Friday, December 11, 2009

Security Management Weekly - December 11, 2009

header

  Learn more! ->   sm professional  

December 11, 2009
 
 
Corporate Security

  1. "Heartland Lawsuit Dismissed, 'Insufficient Evidence' of Weak Security"
  2. "New Squeeze: You've Got Blackmail"
  3. "Pirates Beware: AG's Web Cops Cracking Down"
  4. "Hacked Email Climate Scientists Receive Death Threats"
  5. "iPhone Winning Over Some Corporate Security Skeptics"
Homeland Security

  1. "Blackwater Guards Tied to Secret Raids by the C.I.A."
  2. "Pakistan: U.S. Students Tried to Join Militants"
  3. "TSA Accidentally Reveals Airport Security Secrets"
  4. "Chicago Terrorism Suspect Charged by U.S. Over Mumbai Attacks"
  5. "U.S. Sees Homegrown Muslim Extremism as Rising Threat"
Cyber Security

  1. "TSA Breach Exposes PDF File Risk"
  2. "DHS Releases Cyber Incident Response Draft Plan"
  3. "Five Critical Patches Issued for Internet Explorer"
  4. "Cyberattacks Against Critical U.S. Networks Rising at a Faster Rate"
  5. "Scientists Promise an End to Web Attacks"

   

 
 

 


Heartland Lawsuit Dismissed, 'Insufficient Evidence' of Weak Security
Storefront Backtalk (12/10/09) Schuman, Evan

A lawsuit against Heartland Payment Systems was dismissed by U.S. District Court Judge Anne E. Thompson, who ruled that the investor plaintiffs had not produced sufficient evidence that the payment processor knew it had poor security and deliberately misled shareholders. The lawsuit stems from a data breach in which cyberthieves broke into Heartland's payroll system through an SQL attack. Although Heartland investigators concluded that no data was stolen from the payroll program, according to Thompson they were unaware that the hackers had embedded another piece of malware in the system that infected payment processing and enabled the cybercriminals to steal tens of millions of credit and debit card numbers. She also ruled that the company can state it has strong security without implying that it is completely impenetrable. "The fact that a company has suffered a security breach does not demonstrate that the company did not 'place significant emphasis on maintaining a high level of security.' " Thompson wrote. "It is equally plausible that Heartland did place a high emphasis on security but that the company's security systems were nonetheless overcome."


New Squeeze: You've Got Blackmail
Wall Street Journal (12/10/09) McQueen, M.P.

The number of cases of blackmail appear to be on the rise as the result of the recession, private security experts say. Among the private security experts who have seen an uptick in the number of blackmail cases is Paul Viollis, the chief executive officer of the New York-based security and investigations firm Risk Control Strategies. Viollis noted that he is currently handling 40 active cases of blackmail involving high-net-worth clients, and is adding two to five more cases each month. He added that he used to handle only about eight cases of blackmail a year. According to Viollis, the increase began last November when one of his clients was blackmailed by a former business partner who claimed that the client had committed Securities and Exchange violations in the past. The accusations were false, and the blackmailer stopped trying to extort money from the client after Viollis confronted him. But not all blackmailing incidents are about money, security experts say. They point out that there are a growing number of incidents in which the blackmailer is trying to punish or humiliate the victim for what they believe is his undeserved success. Other cases of blackmailing involve difficult family relationships. No matter what the cause of blackmailing, security experts say that they are telling their clients to protect themselves by being guarded in their personal activities and communications and by conducting background checks on key advisers and household employees, who are often the perpetrators of blackmail.


Pirates Beware: AG's Web Cops Cracking Down
Jackson Clarion-Ledger (MS) (12/09/09) Mitchell, Jerry

Mississippi Attorney General Jim Hood reports that the state plans to apply software already used to track Internet-based child pornography to pursue individuals that download pirated and counterfeited materials. Mississippi's Operation Knock Off the Knock Offs is the country's first statewide taskforce designed to deter intellectual property theft. However, the taskforce is expected to serve as a national model for fighting Internet piracy. Supporters of the operation say that it is an important step to not only protect intellectual property rights but also to ensure that counterfeited products that may be dangerous do not harm American consumers. As Bob Barchiesi, president of the International AntiCounterfeiting Coalition says, "The steps that Attorney General Hood is taking by developing this statewide task force will help ensure that consumers are kept safe from the variety of harms that are posed by these cheap, substandard, and illegal products." Hood and his taskforce are also working to encourage universities to prevent students from illegally downloading materials and is working with eBay to tighten security on products sold through its online auction site.


