Search This Blog

Friday, February 12, 2010

Security Management Weekly - February 12, 2010

header

  Learn more! ->   sm professional  

February 12, 2010
 
 
Corporate Security

  1. "WorkSafe Flying Squad to Crackdown on Workplace Bullies" Victoria, Australia
  2. "Ex-Goldman Programmer Indicted for Trade Secrets Theft"
  3. "S'pore IT Mall Lauds Success in Antipiracy Efforts" Counterfeit Software
  4. "Wanted: Defense Against Online Bank Fraud"
  5. "In Secret, Nations Work Toward Crackdown on Piracy" Copyright Infringement
Homeland Security

  1. "Obama Will Help Select Location of Khalid Sheik Mohammed Terrorism Trial"
  2. "European Vote on Counterterror Blocks Bank-Data Sharing With U.S."
  3. "U.K. Move Could Hinder U.S. Intelligence Sharing"
  4. "Iraq Orders Blackwater Workers to Leave"
  5. "Al-Qaeda Is a Wounded but Dangerous Enemy"
Cyber Security

  1. "U.S. Internet Security Plan Revamped"
  2. "'Aurora' Attacks Still Under Way, Investigators Closing in on Malware Creators"
  3. "26 Windows, Office Holes Patched in 13 Bulletins"
  4. "China Heralds Bust of Major Hacker Ring"
  5. "The Top 5 Mistakes of Privacy Awareness Programs"

   

 
 
 

 


WorkSafe Flying Squad to Crackdown on Workplace Bullies
Sydney Morning Herald (Australia) (02/12/10)

The Australian state of Victoria is planning to take steps to crackdown on bullying in the workplace. Under a new program called Respect at Work, WorkSafe inspectors will go into more than 40,000 workplaces throughout the state to conduct surprise inspections, interview employees, and educate workers about bullying. The initiative comes in the wake of the convictions of three men on charges related to the 2006 suicide of café worker Brodie Panlock, who died from injuries she sustained after jumping off the fourth floor of a parking deck. The men, who worked with Panlock at the Café Vamp outside of Melbourne and subjected her to 16 months of physical and mental bullying, were fined a total of $335,000 for failing to take reasonable care for Panlock's health and safety. The owner of the café, Marc Luis Da Cruz, pleaded guilty to two different charges, including failing to provide and maintain a safe working environment. His company was also fined $110,000.


Ex-Goldman Programmer Indicted for Trade Secrets Theft
Dow Jones Newswires (02/11/10) Bray, Chad

Former Goldman Sachs computer programmer Sergey Aleynikov was indicted Thursday on charges of stealing computer code for a proprietary high-frequency trading program. According to prosecutors, Aleynikov transferred thousands of computer code files related to the proprietary trading program to his home computer between May 2007 and June 2009 without Goldman Sachs' knowledge. Prosecutors also said that just before Aleynikov was scheduled to start a job at Teza Technologies developing a similar high-frequency trading program, he transferred significant portions of proprietary code for Goldman Sachs' program to a outside computer server in Germany. Aleynikov brought some of the code with him to a meeting at Teza's office in July 2009, prosecutors say. Aleynikov could face 25 years in prison if he is convicted.


S'pore IT Mall Lauds Success in Antipiracy Efforts
ZDNet Asia (02/10/10) Kwang, Kevin

Microsoft's Singapore office has announced that it is working with an IT mall in the city-state to prevent the sale of counterfeit software. The joint effort will build on an anti-piracy program the mall, Sim Lim Square, launched nearly six years ago. Under that program, known as the STARetailer program, retailers who do not have any piracy complaints filed against them for nine months and those who agree to adopt free-trade practices are given a STARetailer logo that they can display on the floor of their shops. Participating retailers also pay lower rates to advertise in the mall's full-page ads. In addition, the program, refers consumers who unwittingly purchase pirated software to either the Singapore Tourism Board or the Consumers Association of Singapore. The program also punishes retailers who are found to be selling pirated software by not including them in STARetailer advertising and marketing efforts. Retailers could even be asked to leave the mall. According to Chan Kok Hong, the managing director of the company that manages Sim Lim Square, the program has reversed a situation where pirated software was sold openly in the mall 10 years ago to one where 98 percent of software sold is legitimate. Under the collaboration with Microsoft, the Redmond, Wash.-based software maker will publish pamphlets that aim to teach consumers how to tell the difference between pirated software and legitimate products. Microsoft will also certify retailers that sell legitimate software.


