Search This Blog

Friday, February 19, 2010

Security Management Weekly - February 19, 2010

header

  Learn more! ->   sm professional  

February 19, 2010
 
 
Corporate Security

  1. "Professors Say Tenure Fights Create High-Stress Situations"
  2. "Proposal in Ohio House Would Increase Punishment for Assaulting Nurses"
  3. "MarkMonitor Launches Site Staydown Service"
  4. "No Cure for Fake Drugs" Counterfeit Drugs in Middle East
  5. "How to Handle Poison Pen Letters" Threatening Letters Sent to Corporate Executives
Homeland Security

  1. "Enraged Engineer Flies Into IRS Office Building in Austin"
  2. "Two Taliban Leaders Arrested"
  3. "6 Latin Countries Sign Pact With U.S. and Canada on Airport Security"
  4. "Airport Efforts To Detect Explosives Expand"
  5. "Full-Body Scanners at Airports May be Illegal, Warns Equality Watchdog" United Kingdom
Cyber Security

  1. "Reports: Internet Attacks Traced To Chinese Schools"
  2. "Malicious Software Infects Corporate Computers"
  3. "In a Doomsday Cyber Attack Scenario, Answers Are Unsettling"
  4. "City of Norfolk Hit With Code That Takes Out Nearly 800 PCs"
  5. "China Leads the World in Hacked Computers, McAfee Study Says"

   

 
 
 

 


Professors Say Tenure Fights Create High-Stress Situations
Boston Globe (02/18/10) Jan, Tracy

A number of professors and officials at colleges and universities say that institutions of higher education should examine their tenure policies in the wake of the Feb. 12 shooting at the University of Alabama's Huntsville campus. In that shooting, Amy Bishop, a professor who had been denied tenure, allegedly opened fire at a faculty meeting, killing three professors and leaving three other university employees injured. One change that could be made is to provide training to tenure committees on the process of evaluating professors, said James Alan Fox, a professor of criminology, law, and public policy at Northeastern University in Boston. Fox also noted that colleges and universities should provide professors who have been denied tenure with mentoring and assistance in finding another job in order to reduce the risk of violence. In addition, colleges and universities should give tenure-track professors through, candid annual reviews before a decision about granting tenure is made in order to ensure that they are not blindsided by rejection and that they feel that they have been treated fairly, said Xiao-Li Meng, the chairman of the statistics department at Harvard University. Finally, colleges and universities should be on the lookout for warning signs that may indicate that faculty members could commit an act of violence, said Bonnie Teitleman, the director of the faculty and staff assistance office at Boston University.


Proposal in Ohio House Would Increase Punishment for Assaulting Nurses
MedCity News (02/16/10) Glenn, Brandon

The Ohio state House is considering legislation that would impose stiffer penalties on individuals convicted of assaulting nurses. Under the bill, known as House Bill 450, assaults on nurses would be considered fourth-degree felonies punishable by prison terms of between six and 18 months and fines of up to $5,000. Current Ohio law considers assault to be a first-degree misdemeanor that is punishable by up to six months in jail and fines of up to $1,000. The bill has won the support of the Ohio Nursing Association, which said last year that the measure is its highest legislative priority. Elise Geig, the group's director of health policy, said that ONA has long advocated legislation to protect nurses from workplace violence, which a 2004 study published in the Online Journal of Issues in Nursing said was "one of the most complex and dangerous occupational hazards facing nurses." The study attributed the problem of violence against nurses to the fact that the health care industry is "resistant to the notion" that providers are vulnerable to being attacked by patients.


MarkMonitor Launches Site Staydown Service
V3.co.uk (02/16/10) Williams, Ian

MarkMonitor has launched its Site Staydown service, which works to prevent Web sites that sell counterfeit goods from reopening after being shut down. The company promises to track a bad domain and make sure that if its users try to relaunch it through a different registrar that it is shut down. MarkMonitor thinks that up to $133 billion in revenue was lost in 2009 because of these sites, which are typically based on misspellings or small differences on the original site. "While brands address the problem of counterfeit and pirated goods with time consuming traditional enforcement methods, fraudsters continue to profit from illicit activities," says MarkMonitor executive Charlie Abrahams. "The MarkMonitor Site Staydown service provides brands with a cost effective, fast and efficient alternative for taking action against fraudulent activity that erodes sales and dilutes marketing investments."


