Friday, January 23, 2009

Security Management Weekly - January 23, 2009

header

  Learn more! ->   sm professional  

January 23, 2009
 
 
CORPORATE SECURITY  
  1. " 3 Dead, 10 Wounded in Belgium Day Care Stabbings" Dendermonde, Belgium
  2. " Heartland Says It Has Closed Security Hole"
  3. " Ruling Parties Largely Agree on Defense Force's Antipiracy Mission" Japan
  4. " What's Behind Dramatic Drop in S-E Asian Piracy"
  5. " Hit-and-Run Thieves Strike Maine Stores"

HOMELAND SECURITY  
  6. " Obama Closes Detention Network"
  7. " U.S. Envoy Notes Risks of Earlier Withdrawal From Iraq"
  8. " Pakistan Raid Captures Seven Near Afghanistan"
  9. " Powder Scare at Journal" Wall Street Journal Newsroom Evacuated
  10. " Napolitano Takes Over Homeland Security"

CYBER SECURITY  
  11. " McAfee Warns of Economy-Based Threats"
  12. " U.S. Plots Major Upgrade to Internet Router Security"
  13. " Windows Encryption Programs Open to Kernel Hack"
  14. " New York Plans Application Security Program"
  15. " Sorting Diamonds From Toothbrushes: New Guide to Protecting Personal Information" NIST Releases Guidelines for Protecting Personally Identifiable Information at Federal Agencies


   






 

"3 Dead, 10 Wounded in Belgium Day Care Stabbings"
Associated Press (01/23/09) ; Mayo, Virginia

Police in the Belgian town of Dendermonde are investigating a stabbing spree that claimed the lives of two young children and a woman at a day care center on Friday. Ten others were injured in the attack. According to witnesses, a man rode his bike into the day care center in the town 20 miles northwest of Brussels and immediately began stabbing children and the day care center's employees. The man then fled but was captured at a nearby supermarket. According to Belgian television, the suspect was a local man who was known to police.
(go to web site)

"Heartland Says It Has Closed Security Hole"
Associated Press (01/22/08) ; Robertson, Jordan

Heartland Payment Systems says the security hole that allowed data thieves to infiltrate their systems and steal cardholder information in transit throughout the network has been shuttered. Heartland has not yet named retailers that may have been affected by the breach; the company processes 100 million transactions a month, mostly for small medium-sized businesses. This does not allay concerns that the hackers got away with data on scores of cardholders. "Once your data has been compromised, you have to assume all your data's been compromised, unless you can prove otherwise," says Sophos security analyst Michael Argast. Secret Service investigators are considering the possibility that the thieves involved in the breach might be participants in an international hacker ring that targets financial institutions.
(go to web site)

"Ruling Parties Largely Agree on Defense Force's Antipiracy Mission"
Japan Economic Newswire (01/20/09)

Japan's Liberal Democratic and New Komeito parties agreed in principal to a proposed deployment of Maritime Self-Defense Force vessels on an anti-piracy mission off Somalia. If the proposal is formally accepted, the MSDF vessels would provide an escort through the pirate-infested region for Japanese-registered ships and foreign ships with Japanese crew, passengers, or shipments on-board. Coast guard officials would board the ships to make arrests and collect evidence if the ships encounter pirates. The vessels will be dispatched under a policing provision of the Self-Defense Forces Law that allows the protection of Japanese lives and assets at sea. However, this provision only allows weapons to be used in self-defense or to avoid imminent danger when the forces are outside of Japanese territorial waters. Lawmakers are working on legislation that would expand the authority of the SDF in anti-piracy operations. Once the proposal is accepted, it will take at least a month for the Defense Ministry to determine rules of engagement and communication methods for the operation. Over a dozen countries, including the United States and China, have already deployed their navies to Somalia to protect shipping lanes.
(go to web site)

"What's Behind Dramatic Drop in S-E Asian Piracy"
Straits Times (01/19/09) ; Storey, Ian