Wanted: Defense Against Online Bank Fraud
Wall Street Journal (02/08/10) Richmond, Riva

A growing number of small businesses are losing large sums of money through attacks on their online banking accounts. In these attacks, hackers send an e-mail with a link to a malicious site to employees who handle their company's financial accounts. These malicious sites then steal the username and passwords the employees use to log in to their online banking accounts. Once they have broken into the accounts, the hackers send payments to so-called "money mules" in Eastern Europe, who handle money for online criminal organizations. Over the past year, hundreds of millions of dollars have been stolen from businesses in this manner, according to Shawn Henry, the assistant director of the FBI's Cyber Division. Much of this money is being stolen from small businesses, because they tend to use smaller, regional banks that do not have the resources to stop attacks. There are a number of steps that small businesses can take to protect themselves from attacks on their online banking accounts. In addition to using security features on Web browsers, companies should also ask their banks to establish "dual controls" on their accounts so that all transactions must be approved by two people. Companies can also create restrictions on adding new payees to their online banking accounts. Finally, companies should be sure to check their bank balances and scheduled payments at the end of each workday, since doing so allows the bank to stop any fraudulent payments before they are made.


In Secret, Nations Work Toward Crackdown on Piracy
New York Times (02/08/10) Pfanner, Eric

The United States is working with a number of other countries, including the European Union, Japan, and Australia, to complete a Anti-Counterfeiting Trade Agreement by the end of this year. The agreement, which has been in the works for two years, aims to crackdown on the sale of illegally copied music, movies, and goods such as designer bags. The talks have encountered a number of problems, including a disagreement over a U.S. proposal to require Internet service providers to filter out illegally copied songs from their networks or to take steps to prevent copyright violators from accessing the Internet. Although the talks are supposed to be a secret, EU negotiators are said to oppose the U.S. proposal. Another source of controversy in the talks has been the secrecy surrounding the negotiations. Critics say that talks involving the future workings of the Internet should not be made secret. Other critics say that the talks need to include developing countries where intellectual property laws or enforcement are weak, such as China, India, and Indonesia. Participants in the negotiations are scheduled to meet for more talks in Wellington, New Zealand, in April.




Obama Will Help Select Location of Khalid Sheik Mohammed Terrorism Trial
Washington Post (02/12/10) P. A01; Kornblut, Anne E.; Johnson, Carrie

Three White House officials said Thursday that President Obama is planning to get involved in the process of determining where to try Khalid Sheik Mohammed, the self-proclaimed mastermind of the September 11, 2001 terrorist attacks. Obama had initially left the decision on where to try Mohammed up to Attorney General Eric Holder, as part of his efforts to keep the Justice Department independent from the White House. But Holder's decision to try Mohammed in civilian court in Manhattan near the site of the September 11 terrorist attacks sparked a political backlash that could result in Congress denying the administration funding for the trial. The White House officials noted that Obama wanted to get involved in the decision making process in order to ensure that funding for the trial is made available. It remains unclear where Obama will decide to try Mohammed. The president noted in an interview on Sunday that Manhattan has not been ruled out as a location for the trial. If Obama decides against Manhattan, he could find it difficult to find another location for the trial, since officials in states like Virginia, New Jersey, and New York have all expressed opposition to hosting legal proceedings against Mohammed. It also remains unclear whether Mohammed will stand trial in civilian court. While Holder has said that he prefers to try Mohammed in federal court, political pressure may force the administration to try him before a military commission.


European Vote on Counterterror Blocks Bank-Data Sharing With U.S.
Washington Times (02/11/10) Kralev, Nicholas

The European Parliament has rejected a deal that would permit Washington to access banking and financial data needed to disrupt financing for terrorist groups. The decision followed a British court's release of previously secret and damaging information on the treatment of a former Guantanamo Bay detainee by U.S. interrogators. The George W. Bush administration began a secret program that transferred millions of pieces of personal information from the U.S. offices of the bank transfer company SWIFT to U.S. authorities. The program was revealed in 2006, the European Parliament's decision would have formalized the information exchange. The program has already produced an average of 1,500 tips to European governments. The United States already has data sharing deals with several countries, but an E.U.-wide program would be more effective, officials say.



