The research stated that as a biometric marker, fingerprints are both impossible to change and public — they are left on almost everything that is touched. Therefore, if someone is able to copy a print, it stops being an effective security mechanism. Similar concerns have been raised about fingerprint scanners used in other consumer devices, like laptops, or by set-ups at motor vehicle departments and airports.