Pirates may be disrupting traffic through Africa's Gulf of Aden, but the International Maritime Bureau reported that just 65 pirate attacks took place in south Asian waters in 2008, compared to 187 in 2003. One major factor in the decline has been the cooperation between Singapore, Indonesia, and Malaysia. The three nations launched the Malacca Strait Patrols in mid-2004 to improve security in the vital waterway, which is used by over 100,000 vessels each year. Indonesian President Susilo Bambang Yudhoyono also increased naval patrols off his country's coast and increased intelligence gathering operations to crackdown on pirates. The United States has aided Southeast Asian countries by running training programs, providing millions of dollars worth of equipment, and conducting joint exercises. Most of the U.S. funding has gone to improving security in the Sulu and Celebes seas, which has historically been a haven for piracy and drug trafficking. The area has also been used by terrorist groups, including Jemaah Islamiyah, to move guns and people around the region. Despite progress over the past five years, there are concerns that the global financial crisis will force countries to scale back their anti-piracy efforts in 2009.
(go to web site)

"Hit-and-Run Thieves Strike Maine Stores"
Portland Press Herald (Maine) (01/18/09) P. D1 ; Quimby, Beth

The economic downturn has led to an increase in retail crime across the country. The National Retail Federation found that 85 percent of retailers were victimized by criminals in 2008, up 6 percent from 2007. In Maine, many retailers are being robbed by professional shoplifters and burglars. The state has set up a special task force in order to develop new measures to combat retail theft. The 14-member Organized Retail Crime Task Force includes retailers, police officers, and prosecutors. One possible way to reduce theft in Maine would be to reform shoplifting laws. Currently shoplifting is not a felony unless the person steals over $1,000 in goods, a higher threshold than in many neighboring states. The task force is also considering improved training for businesses that cannot afford to hire private security guards. Surveillance cameras can help retailers catch shoplifters in the act and serve as a deterrent to potential thieves.
(go to web site)

"Obama Closes Detention Network"
Wall Street Journal (01/23/09) ; Bravin, Jess; Gorman, Siobhan

President Barack Obama issued a number of orders to begin reforming the global detention network set up during the Bush administration. Several orders dealt with the detention center at Guantanamo Bay, which President Obama ordered be closed within a year. The attorney general will lead a multi-agency review of each detainee's case to determine whether they can be repatriated or tried in U.S. federal court. Another order forbids the CIA from operating secret prisons and allows the International Committee of the Red Cross to have access to all terrorism suspects in U.S. custody. The new orders also established a six-month review of detention policies and invalidated any guidance provided by the Justice Department between the Sept. 11 terrorist attacks and the end of the Bush administration. "The message that we are sending around the world is that the United States intends to prosecute the ongoing struggle against violence and terrorism," said President Obama. "And we are going to do so in a manner that is consistent with our values and our ideals." Although the new orders signal that the Obama administration is distancing itself from the policies of President Bush, members of the Senate were concerned that Dennis Blair, nominated to take over as director of national intelligence, refused to state whether he believes that waterboarding is torture when asked to do so during a Senate confirmation hearing.
(go to web site)

"U.S. Envoy Notes Risks of Earlier Withdrawal From Iraq"
Wall Street Journal (01/23/09) ; Chon, Gina

Violence in Iraq may be at its lowest level in several years, but U.S. Ambassador Ryan Crocker warned that an early withdrawal of American troops could allow al-Qaida to rebuild in the country. Crocker, who will retire from his post in February, also said that neighboring nations could interfere in Iraq if American troops leave before the situation is stable. President Obama recently asked his administration to form a plan that would withdraw American combat troops from Iraq within 16 months. Although Iraqi security forces have taken on additional responsibility, the upcoming local elections will be a big test for the nation's security. Several candidates were recently assassinated, but widespread violence has not broken out and the integrity of the elections has not yet been compromised. "It's very important that they be perceived as free and fair," said Crocker. "They are not going to be perfect but they need to be credible." The Iraqi government is now spending more time on political issues due to the improving security situation, focusing on the country's relationship with Kurdistan and the role of the national government.
(go to web site)

"Pakistan Raid Captures Seven Near Afghanistan"
Wall Street Journal (01/23/09) ; Hussain, Zahid; Rosenberg, Matthew