Hacked Email Climate Scientists Receive Death Threats
Guardian Unlimited (UK) (12/08/09) Ravilious, Kate

Two scientists involved in "Climategate," the term that was coined to refer to the hacking of e-mail messages at the Climate Research Unit (CRU) of the University of East Anglia, U.K., have received death threats via e-mail since their messages were leaked last month. The threats are currently under investigation with the FBI, and details cannot be disclosed. Other CRU scientists and colleagues have received similarly threatening and abusive e-mails since the e-mail messages were posted on Nov. 19, leading to accusations of data distortion and falsification regarding global warming. In the United Kingdom, a police investigation has begun in an attempt to uncover how the e-mail was hacked and the messages leaked. The University of East Anglia has also ordered an independent review into the allegations against CRU.


iPhone Winning Over Some Corporate Security Skeptics
SF Gate (12/07/09) Cox, John

Enterprise security experts are reportedly warming up to the iPhone, increasing its popularity in the corporate sector. Much of this popularity may have to do with the release of the iPhone OS 3.0, which relies on Microsoft Exchange security and management features through Microsoft ActiveSync and an improved iPhone Configuration Utility. Recent features that improve the phone's enterprise security potential include Exchange features that allow administrators to erase data on a lost or stolen iPhone. Additional security features are expected to debut in 2010, leading device and security management expert David Field to speculate that the "iPhone has the potential of becoming the most secure mobile device on the market." In order to get to that point, Apple will have to institute support for over-the-air application downloads and firmware updates instead of using iTunes for updates, prevent phones from being jailbroken, and work more closely with third-party security vendors. Even without these features, experts say the current iPhone does meet basic security needs, especially as the phone allows for encryption and lets companies add security layers such as customized password-protection and two-factor authentication software.




Blackwater Guards Tied to Secret Raids by the C.I.A.
New York Times (12/11/09) Risen, James; Mazzetti, Mark

Several former security guards working for Blackwater Worldwide, now known as Xe Services, as well as several current and former American intelligence officials have told the New York Times that Blackwater guards participated in secret CIA raids in Iraq and Afghanistan and helped transport detainees. Initially Blackwater guards were hired to provide only defensive security for CIA bases in Baghdad and Kabul; however, they also began accompanying CIA officers on raids to provide "perimeter security". According to the Times' sources, Blackwater employees, many of whom are former members of units of the Navy Seals or Army Delta Force, often appeared eager to get directly involved in operations and sometimes became "drivers and gunslingers" during raids. Additionally, some Blackwater employees were reportedly hand selected to provide security for detainees transported inside Iraq for their ability to "manage detainees without the use of lethal force." These reports have raised a number of concerns over the legality of permitting private contractors to perform duties intended for government employees. While it is unclear if senior CIA officials were aware of these activities, CIA director Leon E. Panetta has initiated an internal review to examine all Blackwater contracts with the agency. For its part, Blackwater said Thursday that it was never under contract to participate in secret raids with the C.I.A. or with Special Operations personnel in Iraq, Afghanistan, or other countries.


Pakistan: U.S. Students Tried to Join Militants
Chicago Tribune (12/11/09) Rotella, Sebastian; Rodriguez, Alex

Pakistani authorities said on Dec. 10 that the five American men who were arrested this week appear to have been trying to join a militant group to train for jihad. The authorities said they came to that conclusion after recovering laptops, maps, and extremist literature during the raid in Sargodha, Pakistan, the resulted in the arrests of the men. In addition, the men--who disappeared from their Northern Virginia homes late last month--are believed to have communicated with a militant group and may have planned to travel to a al-Qaida and Taliban-dominated town in Pakistan's North Waziristan region. However, U.S. authorities said they were being cautious about drawing any conclusions about the case since the men have yet to be charged with a crime. A U.S. counter-terrorism official also pointed out that it did not appear that the men were on the verge of committing acts of violence. Officials are working to get the men released into the custody of the FBI.