U.K. Move Could Hinder U.S. Intelligence Sharing
Wall Street Journal (02/11/10) Macdonald, Alistair

The Obama administration on Wednesday criticized a decision made by a U.K. appeals court to force the British government to release U.S. intelligence related to the alleged torture of former Guantanamo Bay inmate Binyam Mohamed. In a statement, the White House said that it was "deeply disappointed" with the ruling because it believed that it would hurt future intelligence relations with the U.K. Director of National Intelligence Dennis Blair has also criticized the release of the information, which resulted from a legal effort by Mohamed to obtain any material held by the British government that he could use to defend himself before a U.S. military commission. Blair said that the release of the information--which shows how U.S. authorities used sleep deprivation, threats, and shackling on Mohamed--was "not helpful" and would create "additional challenges" in the relationship between the U.S. and the U.K. However, he noted that the two countries would continue to work together to fight terrorism despite the decision.


Iraq Orders Blackwater Workers to Leave
Sydney Morning Herald (Australia) (02/11/10)

Iraq has told more than 200 current and former employees of the private security firm formerly known as Blackwater that they must leave the country by Monday. According to Iraqi Interior Minister Jawad al-Bolani, the employees were notified of the order to leave Iraq on Feb. 8. He added that the order is directed at security contractors who worked for Blackwater--which still plays a role in protecting U.S. diplomats in the country but now operates under the name Xe--at the time of a 2007 incident in which a Blackwater security detail that was guarding an American convoy opened fire in Baghdad's Nisour Square, killing 17 Iraqi civilians. The order comes in the wake of Iraqi Prime Minister Nouri al-Malaki's promise to the families of the victims of that shooting to seek justice after a U.S. court dismissed manslaughter charges against the Blackwater guards who were allegedly involved. The State Department has said that it has been informed about the order and that it is discussing the issue with the Iraqi government. It also said that none of the employees who currently provide aviation services as part of the new contract to provide security for U.S. diplomats in Iraq were involved in the 2007 shooting.


Al-Qaeda Is a Wounded but Dangerous Enemy
Washington Post (02/08/10) Warrick, Joby; Finn, Peter

Recent assessments by terrorism experts have found that al-Qaida has been impaired by drone strikes against their leaders and strongholds; however, the group remains intent on attacking the United States directly, particularly through small-scale operations that may be more difficult for U.S. intelligence to detect. "Al-Qaida's leadership is accelerating efforts that were probably in place anyway," says Andy Johnson, former staff director of the Senate Intelligence Committee and now national security director for the Washington think tank Third Way. This acceleration of the group's plans is motivated by a record number of successful drone strikes on terrorist havens along the Afghanistan-Pakistan border. The attacks, combined with a successful restriction of al-Qaida's funding, have impeded the group's ability to launch ambitious, complex terrorist attacks like those of Sept. 11. As a result, the group is adapting, putting more stock in lone operatives working with low-tech explosives. As Bruce Hoffman, a Georgetown University terrorism expert and senior scholar at the Woodrow Wilson Center, points out, "The threats are diverse and spreading. Both administrations -- Bush and Obama -- had a tendency to focus on one threat, one enemy, emanating from one place. The use of predators in Afghanistan and Pakistan is a very effective tactic. But it's a tactic, and it's not a substitute for a strategy."





U.S. Internet Security Plan Revamped
Network World (02/11/10) Marsan, Carolyn Duffy

The U.S. Office of Management and Budget is shifting tactics in its federal Internet security effort, moving its focus away from the consolidation of external Internet connections run by civilian agencies and toward agencies' implementation of a standard set of security tools and processes on all of their Internet links. "Despite the whole [Trusted Internet Connections (TIC)] Initiative, there are probably as many points of Internet connection as there used to be," says Qwest's Diana Gowen. "The new administration is less concerned with the number, and more concerned about getting them protected." Gowen says the U.S. Defense Department has an ongoing procurement to acquire more than 4,000 Internet connections globally, so consolidation is not a pressing issue. Sprint's Bill White expects there eventually will be federal network consolidation, though not from the thousands of Internet connection points currently in existence to just 50, as the TIC Initiative was originally supposed to do. The U.S. Department of Homeland Security's Sean Donelan says that what has happened is not a change in TIC's goals, but a reordering of them, as security practices are currently a bigger priority than consolidation. He anticipates that more than 50 percent of civilian agency network traffic will be streaming through TIC-compliant access points by the end of this year. One aspect of the TIC Initiative that has not been revised under the Obama administration is that the program still has a agenda to consistently deploy network security services across civilian agencies.