Pakistani paramilitary forces on Wednesday captured seven Islamic militants in a village in Pakistan's Khyber region, one of the lawless tribal areas in which Taliban and al-Qaida have been holed up since the U.S. removed the Taliban from power in Afghanistan in 2001. Among the militants captured was Zabi ul Taifi, an alleged al-Qaida operative that may have had a role in 2005 London transit bombings, which killed 52 people. However, British authorities say they are uncertain if Taifi had a role in the attack. The six other men arrested in the raid allegedly took park in Taliban attacks on NATO supply convoys moving through Khyber while en route to Afghanistan. Pakistani security officials said the raid was made possible by the longstanding counterterrorism cooperation between the U.S. and Pakistan. However, the official declined to say exactly how Washington and Islamabad have been cooperating.
(go to web site)

"Powder Scare at Journal"
Newsday (01/22/09) P. A36 ; Parascandola, Rocco

On Jan. 21, the newsroom of The Wall Street Journal was evacuated after more than a dozen envelopes, some containing white powder--later identified by the police as probably flour--were received; Harvard Law School also received similar mail that same day. The FBI's Gail Marcinkiewicz says about seven other suspicious envelops containing white powder were sent to other locations in Massachusetts, though authorities believe those are unrelated to the Harvard and Wall Street Journal scares. The New York Police Department says the envelopes could be related to mail with white powder, which was found to be harmless, that was sent to Fox News and several conservative media commentators on Dec. 2. The FBI says five employees at The Wall Street Journal were decontaminated as a precaution. A police source says the powder does not appear to be anthrax or a toxic chemical, but it will be tested to be sure. The Wall Street Journal says that the mail was addressed to several executives located in the Dow Jones building on Water Street. Police say each letter had a different return address in Knoxville, Tenn.
(go to web site)

"Napolitano Takes Over Homeland Security"
Arizona Daily Star (01/21/09) ; Fischer, Howard

Janet Napolitano was confirmed by the Senate to serve as the third head of the U.S. Department of Homeland Security. Napolitano's appointment was approved on a voice vote hours after President Barack Obama's inauguration. Although there was no discussion before the vote, many senators involved in previous confirmation hearings were impressed by her experience as governor of a border state. Napolitano said that fences alone will not stop illegal immigration, though she supports putting up fences in urban areas. She called for additional border patrol staff and increased penalties for employers that knowingly hire illegal immigrants. Napolitano also favors the creation of more secure state driver's licenses, even though she signed state legislation that prevented Arizona from complying with the federal requirement due to cost. As the head of Homeland Security, Napolitano will lobby for additional funding to help states create and issue the new licenses.
(go to web site)

"McAfee Warns of Economy-Based Threats"
Computer Business Review (01/20/09) ; Evans, Steve

Cybercriminals will use the current economic crisis to heighten attacks on unemployed individuals or those concerned about the economy, according to the 2009 Threat Prediction Report released by the security vendor McAfee. The report draws attention to increased threats of malware attacks through USB drives and other removable devices. McAfee's Greg Day told reporters that attackers will use economic fears to their advantage. "Unemployed people or those worried about their job may be tempted by an offer to upload their CV to a job site; if that site is fake then they've opened themselves up to data theft," the security analyst warned. "People may also be tempted by offers of low-interest loans." As businesses transition to Web 2.0, or cloud computing, and attackers increasingly rely on single-use binary files to launch malware, investigators face many challenges this year in the war on cybercriminals and theft, the report states.
(go to web site)

"U.S. Plots Major Upgrade to Internet Router Security"
Network World (01/15/09) ; Marsan, Carolyn Duffy

The U.S. Department of Homeland Security (DHS) plans to quadruple its investment in research dedicated to securing the Border Gateway Protocol (BGP) by adding digital signatures to router communications. DHS says the research initiative, dubbed BGPSEC, will prevent routing hijackings and accidental misconfigurations of routing data. DHS expects BGPSEC to take several years to develop prototypes and standards and at least four years before deployment. Experts have praised the accelerated effort, as BGP is one of the Internet's most vulnerable faults. "The reason BGP problems are so serious is that they attack the Internet infrastructure, rather than particular hosts," says Columbia University professor of computer science Steve Bellovin. "This is why it is a DHS-type of problem." Arbor Networks' Danny McPherson says BGP is one of the largest threats on the Internet. "There doesn't exist a formally verifiable source for who owns what address space on the Internet, and absent that you can't really validate the routing system," McPherson says. The extra funding should enable the DHS to develop ways of authenticating Internet Protocol (IP) address allocations and router announcements on how to reach blocks of IP addresses. DHS funding for router security will rise to approximately $2.5 million per year beginning this year, up from about $600,000 per year over the last three years, says Douglas Maughan, DHS program manager for cybersecurity research and development.
(go to web site)

"Windows Encryption Programs Open to Kernel Hack"
Techworld (01/15/09) ; Dunn, John E.

German researcher Bern Roellgen has discovered a new form of computer attack that hides within mounted volumes in Windows encryption programs. He says that when these on-the-file encryption programs move undeterred through the password information via the Windows programming operation DeviceIOControl, they can be used by the attacker to indirectly access data through vulnerabilities in the Windows operating system. As part of the "Mount IOCTL" (input/output control) Attack, the hacker would have to switch a tampered version of the DeviceIOControl operation within the kernel with one capable of logging I/O control codes in order to identify the one used by an encryption platform. Once identified, the plaintext encryption and decryption password would be viewable. Coordinating such an attack would be difficult, Roellgen acknowledges, but theoretically it is possible. "As this kind of attack has so far been unknown, it is very likely that all disk encryption products which mount virtual volumes are affected," he says. Roellgen recommends using a Diffie-Helman key interchange setup between the encryption platform and the driver.
(go to web site)

"New York Plans Application Security Program"
InternetNews.com (01/14/09) ; Adhikari, Richard

Will Pelgrin, the director of New York's office of cyber security and critical infrastructure coordination, and Jim Routh, the chief information security officer of Depository Trust and Clearing, have developed language for New York's software procurement contracts that requires vendors to provide security for the applications they sell. Once the language is adopted, vendors will be required to conduct an analysis of the top 25 programming errors that lead to Web security problems. The list of those errors was released Jan. 13. In addition, vendors will be required to document in writing that the errors have been mitigated. The language is being sent to all information security officers in New York for their review. Pelgrin plans to meet with them on Feb. 10 to discuss the implementation of the language. New York also is planning to work with top universities and colleges in the state to open a cyber academy that would give students a basic foundation in how to secure application development. Pelgrin expects the first class to graduate from the academy sometime this year or next year. After the students graduate, the state plans to conduct periodic assessments to determine whether they are implementing what they have been taught, Pelgrin says.
(go to web site)

"Sorting Diamonds From Toothbrushes: New Guide to Protecting Personal Information"
NIST Tech Beat (01/13/09) ; Stein, Ben

The National Institute of Standards and Technology (NIST) has released a draft guide that federal agencies and other organizations can use to protect the personally identifiable information (PII) they store from unauthorized use or release. The guidelines urge agencies to tailor the protection they give to certain information to the risk involved in holding that data. This process should begin by grading PII by the degree of harm that could be done if the data is accidentally revealed. The organization should then take steps to secure PII based on the perceived potential for harm. For instance, an organization may want to give its employees who access moderate- and high-impact PII extra training, and restrict access to high-impact PII from mobile devices that are more prone to security breaches. In addition, the guidelines call on organizations to identify all the PII they hold, reduce the amount of this information they collect so they only store what they absolutely need, and develop incident response plans to handle data breaches. When developing these plans, organizations should determine when and how individuals affected by such breaches should be notified and whether or not to provide remedial services to affected individuals.
(go to web site)

Abstracts Copyright © 2009 Information, Inc. Bethesda, MD


  ASIS also offers a daily and a non-sponsored, special-content Professional Edition of
Security Newsbriefs. Please click to see a sample or to contact us for more information.

Unsubscribe | Change E-mail | Advertising Opportunities | Security Management Online | ASIS Online

No comments:

Post a Comment