TSA Accidentally Reveals Airport Security Secrets
Washington Post (12/09/09) Johnson, Carrie; Hsu, Spencer S.

The Transportation Security Administration (TSA) announced Tuesday that it accidentally released an insufficiently-redacted copy of its 93-page operating manual online. Some officials say making the manual available to the public has raised serious security concerns as it includes details of TSA operating procedures and possible weaknesses in X-ray systems as well as photographs of credentials used by Congress, CIA employees, and federal air marshals. It also lists circumstances when firearms are allowed past the checkpoint and identifies countries with passport-holders who are subject to increased scrutiny. As former assistant secretary of the Department of Homeland Security (DHS) Stewart A. Baker points out, the manual "increases the risk that terrorists will find a way through the defenses. The problem is there are so many different holes that while [the TSA] can fix any one of them by changing procedures and making adjustments … they can't change everything about the way they operate." Despite these concerns, other former DHS officials say that the oversight is not as serious as some observers believe because the manual is so widely circulated among TSA employees in the first place. "It's not something a determined expert couldn't find another way," one official argued.


Chicago Terrorism Suspect Charged by U.S. Over Mumbai Attacks
Bloomberg (12/08/09) Blum, Justin; Harris, Andrew

U.S. prosecutors have officially charged David Coleman Headley of Chicago in relation to the Nov. 2008 attacks on Mumbai that resulted in the deaths of 166 people. Prior to the attack, Headley made five trips to Mumbai between 2006 and 2008. During that time period he took both photos and video of potential targets, including those that were attacked. He also changed his name from Daood Gilani in order to avoid raising suspicions while traveling or while in India. Headley was born in the United States to an American mother and a Pakistani father, but attempted to hide his connections with Islam and Pakistan. Additionally, Headley is thought to have attended terrorist training camps run by the Pakistani militant group Lashkar-e-Taiba, which has been blamed for Mumbai attacks. Headley was originally arrested in October for allegedly planning to attack more public places in India and conspiring to murder and maim citizens of India and Denmark. Charges against Abdur Rehman Hashim Syed, a retired major in the Pakistani military, have also been unsealed in connection to the attack planned on Denmark. According to the charges against Rehman, he helped Headley contact Lashkar-e-Taiba and other potential Pakistani conspirators. In January 2009, Rehman also reportedly helped Headley contact Ilyas Kashmiri, leader of Harakat-ul Jihad Islami, which has ties to al-Qaida. Rehman's status and his location remain unknown.


U.S. Sees Homegrown Muslim Extremism as Rising Threat
Los Angeles Times (12/07/09) Rotella, Sebastian

Terrorism experts and anti-terrorism officials in the U.S. say that they are seeing signs that American Muslims are becoming increasingly radicalized. Among the signs that American Muslims are becoming more and more radical are the arrests of several Americans accused of plotting with al-Qaida to launch terrorist attacks this year. For instance, Najibullah Zazi, an Afghan American who lived in Colorado, was arrested in September for allegedly planning to bomb targets in New York City. Officials say the alleged plot was the most serious terrorist threat in this country since the September 11, 2001 terrorist attacks. In addition, several Muslim extremists in the U.S. traveled overseas to join terrorist networks. Among them were a group of Somali Americans who traveled to Somalia to join the al-Qaida linked terrorist group al Shabab. Still, experts say that the radicalization of Muslims remains more common in Europe than it does in the U.S. Experts say that there are several reasons why European Muslims are more radicalized than their American counterparts, including crime and alienation in Muslim immigrant communities in several European countries. Experts also say that Muslims in this country are wealthier and better educated, and that the U.S. does a good job of assimilating immigrants and creating an atmosphere of tolerance.




TSA Breach Exposes PDF File Risk
InformationWeek (12/09/09) McDougall, Paul

The recent accidental release of a classified PDF document containing information about the Transportation Security Administration's airport security procedures could be an indication that employees at the agency do not know how PDF documents work. The document, which was posted on a Web site used by private contractors looking for government work, included redacted portions that were blacked out with a graphics tool. However, the words underneath could be seen if readers cut and pasted the redacted pages into a new file. That allowed anyone with an Internet connection and a little bit of know-how to be able to read highly sensitive information about TSA screening methods, interviewing procedures, X-ray machines, and other terrorist prevention tools. However, the information contained in the document was outdated, meaning that travelers were not at risk because of the breach, said Department of Homeland Security Secretary Janet Napolitano. However, she said that an investigation into the incident would be launched and those involved would be disciplined. It does not appear that the security breach was the result of a flaw in Adobe's PDF format.


DHS Releases Cyber Incident Response Draft Plan
Government Computer News (12/09/09) Bain, Ben

The U.S. Department of Homeland Security (DHS) has released a version of a federal plan to divvy up cyber incident response tasks between agencies and industries, according to insiders. The draft plan is the outcome of a continuing partnership between DHS and its partners at the federal, state, and industry levels to develop a National Cyber Incident Response Plan, according to Navy Rear Adm. Michael Brown, who acts as DHS' deputy assistant secretary for cybersecurity and communications. The White House's cybersecurity review released this spring defines the preparation of the plan as one of its short-term goals, and DHS has been spearheading the initiative. Brown says DHS recommended that the government update the cyber incident portion of the National Response Framework, and then conducted a cybersecurity exercise at its new National Cybersecurity and Communications Integration Center with representatives from industry and other government agencies to further develop the draft plan. Earlier this month the draft was submitted to industries involved in critical infrastructure and to state and federal partners that have been involved in devising the cyber incident response plan so they would have an opportunity to provide input. Responses from DHS' partners will be made part of the final draft of the plan.


Five Critical Patches Issued for Internet Explorer
NewsFactor Network (12/09/09) LeClaire, Jennifer

Microsoft has released five critical patches for Internet Explorer, a move that has stirred criticism directed to the software company's failure to foresee high-risk glitches. Microsoft faces additional controversy since the updates include two previously exploits that only affected Internet Explorer 8, but were not publicly disclosed. Security experts advise testing the latest patches prior to their deployment, since multiple configurations outside of IE could be affected. The five updates released by Microsoft are patches for potential "drive-by" attacks. Other major players have released security patches recently, with updates issued by Apple's Java for OS X and Adobe Flash Player, among others.


Cyberattacks Against Critical U.S. Networks Rising at a Faster Rate
NextGov.com (12/08/09) Aitoro, Jill R.

Cybersecurity attacks against network systems that run U.S. infrastructure, such as transportation systems and water and sewage treatment plants, are on the rise, primarily because these industries are supported by antiquated technologies that do not have the capacity to deflect sophisticated attacks. Between July and September 2009, the Repository for Industrial Security Incidents (RISI) added 11 cyberincidents to its database of cybersecurity attacks that have or might have affected systems that perform critical industrial functions in the United States. Since January 2009, industries have added 35 incidents to the database, comprising more than 20 percent of the 164 incidents recorded in the past 27 years. Incidents from this year alone could account for 37 percent of all incidents if current trends continue, RISI reports.


Scientists Promise an End to Web Attacks
V3.co.uk (12/07/09) Neal, David

Research on new encryption technology that has the potential to make cyberattacks "computationally impossible" will be presented at the ASIACRYPT 2009 security and cryptology conference in Japan. Paul Morrissey, Nigel Smart, and Bogdan Warinschi from the University of Bristol's Department of Computer Science will demonstrate how the technique can be used to prevent attacks such as denial of service. The approach also provides two-factor authentication that does not overburden users. The researchers will discuss how to transfer information between databases in a truly encrypted way in a second paper. Also, researchers from Bristol will present a third paper on the "basic constructions in cryptography," which they argue could be applied to applications such as the Web browser.


Abstracts Copyright © 2009 Information, Inc. Bethesda, MD


  ASIS also offers a daily and a non-sponsored, special-content Professional Edition of
Security Newsbriefs. Please click to see a sample or to contact us for more information.

Unsubscribe | Change E-mail | Advertising Opportunities | Security Management Online | ASIS Online

No comments:

Post a Comment