'Aurora' Attacks Still Under Way, Investigators Closing in on Malware Creators
DarkReading (02/10/10) Higgins, Kelly Jackson

Although the investigation into the recent cyberattacks on Google, Adobe, and other U.S. companies is continuing, security experts say they have already learned a number of things about the hack, known as Operation Aurora. For instance, the attack affected more than the 30 companies that have acknowledged being breached, says HBGary's Greg Hoglund. Hoglund also notes that the attacks are continuing. That assertion is backed up by Mandiant CEO Kevin Mandia, who says that some victims of Operation Aurora are being attacked by cybercriminals sending new versions of the malware to machines that have already been breached. Hoglund and other security experts say they also are getting closer to identifying who was responsible for Operation Aurora. Hoglund says that his company's latest analysis tool has been able to identify registry keys, IP addresses, unusual runtime behavior, and other information about the malware used in Operation Aurora. He says that the creators of the Aurora malware left behind trails that are very specific to the developer and the compiler of the malware, and that these trails have Chinese-language ties.


26 Windows, Office Holes Patched in 13 Bulletins
CNet (02/09/10) Mills, Elinor

Microsoft patched 26 vulnerabilities in 13 security bulletins during its Patch Tuesday, including conspicuous ones for Windows that could be taken advantage of to commandeer a computer and one that has existed within the 32-bit Windows kernel since it was released in 1993. The most urgent patches being implemented plug vulnerabilities in the Server Message Block Protocol, Windows Shell Handler, ActiveX via Internet Explorer, DirectShow, and the 32-bit version of Windows, according to Microsoft's Jerry Bryant. Microsoft has received much criticism over the fact that the 32-bit kernel hole is 17 years old, but Google engineer Tavis Ormandy says he brought it to Microsoft's attention last summer. "You can criticize them for taking a long time to fix a bug," but not if they were never informed of it, says Pedram Amini, operator of the Zero Day Initiative. Microsoft knows proof-of-concept code for that issue is publicly available, but it is not currently aware of any active attacks, Bryant says.


China Heralds Bust of Major Hacker Ring
Wall Street Journal (02/08/10) Areddy, James T.

China's Xinhua news agency announced Feb. 8 that the Chinese government has shut down the country's largest distributor of tools used in cyberattacks. The shut down of the distributor, known as Black Hawk Safety Net, took place when three people associated with the company were arrested in November on charges of making suspicious tools available online. The arrests of the individuals--including the co-founders of Black Hawk Safety Net, 29-year-old Li Qiang and 28-year-old Zhang Lei--occurred after an investigation into company's role in domestic cyberattacks. In addition, the investigation--which was made possible thanks to a new clause in China's criminal law that makes it illegal to offer others programs that could be used in cyberattacks--resulted in the seizure of roughly $249,000 in assets, including nine servers and five computers. It remains unclear why China waited so long to disclose news that it had arrested individuals involved with Black Hawk Safety Net. However, the news comes amid efforts by China to discredit allegations that it was involved in the recent cyberattack on Google.


The Top 5 Mistakes of Privacy Awareness Programs
IDG News Service (02/08/10) Cline, Jay

Evey regulation that mandates that reasonable actions be taken to secure data requires firms to set up training programs to help workers better understand those measures. There are five potential compliance shortcuts that corporations could take instead of making most of the opportunity to make sure that workers really understand how to protect data. One shortcut is doing separate training for privacy, security, ethics, and records management, which can result in employees receiving mixed and sometimes contradictory messages. Another is confusing an awareness campaign with genuine training. Third, corporations may hold a few PowerPoint presentations and put up some posters, thinking this is a sufficient privacy and security training program, and neglect role-based training to help smaller groups understand what they need to do to carry out larger policy goals. A fourth shortcut is failing to use all available multimedia outlets--posters, PowerPoint presentations, big-screen televisions, podcasts, etc.--to reach employees. And lastly, corporations may neglect to measure the impact of their employee training program on inside breaches and other serious threats to corporate security.


Abstracts Copyright © 2010 Information, Inc. Bethesda, MD


  ASIS also offers a daily and a non-sponsored, special-content Professional Edition of
Security Newsbriefs. Please click to see a sample or to contact us for more information.

Unsubscribe | Change E-mail | Advertising Opportunities | Security Management Online | ASIS Online

No comments: