| "Germany Taking Hard Line to Foil Disruption at G-8" Washington Post (06/06/07) P. A13 ; Whitlock, Craig Germany has spent more than $100 million to secure the Group of Eight (G-8) summit, which is being held this week at the coastal resort of Heiligendamm. A seven-mile-long security fence crowned with razor wire will keep anti-globalization protesters at bay. The German government is being aggressive about securing the meeting after some 500 German police officers were injured when protesters rioted in Rostock last weekend; thus, 16,000 police officers will be on hand to secure the G-8 summit, and they will be reinforced by armored personnel carriers and helicopters. The protesters--many of whom aim to disrupt the summit--have been sharpening their tactics and strategies for the past several months, but so have German authorities. For example, German police, borrowing a tactic formerly used by the East German secret police, have quietly obtained "scent samples" of some protest leaders so that canine units will be able to sniff them out of crowds if necessary. Public demonstrations will not be allowed within a four-mile radius of the meeting. Just five miles up the road from Heiligendamm, protesters have established a base camp replete with a three-story lookout tower to spot police. There the protesters are practicing techniques aimed at thwarting security forces, such as disrobing and locking arms. (go to web site) "Man Tries to Jump Into Popemobile" Houston Chronicle (06/06/07) A mentally unstable German man leapt over a security barrier in Vatican City and tried to jump into Pope Benedict XVI's popemobile, which was uncovered at the time. The man managed to grab hold of the vehicle for a few seconds before he was tackled by security officers protecting the pope. No fewer than eight security personnel were trailing the popemobile at the time of the incident. A spokesman for the Vatican claims that the German man was merely trying to attract attention to himself, not harm the pope. Pope Benedict did not appear to notice the incident as it occurred. (go to web site) "Terror Threat First for Pipeline Firm" Boston Herald (06/03/07) The Buckeye Pipe Line Co., which operates the jet fuel pipeline that was targeted in the John F. Kennedy International Airport terrorist plot, has been kept fully informed of the plot by federal authorities ever since the discovery of the threat, a company spokesman said. The terrorist threat is the first against Buckeye, which has petroleum conduits in 18 states and 5,000 miles of pipelines in the United States, including a 35-mile network in New York City. Buckeye spokesman Roy Haase would not divulge details of the company's security practices or the JFK plot. "There was a time when we would brag about our safety and security features, but we would not do that now, for fear we would be undermining them," he says. Haase notes that Buckeye has a close working relationship with the U.S. Department of Homeland Security, FBI, fire and police departments of New York City, and the Port Authority of New York and New Jersey. (go to web site) "In Nigeria's Violent Delta, Hostage Negotiators Thrive" Wall Street Journal (06/07/07) P. A15 ; Cummins, Chip Hostage negotiators are in high demand in Nigeria's volatile Delta region, where attacks on multinational oil installations and ransom kidnappings of oil workers have become commonplace. One of these negotiators is 44-year-old Joshua Benamaisia, who helped free nine South Korean workers just two days after their capture by placing a telephone call to a longtime friend--a top militant leader. Nigerian hostage negotiators have helped free about 100 kidnapping victims so far this year. The negotiators tend to have access to several influential parties, including Nigerian politicians, militants and criminals, diplomats, and oil executives. These middlemen are helpful in winning the release of hostages, but they are also contributing to the rise of a lucrative ransom kidnapping industry that is threatening to disrupt the international oil industry. Due to the ineptitude of the Nigerian government, anarchy has flourished in the Niger Delta over the past 18 months, and nervous oil companies have responded by shutting their operations and calling their workers home, slashing Nigeria's oil output by 25 percent. Five years ago, kidnapping insurance in Nigeria cost oil companies about $10,000 per year for $5 million in coverage, but the same coverage now costs $100,000 due to the escalating violence. Benamaisia warns that the Nigerian government must increase its security efforts or "there will be nothing left." (go to web site) "One Year Later: Five Lessons Learned from the VA Data Breach" Computerworld (06/01/07) ; Vijayan, Jaikumar The federal government has learned a number of important lessons in the year since the Department of Veterans Affairs revealed that a laptop and external hard disk containing the personal records of 26.5 million veterans and active-duty military personnel were taken from the home of a VA employee. For instance, a number of federal agencies have begun paying more attention to encrypting data on laptops and other mobile devices in the wake of the breach, according to Gartner analyst John Pescatore. One reason why federal agencies are paying more attention to data encryption is because the White House's Office of Management and Budget (OMB) issued a memorandum shortly after the VA breach to all agency heads recommending encryption of sensitive data on mobile systems. In addition, more federal agencies now have formal policies and procedures for reporting and responding to suspected and confirmed security breaches. Under the OMB guidelines, agencies are required to notify management of data breaches as soon as they occur. Finally, the OMB guidelines require all agencies to implement two-factor authentication for controlling remote access to agency networks and data from remote locations. The guidelines also ask agencies to require remote users to reauthenticate themselves after 30 minutes of inactivity. (go to web site) "Foiling Fakes" IndustryWeek (05/07) Vol. 256, No. 5, P. 28 ; Jusko, Jill Manufacturers face considerable risks to the performance of their product and the integrity of their brand when counterfeit products enter their supply chain. The complexity of supply chains can create further opportunities for counterfeit products to reach customers; as a result, manufacturers need to take proactive steps to ensure the products reaching customers are genuine and safe. Although governments take action to seize shipments of counterfeit products and punish the counterfeiters, companies must also rely on their own security processes to ensure the integrity of their supply chains. Corporate legal experts can help determine if litigation is an effective solution to security breaches, and they can take legal steps to protect intellectual property. In addition, companies should monitor transit providers, port locations, and all partners to ensure the proper and secure transfer of goods throughout the supply chain. Technology, such as radio-frequency identification, can also help companies at the other end of the supply chain ensure that the merchandise is genuine. (go to web site) "N.Y. Airport Target of Plot, Officials Say" Washington Post (06/03/07) P. A1 ; Faiola, Anthony; Mufson, Steven An employee at John F. Kennedy International Airport and three other men with ties to Guyana, Trinidad, and Pakistan have been charged with plotting to blow up the airport's fuel tanks and pipelines in a terror attack aimed at causing greater destruction than the Sept. 11 attacks, according to U.S. authorities. Officials held a news conference Saturday to announce the disruption of the plot, which was still in its planning stages and was led by U.S. resident Russell Defreitas, 63, a native Guyanan who was employed at JFK by a small airline company. Defreitas has been arrested, but one of the plotters, a Guyanese citizen of Pakistani descent, remains at large, while two other plotters--including a prominent former Guyanese politician--were arrested in Trinidad. U.S. authorities say that Defreitas traveled to Guyana and Trinidad on several occasions to meet with his fellow conspirators; that he conducted surveillance of the airport four times in January; that he chose the airport due to its symbolic association with former President Kennedy; and that he appears to have held deep contempt for the United States since well before the Sept. 11 attacks. A law enforcement informant helped authorities accumulate evidence against the four men and disrupt the plot, which appears to be home-grown in nature and Internet-facilitated, with no direct ties to Al Qaeda. The plotters first hoped to neutralize an airport control tower housing security personnel before blowing up the airport's fuel tanks and a section of a 40-mile fuel pipeline operated by Buckeye Partners. Security experts say that the attack would have been spectacular and caused considerable economic damage but little loss of life; meanwhile, a Buckeye spokesman says the company's pipeline system is well-secured and impossible to blow up. (go to web site) "US Border Passport Regs May Be Suspended" SF Gate (06/08/07) ; Barrett, Devlin; Talhem, Jennifer The federal government is expected to announce, perhaps as early as June 8, that it will temporarily suspend its passport-requirement rules for air travel to Canada, the Caribbean, Mexico, and Bermuda. The rules will be suspended through the end of September, according to Rep. Heather Wilson (R-N.M.). The suspension of the rules is intended to alleviate a massive logjam of unprocessed passport requests that has disrupted thousands of Americans' travel plans. The rules, which were implemented in January as part of the Western Hemisphere Travel Initiative, require American citizens to have passports when they fly back into the country from Mexico, Canada, and the Caribbean. During the suspension of the rules, U.S. air travelers from those destinations who do not have a passport will be required to show a driver's license or other government ID, along with a State Department receipt showing that they have applied for a passport. (go to web site) "JFK Terror Plot: NYPD Focuses on Weak Spots" Newsday (06/04/07) ; Frazier, Michael; Parascandola, Rocco; Smith, Jennifer The New York City Police Department is reacting to the disruption of the Kennedy Airport terrorist plot by distributing more security resources to the Astoria-based Con Edison power plant, city subway stations, and other critical infrastructure, according to police sources. In addition, police will provide a briefing to Operation Shield, a private-public anti-terrorism partnership. Meanwhile, Rep. Peter King (R-N.Y.) shed new light on the airport plot, saying that the four plotters "wanted to crash a plane into Kennedy Airport" and were not just focused on the airport's fuel-system network. The plot was loosely defined and included the terminals as potential targets, King said. "From talking to [New York City Police Commissioner] Ray Kelly, he does see this as a wake-up call, a pretty clear message that we have to become more involved in focusing on the Caribbean," King said of U.S. anti-terrorism efforts. The Port Authority has beefed up security patrols at Kennedy, but the Transportation Security Administration (TSA) has not adjusted its security protocols, a TSA spokeswoman said. One of the four Kennedy plotters was deported from the United States on a drug charge in the 1980s and is said to have referred to the United States as "oppressors." (go to web site) "Security Agency Enlisting Muslims to Rebut Radicals" San Francisco Chronicle (06/05/07) ; Kuruvila, Mattahi Chakko On May 8, Homeland Security Secretary Michael Chertoff met with four of the most prominent Muslim thinkers in the United States in an effort to win their help in combating homegrown radicalism among U.S. Muslims. Although the meeting did not produce concrete plans, Chertoff said he envisions using the participants' help to fight an ideological battle in Muslim communities. Chertoff said earlier this year that he would initiate "an unprecedented level of cooperation" with certain ethnic and religious groups in order to combat radicalization. One of the Muslim leaders who met with Chertoff is Shahed Amanullah, a 39-year-old Internet blogger and editor of the Web site Altmuslim.com. "I like the idea of shifting the focus from policing an entire community to doing ideological battles with the very people who are threatening," said Amanullah. Amanullah and the other three Muslim members of the May 8 meeting--a California author, a former ambassador from Pakistan, and a Houston city councilman--recommended that Chertoff create a long-term plan for dealing with Muslims and Muslim nations. Amanullah warns that Islamic extremists avoid meeting at mosques due to U.S. law enforcement surveillance and are instead meeting and radicalizing on the Internet. The four participants believe that the government should combat radicalization by offering social services and interfaith efforts for Muslims and by prompting Muslim community leaders and parents to speak to their children about the dangers of radicalization. (go to web site) "New Translation Technology to Aid U.S. Forces" Defense News (05/28/07) ; McMichael, William H. The U.S. Defense Advanced Research Projects Agency (DARPA) and the National Institute of Standards and Technology (NIST) are testing various devices that could eventually provide 100 percent accurate, real-time translations for troops in Arabic speaking countries. Currently, basic one-way translators are common in Iraq, with over 3,000 such devices currently deployed, but these devices are only capable of simple mission-dependent English phrases, have limited vocabularies, and are unable to translate the Arabic response. The devices the two agencies are testing are capable of understanding context and translating from Arabic to English. There are some limitations to each of the devices, including performance degradation during high-stress situations that would include shouting and background noise, but the ability to operate in those situations is not far off. DARPA and NIST would not comment on the performance of any individual system, but DARPA said each one performs in the 70 percent to 80 percent accuracy range. DARPA's Jan Walker said the long-term goal is to create two-way translations across all subjects with 100 percent accuracy, compensating for background noise, dialects, and accents. Walker said that in the next three to five years, DARPA wants 80 percent to 90 percent accuracy for specific task-related phrases. DARPA also wants to move away from laptop-based devices in favor of smaller, hands-free devices, which is a requirement for NIST's next round of testing, scheduled to begin in July. NIST robotics researcher and project manager Craig Schlenoff said that developers have free rein in creating the form of the device, but their use cannot require looking at a laptop or employing a keyboard. (go to web site) "Banks Targeted by Hordes of Cybersquatters" Investment News (06/04/07) ; Shin, Kevin There are more than 2,300 domain names that infringe upon the trademarks of Wachovia and more than 2,500 domains that infringe upon the trademarks of Capital One Financial, according to research from CitizenHawk, which provides digital brand-management solutions. Capital One and Wachovia are the two most popular bank targets for these types of domains, according to a list compiled by CitizenHawk. That list finds that the trademarks of 10 of the top American retail-bank Web sites are being infringed upon by a total of more than 10,000 cybersquatting domain names. The designers of these infringing sites often purposely mimic the real bank site to dupe visitors into providing financial data, a fraudulent practice known as "phishing." For example, bankof1america.com, a fraudulent Web site that is hosted in Russia, mimics the look and feel of Bank of America's actual Web site and asks visitors to enter their financial information, including bank account and credit card numbers. (go to web site) "Could U.S. Repel a Cyberattack?" Christian Science Monitor (06/07/07) P. 1 ; Arnoldy, Ben; Lubold, Gordon The two-week cyberattack against Estonia that flooded government Web sites, shut down a bank's online services, and slowed Internet services across the country, provided U.S. defense officials with a real-life example of what could happen if the United States' Web infrastructure was attacked. While Estonia reacted well, experts say the U.S. States may be more likely to suffer mass disruptions of banking, telecommunications, and government services due to a lack of coordination, funding, and centralized authority. Protecting the nation from a cyberattack requires extensive coordination between the government and the private sector and expensive research and preparation, but US-CERT, the small group within the Department of Homeland Security (DHS) that is responsible for such efforts, is underfunded and holds little authority, experts say. "The part of the U.S. government that has responsibility for this doesn't have the authority to command attention from within other parts of the government, and it doesn't have the money to get the work done that is on its plate," says cybersecurity expert Bill Woodcock, who traveled to Estonia to help during the attack. Jerry Dixon, acting director of the DHS' National Cyber Security Division, which runs US-CERT, says the situation is improving, citing the increased number of incident reports from the private sector and from government agencies reporting suspicious Internet activity, but that a great deal of work is still needed, particularly in developing state-level preparedness efforts and in preparing for a simultaneous attack against several major networks. (go to web site) "Beyond Passwords: Five New Ways to Authenticate Users" Computerworld (06/05/07) ; Vance, Jeff New types of authentication are on the way to making traditional username and password combinations obsolete. Some methods, like Porticus, a voice measuring software, and traditional fingerprint scans are becoming more affordable and more widely used. These types of authentication employ conventional biometric techniques, which means any user's access into a network is dependent on a physical trait. Other new programs apply behavioral and cognitive biometrics, which use an individual's unique thought processes to identify them. Security experts hope that these new types of user validation will greatly improve network security and eliminate the IT inconveniences of passwords. (go to web site) "Signature Style" Government Computer News (05/28/07) Vol. 26, No. 12, ; Wu, Corinna Under guidelines issued by the Federal Financial Institutions Examination Council, financial institutions must use multifactor identification systems--which rely on the traditional username and password along with another method of verification--in order to reduce the risk of account fraud and identity theft. One type of technology that some financial institutions are considering is keystroke dynamics, which verifies a user based on how he types his password. Keystroke dynamics systems record how long keys are held down and the time between presses when someone enters their password. After a training period of about nine samples, the technology creates a statistical representation of that person's typing pattern. The next time the user logs on, the system compares the password to the template it created. If the way the password is entered matches the template, the user is granted access; if not, access is denied. In addition to financial institutions, state and local governments are also considering keystroke dynamic products because they are more cost effective than fingerprint scanners, smart cards, and passcode-generating tokens. Unlike these platforms, keystroke dynamic technology is purely a software solution, which means that it can be easily installed and updated. (go to web site) Abstracts Copyright © 2007 Information, Inc. Bethesda, MD |
No comments:
Post a Comment