No Cure for Fake Drugs
Wall Street Journal (02/15/10) Faucon, Benoit

A recent seizure of counterfeit medications in Syria found millions of dollars worth of fake treatments for a number of conditions including breast cancer, leukemia, and heart attacks. At least 65 people were also detained, but it is unknown if any have been charged. In addition, authorities seized equipment used to produce and package the drugs, which were reportedly shipped to Iraq, Turkey, Lebanon, Iran, and Egypt. All medications were found to be counterfeit with no medicinal value, and included copies of medications produced by Novartis, Sanofi-Aventis, Bristol-Myers Squibb, Roche, and Pfizer. According to the World Health Organization (WHO), as much as 35 percent of all drugs in the Middle East are counterfeits, compared to less than 1 percent in the United States and Western Europe. These counterfeit medications are not only sold to private pharmacies, many are able to enter the public healthcare system, particularly in Iraq.


How to Handle Poison Pen Letters
Security Management (02/10) Vol. 54, No. 2, P. 52; Brenzinger, Mark ; Flora, Timothy; Rush, Henry

Companies that receive letters threatening their executives should take these messages seriously, instead of simply ignoring them as they often do. One of the first things that a company can to do to respond to a potential threat to an executive is to hire a firm that can provide it with logistical support and threat assessment services. During this assessment, the firm will try to determine whether the threat is credible and whether the writer of a threatening letter is preparing to take action on his threats. If investigators determine that the letter writer is preparing to commit a violent act, they should try to determine when and where the attack will take place. The assessment will also try to determine what is motivating the person who wrote the threatening letter. Once companies have an idea about what may be motivating the person to commit a violent act, they can take steps to mitigate the threat, including trying to resolve any issues that the person may have with the company. Companies should also implement policies for dealing with threatening letters to ensure that any threats do not go overlooked. Finally, companies may want to consider forming a threat assessment team made up of existing security personnel to analyze threats and determine how serious they are.




Enraged Engineer Flies Into IRS Office Building in Austin
Dallas Morning News (TX) (02/19/10)

Three people were killed and 15 were injured Thursday when a Texas man who was upset with the Internal Revenue Service crashed his single-engine Piper PA-28 airplane into an Austin office building that housed IRS employees. Authorities say the man, who has been tentatively identified as 53-year-old Andrew Stack III, posted anti-government statements on the Internet the day he crashed the plane into the office building. In those statements, Stack discussed his problems with the IRS and vented his anger about government bailouts and the "thugs and plunderers" in the nation's corporate sector. Stack then signed the letter "Joe Stack (1956-2010)." Although officials in Austin say that it does not appear that the attack was an act of terrorism, the incident has sparked debate over how to better protect buildings from individuals who deliberately crash planes into them. Rep. Michael McCaul (R-Texas), a member of the Homeland Security Committee, said his panel is planning to take up that issue soon.


Two Taliban Leaders Arrested
Wall Street Journal (02/19/19) Rosenberg, Matthew

Pakistani authorities have arrested two senior Taliban officials as well as several other militants. The officials, Mullah Mir Mohammed and Mullah Abdul Salam, are considered the Taliban's "shadow governors" of the northern Afghan provinces of Baghlan and Kunduz. Experts say these arrests, in addition to the recent detention of the Taliban's military and political commander, Mullah Abdul Ghani Baradar, show that Pakistan may finally be stepping up its crackdown on insurgents who use the country as a safe harbor to launch attacks on U.S. troops across the border in Afghanistan. If sustained, Pakistan's new cooperation could prove a major turning point in the Afghan war. Previously, Pakistan had denied that senior Afghan Taliban leaders have used their country as a safe haven. U.S. officials remain cautious about the country's involvement, saying they are unsure what prompted the change of heart. Some officials speculate that Pakistan has finally begun seeing the links between the Afghan Taliban and the Pakistani Taliban, which it has battled in the northwest region of the country for the past several months.


