Friday, August 24, 2007

Security Management Weekly - August 24, 2007

header

  Learn more! ->   sm professional  

August 24, 2007
 
 
CORPORATE SECURITY  
  1. " Office Computer Monitoring Gets More Sophisticated"
  2. " Data Thieves Hit Monster.com Site" Thieves Steal 1.6 Million Records as Part of Phishing Scheme
  3. " Madonna to Celebrate Rosh Hashana in Israel" Security Will Protect Pop Star From Paparazzi
  4. " 'Dean' Causes Rush on Security Business" Hurricane Dean Prompts Strong Demand for Private Security Services in Jamaica
  5. " Aiming to Protect and Serve" Revenues Increasing for Private Security Sector
  6. " Survey: Firms Using More Background Checks on Job Seekers"
  7. " 10-Steps to Prepare for E-Discovery"

HOMELAND SECURITY  
  8. " Turkish Plane Hijacker Trained by Al Qaeda: Reports" Al Qaeda Terrorists Hijack Plane in Turkey, Try to Enter Cockpit
  9. " Va. Tech Review Recommends Steps to Avert Another Tragedy"
  10. " Missouri Task Force Recommends How to Make College Campuses Safer"
  11. " Strategy Game Trains Cops and Firefighters"
  12. " Can a Government Remotely Detect a Terrorist's Thoughts?"
  13. " Cooperation Southern Style" Georgia's Business Operating Center Could Serve as National Model for Public-Private Disaster Preparedness

CYBER SECURITY  
  14. " A New Method to Detect Software Theft"
  15. " Phishing Researcher 'Targets' the Unsuspecting" Researcher Attempts to Determine Potential New Phishing Tactics


   









 

"Office Computer Monitoring Gets More Sophisticated"
Associated Press (08/20/07) ; Bergstein, Brian

A growing number of companies are implementing new software that automatically monitors employee messages and documents for compliance with security regulations. Because sensitive data can escape through multiple digital channels, companies afraid of insider thefts and data breaches are using technology to oversee employee emails, Web postings, instant messages, and offline documents. Some programs can detect when specific keywords are entered in Web forms or documents, and will then warn the user or thwart the action. Similar technologies dig deeper, reviewing information with databases and documents in file services, and can stop files from being moved to portable devices such as USB drives. Discovering sensitive information in an unsuitable spot is essential to ensuring that the data is not accidentally disseminated. While such software typically warns compliance officers of such sightings, software will increasingly repair such messes automatically. And yet, because these technologies are relatively new, software will sometimes mistakenly block an item or generate irritating streams of pop-up alerts. In addition, less than 1 percent of discovered violations are actually disobeying any rules, and the majority of those infringements are accidental. Moreover, criminals can circumvent the technology. However, in a world where reputation and ethics require vigilant oversight, employers and employees are anticipated to accept the growth of compliance-watchdog technologies.
(go to web site)

"Data Thieves Hit Monster.com Site"
Boston Globe (08/22/07) ; Bray, Hiawatha

Security firm Symantec recently discovered that a Ukraine-based computer server contains some 1.6 million records stolen from the online job-search site Monster.com. Symantec informed Monster about the discovery, and Monster plans to "take all necessary steps to mitigate the issue, including terminating any account used for illegitimate purposes," says Monster's Vice President for Compliance and Fraud Prevention Patrick W. Manzo. The stolen records include names, email addresses, and phone numbers, but not Social Security numbers or financial information. Apparently, the records were stolen to harvest emails as part of an elaborate "phishing" scheme in which people who have posted resumes at Monster receive a phishing email that appears to have been sent by Monster. The fake Monster email advises the recipient to install a job-search program; recipients who install the program will actually be downloading a keylogger program or ransomware program. The former program records online banking passwords without the user's knowledge, while the latter places a virtual lock on important computer files, preventing them from being accessed unless the user pays a $150 ransom. Symantec's David Cole explains the data thieves used a hidden Trojan horse program running on thousands of PCs to steal a legitimate Monster password, thereby gaining access to the Monster resumes. The password probably was stolen from an employer that has an account with Monster, Manzo said.
(go to web site)

"Madonna to Celebrate Rosh Hashana in Israel"
Jerusalem Post (08/23/07) ; Burstein, Nathan

Madonna is planning to visit Israel to celebrate Rosh Hashana, and the pop star's handlers are planning unspecified security measures to ensure that her visit is better than her last one in September 2004, when she was hounded by paparazzi. Madonna will be accompanied by husband Guy Ritchie and their children, along with actors Demi Moore and Ashton Kutcher and fashion designer Donna Karan. Actor Bruce Willis may also be part of Madonna's entourage. During her last trip to Israel, Madonna was protected by a phalanx of private security guards and police officers. A spokesman for the Kabbalah Center, with which Madonna is affiliated, said that the center would try to avoid a repeat of what happened during Madonna's last visit by requesting that paparazzi keep their distance from Madonna and other celebrities who will take part in a pilgrimage. "We've talked about [those problems] and we hope it will be different," said the spokesman, who declined to reveal specific security procedures.
(go to web site)

"'Dean' Causes Rush on Security Business"
Jamaica Gleaner (08/24/07) ; Gordon, Susan

The private security service sector in Jamaica was one of the few to benefit from Hurricane Dean, with companies reporting an average of 10 percent more business. Those providing service for industrial companies benefited the most from worries over possible looting. "For the clients who have the round-the-clock security, we planned and made preparation, but the unforeseen came when clients concerned for their safety of assets and the looting requested additional attention," says George Overton, president of Jamaica Society for Industrial Security and the director of operations for the Guardsman Group. Also increasing business was demand for alarm visitation as well as personnel transport, the latter of which forced some security firms to swallow losses as they acquired specialized vehicles.
(go to web site)

"Aiming to Protect and Serve"
Investor's Business Daily (08/20/07) P. A9 ; Much, Marilyn

Companies that provide security and safety products and services are part of an overall industry whose stock ranks at No. 38 out of 197 industry segments, according to Investor's Business Daily. "The aftermath of 9/11 has created a continuing and accelerating backdrop for revenue in the security companies, whether they be military related or homeland security related or ultimately commercially related," says Lehman Bros. analyst Jeffrey Kessler, who foresees increased fragmentation and consolidation within the industry. The Freedonia Group predicts that demand for private contracted security services in the United States will grow 4.3 percent annually, to $48 billion by 2010. Included in this prediction are security segments such as armored vehicles, alarm monitoring, and the management of correctional facilities. Indeed, the top three private prison operators are expected to deploy high-tech monitoring and surveillance technologies within their newest facilities. The Freedonia Group also predicts that terrorism, computer-based threats, and white-collar crimes will help drive demand for private security companies.
(go to web site)

"Survey: Firms Using More Background Checks on Job Seekers"
Greenwich Time (CT) (08/23/07) ; Lee, Richard

A new survey of 73 companies in Fairfield County, Conn., and metropolitan New York City finds that 65 percent use third-party service providers to conduct formal background checks on job applicants during the hiring process. These background checks include criminal checks, education checks, and even credit checks, according to the joint survey from consulting firms Performance-Solutions-Group and OperationsInc. OperationsInc CEO David Lewis was shocked by the results of the survey, noting that 65 percent is a high percentage and one that indicates companies are no longer taking the information on resumes for granted. "Better than 50 percent of resumes contain something inaccurate," Lewis says, adding that the survey results demonstrate "the high level of concern that today's employer has about the integrity of information being provided by candidates for employment." The two consulting firms sent the survey to 400 companies within 40 miles of Stamford, Conn.
(go to web site)

"10-Steps to Prepare for E-Discovery"
AIIM E-DOC Magazine (08/07) Vol. 21, No. 4, P. 14 ; Mansperger, Mike

The task of conforming to regulatory requirements for record keeping and confidentiality can be facilitated by the use of technology. But successful e-discovery through an electronic system requires such things as identifying all information sources and storage locations like paper documents, photos, word processing documents, spreadsheets, instant messages, and digital photos. It is also crucial to document business processes--or the manner in which data flows across an organization--to verify operational consistency and provide audit logs. To standardize an organization's records, it is necessary to classify record types as well as determine preservation, retention, and destruction periods within a records management policy.

This policy also serves to guide an organization when a legal hold has been issued that may require a suspension of destruction. It is also crucial to set up electronic storage media and back-up policies based on such things as the need for direct access storage devices or write once/read many formats. Next, a person who will oversee the maintenance of the system and ensure compliance to the policies needs to be appointed. New employee orientations should address policies, procedures, and use guidelines, and the organization should conduct regular assessments of its policies and update them if necessary.

"Turkish Plane Hijacker Trained by Al Qaeda: Reports"
Washington Post (08/20/07)

Two men hijacked a plane en route from Cyprus to Istanbul on Saturday and unsuccessfully attempted to force their way into the cockpit before the plane landed in Antalya, Turkey. Several media outlets are reporting that the men attended Al Qaeda terrorist camps, where they received training. One of the men allegedly told the 136 passengers on the plane that he was an Al Qaeda operative. The two terrorists hijacked the plane just 15 minutes into the flight by claiming that they had a bomb; the "bomb" was actually a hunk of modeling clay with wires. The terrorists were demanding that the plane divert to Tehran, and reports suggest that their ultimate destination was Afghanistan, where they intended to join Al Qaeda. The hijackers are reportedly Turkish and Egyptian, although other reports suggested that one was a Palestinian with a Syrian passport. The incident ended peacefully when the hijackers surrendered after five hours on the ground.
(go to web site)

"Va. Tech Review Recommends Steps to Avert Another Tragedy"
Washington Post (08/23/07) P. B1 ; Jenkins, Chris L.; Horwitz, Sari

The latest recommendations from three review committees in the wake of the April 16 shootings at Virginia Tech focus on university communication systems improvements, better privacy issue training for staff members, increased security for students and faculty, and reforms for the university's counseling system to ensure troubled students get the help they need. In terms of communication recommendations, the review committees indicated electronic banners in classrooms and hallways could be used to alert students to emergencies, and a location system could be used to pinpoint where students are should emergencies arise. Security recommendations included the use of locks on the inside of classroom doors to prevent killers from entering classrooms at random. The review panels also indicated changes be made to the counseling system to increase monitoring of students deemed a possible danger to themselves or others. Additionally, student health records should be shared among university staff to ensure monitoring systems are functional; it is not clear whether Virginia Tech's officials shared information on the April 16 gunman. Parents, however, continued to criticize university officials for not locking down the campus to prevent more student and faculty deaths, but the officials rebutted, "A lockdown is simply not feasible on a campus the size of a small city."
(go to web site)

"Missouri Task Force Recommends How to Make College Campuses Safer"
Kansas City Star (08/21/07) ; Wagar, Kit

Missouri's Campus Security Task Force has released a set of 33 guidelines designed to make the state's college campuses safer. The task force, formed in the wake of April's shootings at Virginia Tech, recommends creating a "culture of preparedness" by coordinating response plans with local police and fire departments. The guidelines also say that schools should train faculty, staff, and students on what they should do in the case of an emergency. Although the report describes Missouri colleges as safe, it also shows that while 86 percent of the schools have an emergency plan, less than 30 percent have coordinated with local police and fire departments. About two-thirds of the schools have a system in place for identifying and managing troubled students, but just 40 percent of the schools participate with nationally accredited crisis training programs. The report also suggests that colleges expand counseling services and train staff on how to assess students that could present a threat. Many of the recommendations in the report could be addressed by colleges for a low cost, especially considering the increased state funding that they should receive in the next three years.
(go to web site)

"Strategy Game Trains Cops and Firefighters"
PC World (08/23/07) ; McMillan, Robert

Graduate students from the University of Southern California's Viterbi School of Engineering are collaborating with Sandia National Laboratories on a real-time strategy game that allows police officers, fire fighters, and other first responders to practice emergency scenarios. The game, Ground Truth, is realistic because events in the game occur in real time, putting added pressure on first responders to act swiftly. Jim Pointer, the medical director of Alameda County's Emergency Medical Services Agency, recently completed an intense session of Ground Truth that called for him to oversee a city's response to a toxic chemical spill. During the scenario, he was responsible for managing traffic barriers, putting hazmat teams and police cars in position to respond to the spill, and managing medical collection points while keeping an eye out for toxic plumes. Pointer says the game is fun, educational, and has great promise. Blizzard Entertainment's Warcraft III game provided inspiration for Ground Truth, which could eventually receive funding from private industry or even the Homeland Security Department.
(go to web site)

"Can a Government Remotely Detect a Terrorist's Thoughts?"
New Scientist (08/11/07) Vol. 195, No. 2616, P. 24 ; Marks, Paul

The U.S. Homeland Security Department's Project Hostile Intent (PHI) has the ambitious goal of projecting "current or future hostile intentions" among the 400 million people who enter the country each year through remote behavior analysis systems, according to DHS representative Larry Orluskie. He explains that PHI intends to identify physical markers (blood pressure, heartbeat, facial expressions, etc.) associated with hostility or the desire to deceive, and apply this knowledge toward the development of "real-time, culturally independent, non-invasive sensors" and software that can spot such behaviors. Such sensors could include infrared light, heart rate and respiration sensors, eye tracking, laser, audio, and video. For four years, the U.S. Transportation Security Administration has been using the Screening Passengers through Observation Techniques (SPOT) program to detect suspicious people through study of micro-expressions--involuntary facial telltales that indicate attempts to deceive--but the process is costly and arduous, and is not something a baggage screener or customs official can do in addition to their regular duties. The automation of the SPOT program, with computers instead of people screening for micro-expressions and other suspicious bodily indicators, is the impetus behind PHI. Experts doubt that such capability could be accomplished by the end of the decade, if at all, and are skeptical that such systems could identify hostile micro-expressions in a potential terrorist, given the lack of knowledge about and complexity of such expressions. Another unknown factor is whether such signs could be spotted hours or even weeks before a terrorist incident. There is also the danger that innocents who are highly emotional or aggravated due to stress might be flagged as potential terrorists.
(go to web site)

"Cooperation Southern Style"
Security Management (07/07) Vol. 51, No. 7, P. 68 ; Janak, Lisa

The Sept. 11 terrorist attacks and Hurricane Katrina made clear just how important disaster preparedness is, yet many state, local, and federal agencies are still working on their disaster preparedness plans. The state of Georgia, where natural disasters pose a greater threat than terrorism, is partnering with the private sector to enhance the state's preparedness and response planning. The centerpiece of this partnership is a business operating center (BOC) network of 40 companies that many experts say could serve as a national model for public-private disaster preparedness efforts. The BOC was born after the remnants of Hurricane Katrina--including 18 highly destructive tornadoes--passed through the state, prompting local businesses to offer their help. As a result, the Georgia Emergency Management Agency and the Georgia chapter of the Business Executives for National Security created the BOC. The BOC supplements a State Operations Center (SOC) where Georgia Emergency Management Agency personnel oversee the state government's efforts to respond to and recover from a disaster. During an emergency, the BOC can place two business emergency coordinators in the SOC; these BOC coordinators have access to the state's Web-based emergency management system within the SOC--even if they are off-site--and can forward information and requests for assistance to various businesses. Businesses can then quickly provide the materials and assistance that is requested.
(go to web site)

"A New Method to Detect Software Theft"
Informationsdienst Wissenschaft (08/23/2007)

Comparing the behavior of software programs is one way for companies to determine whether their software has been incorporated into other programs. Researchers at Saarland University in Germany have developed a tool, API Birthmark, that allows users to run their own program and a foreign program, analyze their behavior, and find similarities. A high degree of similarity detected by API Birthmark would suggest that code theft likely occurred, and that further investigation should be considered. The approach is different from other detection methods that focus on the code of the program, which can be easily obfuscated without destroying it, making it difficult to prove in court that software theft occurred. However, it would be difficult to change the behavior of a program without breaking it, similar to a birthmark. David Schuler, Valentin Dallmeier, and Christian Lindig have written a paper on the birthmarking technique, which was accepted for the Automated Software Engineering (ASE 2007) conference in Atlanta.
(go to web site)

"Phishing Researcher 'Targets' the Unsuspecting"
Network World (08/13/07) Vol. 24, No. 31, P. 26 ; Brodkin, Jon

Indiana University professor and cybersecurity researcher Markus Jakobsson launches innocuous attacks on unsuspecting Web surfers as part of an effort to discover what scams people are prey to and determine potential new phishing tactics. He argues that such experiments are valuable in figuring out what phishing countermeasures are and are not effective, and anticipating trends by discovering as-yet unexploited human vulnerabilities. It is critical to Jakobsson's experiments that his research subjects remain unaware of their participation to make the results as authentic as possible. Victims of online attacks frequently disclose sensitive information or have their computers hijacked by hackers, and one of Jakobsson's tests revealed that efforts to educate the public about the hazards of online attacks are inadequate.

One of his findings indicated that people are willing to respond to bogus emails if the hacker correctly identifies the first four digits of their credit card numbers. In another experiment, in which email addresses were targeted from a social networking site that listed political affiliations, Jakobsson observed that people on the far right and far left were more susceptible to phishing emails than people in the middle. Some of the people and institutions Jakobsson has used as guinea pigs, such as eBay, appreciate the insights he has uncovered and applied them toward the improvement of their security protocols. Jakobsson and colleagues also launched a phishing attack on unsuspecting students at IU. The results of this experiment can be found in the October 2007 issue of Communications of the ACM.
(go to web site)

Abstracts Copyright © 2007 Information, Inc. Bethesda, MD


  ASIS also offers a daily and a non-sponsored, special-content Professional Edition of
Security Newsbriefs. Please click to see a sample or to contact us for more information.

Unsubscribe | Change E-mail | Advertising Opportunities | Security Management Online | ASIS Online

No comments:

Post a Comment