6 Latin Countries Sign Pact With U.S. and Canada on Airport Security
Arizona Republic (02/18/10) Hawley, Chris

The United States and Canada signed agreements with six Latin American countries on Feb. 17 as part of an effort to improve airport security. Under the agreement, which was signed by Mexico, Brazil, Argentina, Chile, Panama, and the Dominican Republic, along with the United States and Canada, all eight countries will work to improve security screenings of airline passengers and report stolen passports to Interpol to ensure that potential terrorists cannot use them. In addition, the countries that signed the agreement pledged to share information on how to detect fraudulent documents, recognize suspicious behavior, and screen airport employees. Finally, the agreement calls on the eight countries to send information about passengers to the country they are flying to, and to consider building centers to track hijacked flights and communicate with other countries. The United States is planning to pursue similar agreements with other countries on a bilateral basis, said U.S. Homeland Security Secretary Janet Napolitano. The agreement comes ahead of a meeting of the International Civil Aviation Organization in September in which the U.N. agency will likely establish new security standards for international flights.


Airport Efforts To Detect Explosives Expand
New York Times (02/18/10) Wald, Matthew L.

The Transportation Security Administration (TSA) is now expanding the use of swabs at the nation's airports to detect explosives. These swabs have long been used to wipe the handles and zippers of carryon luggage to check for residue from chemicals used to make explosives, but the swabs will now be used on passengers' hands as well. TSA says this change follows the attempted bombing of a Detroit-bound flight by Nigerian suspect Umar Farouk Abdulmutallab. The agency will also be placing explosive-detecting equipment on rolling carts in order to randomly screen passengers who have already passed through security.


Full-Body Scanners at Airports May be Illegal, Warns Equality Watchdog
Telegraph.co.uk (02/16/10) Beckford, Martin

The Equality and Human Rights Commission (EHRC), a U.K.-based rights group, recently said that it has serious concerns over the British government's decision to expand use of full-body imaging to airports across the country. These scanners have been in place at the Manchester airport since October 2009, and are also being used at Heathrow, Britain's largest airport. In addition to privacy concerns, watchdog groups say the scanners have the potential to violate child pornography laws because they show clear outlines of a subject's naked form. Some groups have also said the scanners could damage ties to community groups and might enable discrimination against Arabs and/or Muslims. A representative for the British Department of Transport responded to these concerns, saying that passengers will only be selected for scanning on a random basis and would not be chosen because of personal characteristics. The department has also reportedly instituted "an interim code of practice which addresses privacy concerns in relation to body scanners."




Reports: Internet Attacks Traced To Chinese Schools
IDG News Service (02/19/10) Sayer, Peter

Computers at Chinese educational institutions, including Shanghai Jiaotong University and Lanxiang Vocational School, may have been used in the Internet attacks on Google, according to cybersecurity experts. Investigators had previously traced the attacks to servers based in Taiwan. Investigators also found that the attacks may have started as early as April 2009. Google stated in January that it believed the attacks began no earlier than December 2009.


Malicious Software Infects Corporate Computers
New York Times (02/18/10) Markoff, John

The Herndon, Va.-based computer network security firm NetWitness is reporting that a botnet known as the Kneber botnet is spreading over the Internet to residential, commercial, and government computing systems. The botnet uses a Trojan Horse known as ZeuS to steal victims' personal information as well as log-in information for online financial systems, e-mail systems, and social networking sites such as Facebook. In addition, the botnet has been able to steal 68,000 corporate log-in credentials, as well as more than 2,000 digital security certificates. NetWitness says that the Kneber botnet has infected the computers of more than 2,500 companies around the world--an infection that is modest when compared with botnets such as Conficker, which controls more than 7 million computers globally.


In a Doomsday Cyber Attack Scenario, Answers Are Unsettling
Los Angeles Times (02/17/10) Drogin, Bob

Ten former White House advisors and current officials on Tuesday took part in a public cyber war game sponsored by the Washington, D.C.-based Bipartisan Policy Center. During the war game, the current and former officials--including former Secretary of Homeland Security Michael Chertoff, Joe Lockhart, President Clinton's former press secretary, and Frances Fargo Townsend, a counterterrorism adviser to former President George W. Bush--played the role of National Security Council members trying to respond to a simulated cyber attack. The simulation, which was developed by Georgetown University and several companies, began with large numbers of college basketball fans downloading a malicious March Madness application to their smartphones. Once the app was downloaded, embedded spyware began stealing users' passwords and intercepting e-mails. The attack, which was traced to computer servers in Russia and to an unnamed individual in Sudan, resulted in the Internet and 60 million cell phones being taken out of service. The nation's finance and commercial sectors also collapsed, while most of the country's power grid was taken offline. Officials who took part in the simulation were forced to come up with responses to these events. However, participants struggled to respond, with many saying that an attack like the one in the simulation was unprecedented. The participants did not develop a plan to respond to the attack, though they did agree to advise the president to federalize the National Guard and deploy troops to protect power lines and prevent unrest.


City of Norfolk Hit With Code That Takes Out Nearly 800 PCs
IDG News Service (02/17/10) Gohring, Nancy

Nearly 800 computers and 11 servers on Norfolk, Va.'s IT network were recently infected with malicious code. City IT director Hap Cluff says the malicious code was pushed out by a virtual print server and was activated when employees shut down their computers and engineers logged off the servers they had been working on. Once the code was activated, it deleted the Windows operating system from 784 computers and nearly wiped out all of the other files that were stored on the machines' hard drives. After discovering the problem, Cluff and his team took the virtual print server offline, scrubbed it, and reverted it to a previous instance of the print server software. Those actions prevented the malicious code from spreading further. Cluff believes the code may have been a "time bomb" that was loaded a long time ago and was set to activate on a certain date. The code also could have been domain-leaked malware that captured the password of the virtual print server when the domain administrator logged on to it, says Gary Warner, the director of research in computer forensics at the University of Alabama in Birmingham. Warner says that would give the malware access to every machine on the network if the city gave administrators rights over all machines.


China Leads the World in Hacked Computers, McAfee Study Says
Washington Post (02/15/10) P. A3; Nakashima, Ellen

Hackers hijacked more private computers in China in the last quarter of 2009 than in any other country, according to a new McAfee report. About 1.1 million Chinese computers and 1.06 million U.S. computers were infected with malware that turned the compromised systems into "zombies," which are often grouped into botnets that are used to attack Web sites or send spam. McAfee's George Kurtz partly attributes Chinese computers' vulnerability to botnets to the fact that software piracy is rampant and computer users frequently have not updated the patches on their machines. U.S. Secretary of State Hillary Rodham Clinton recently said that "countries or individuals that engage in cyberattacks should face consequences and international condemnation." Some experts warn that the large volume of infected U.S. computers complicates Clinton's motion for instilling accountability. Cyber expert Stewart A. Baker wants to see a few leading countries devise "effective national norms aimed at eliminating zombie computers," and companies could be enticed or coerced into adhering to those norms. Baker notes that a country that wants to launch a cyberattack on other countries using botnets would probably want to have its own systems free of bots. While experts say the United States is the nation most susceptible to cyberattack, McAfee reports that the U.S. is considered to be the most troubling potential cyberattacker. This conclusion "might simply be a reflection of the raw capabilities and frankly the raw size of U.S. intelligence agencies," says former National Security Agency director and retired Gen. Michael V. Hayden.


Abstracts Copyright © 2010 Information, Inc. Bethesda, MD


  ASIS also offers a daily and a non-sponsored, special-content Professional Edition of
Security Newsbriefs. Please click to see a sample or to contact us for more information.

Unsubscribe | Change E-mail | Advertising Opportunities | Security Management Online | ASIS Online

No comments: