Friday, September 24, 2010

Security Management Weekly - September 24, 2010

header

  Learn more! ->   sm professional  

September 24, 2010
 
 
Corporate Security
Sponsored By:
  1. "Commission to Review Hopkins Hospital Security After Shooting" Baltimore
  2. "Tips to Prevent Workplace Violence"
  3. "Smile, You're on Taxicam!" Taxi Security in China
  4. "PCI Community to Weigh In" Payment Card Industry Security Standards
  5. "Student Creates Anti-Counterfeit Software"

Homeland Security
Sponsored By:
  1. "Escaped Terror Suspect in Singapore Custody"
  2. "Trains, Mass Transit Systems Remain Most Vulnerable Points for Terror Plots"
  3. "Police Chief: Threat of Attack on France Hits Peak"
  4. "Terrorism Trial Security Relatively Scaled Back" Trial of Ahmed Khalfan Ghailani in New York City
  5. "Students Turn Terrorist for NSU-BA Class " Northeastern State University-Broken Arrow (Oklahoma)

Cyber Security
Sponsored By:
  1. "Mobile WorkForce Poses Increasing Security Threat"
  2. "Minor Changes Urged for Data Breach Bill"
  3. "Phishing Scams Focus on Workplace E-Mail, Not Twitter, Facebook: Survey"
  4. "Local DDoS Testbed Bids to Future-Proof Systems" Distributed Denial of Service Attacks
  5. "Nations, Companies Should Prepare for Cyberwar, Experts Say"

   

 
 
 

 


Commission to Review Hopkins Hospital Security After Shooting
Baltimore Sun (09/23/10) Cohn, Meredith

Now that the Joint Commission--the panel that accredits health care organizations and programs in the U.S.--has labeled the recent shooting at Johns Hopkins Hospital in Baltimore a "sentinel event," the hospital must submit a report on its security measures to the panel within 45 days. The report will look at what went wrong when Dr. David B. Cohen was shot by the son of a patient, as well as what officials at Hopkins plan to do to prevent similar shootings from happening in the future. After the report has been submitted, the commission will review the document to ensure that Hopkins has successfully implemented its security plan and that the facility has followed all of the proper policies and procedures. Though it has not yet submitted its report, Hopkins has already given some hints about how it intends to respond to the shooting. Officials there have said that they plan to continue to reassess security needs, though they all but ruled out installing metal detectors at the facility's entrances, saying that screening visitors and staff would be too difficult and could hurt the hospital's welcoming atmosphere.


Tips to Prevent Workplace Violence
Lincoln Journal Star (NE) (09/23/10) Pascale, Jordan

Workplace shootings result in the deaths of 2 million people each year, according to Patrick Fiel, a national public safety adviser for ADT. Fiel noted that many companies fail to take precautions that would prevent workplace shootings because they do not think that such incidents could happen to them. However, workplace shootings can happen at any place and at any time, Fiel said. As a result, companies need to take precautions, including working with employees to create a safe work environment and a zero-tolerance policy on workplace violence. In addition, companies should ensure that their parking lots are well lit and that access to their facilities is controlled by technologies such as key cards. Companies may also want to consider creating an anonymous tip line that employees can use to report suspicious behavior or concerns about a colleague. Finally, companies should be on the lookout for signs that an employee may be about to commit an act of workplace violence, including dramatic changes in attitude, behavior, and work ethic, and conflicts with supervisors and other employees.


Smile, You're on Taxicam!
Wall Street Journal (09/21/10) Chin, Josh

Chinese security forces are pushing the nation's surveillance system further by installing security cameras in all 3,024 taxis in the city of Wuhu. A recent Xinhua report says that these cameras are intended to keep drivers safe, and are included as part of a device that also features global positioning software and a panic button near the driver's seat. When pushed, the panic button sends out an alert to a taxi surveillance center and flashes the message "Being robbed, please call the police" across an LED display on the taxi’s rear exterior. Although taxi drivers have appeared accepting of these new cameras, many customers disagree. The controversy around these new taxi cameras are similar to the disagreement during the Beijing Olympics over GPS-microphone systems installed in the capital’s taxis as a safety precaution. The new system in Wuhu, however, is not only a video system, but one that turns on automatically as soon as the driver flips the meter. Installation is expected to be complete sometime in October, after which every cab ride in the city will be recorded. According to transportation authorities, the recordings will be erased after a month, but critics point out that there is no guarantee that someone will not obtain the video and publish it. Authorities have not said whether similar camera systems will be installed in taxicabs outside of Wuhu.


PCI Community to Weigh In
BankInfoSecurity.com (09/21/10) Kitten, Tracy

This week's PCI Security Standards Council Community Meeting offers payments community members a last opportunity to review and suggest amendments to new versions of PCI standards. This year's changes impact versions 2.0 of the PCI Data Security Standards and Payment Application Data Security Standards, but the final versions will only feature clarifications rather than new requirements. "The relatively minor revisions are a testament to the maturity of the standards and their ability to protect sensitive card data," says PCI Council general manager Bob Russo. Expected updates to the standards will include the need for scoping before PCI DSS assessment in order to understand where cardholder data resides or is inadvertently stored, support for centralized logging included in PA DSS to promote more effective log management, affirmation of a risk-based approach for addressing vulnerabilities, and more PCI DSS and PA DSS alignment. This week's discussions are expected to cover tokenization and encryption technologies, which were not included in the new versions. Russo says that additional guidance on CHIP, point-to-point encryption, and tokenization will be released later in the year. Revisions to PCI standards will be made every three years instead of every two years going forward.


Student Creates Anti-Counterfeit Software
Viet Nam News (Vietnam) (09/20/10) Duy, Ngoc

HCM City National University (HCMCNU) student Nguyen Kim Hoang Nhu has developed 1.1trieu.com, a program that can help people avoid accidentally purchasing counterfeit products. Nhu began working on the software by studying commonly copied products such as calculators, telephones, motorcycles, gas cookers, and cleaning products. She generated a list of more than 30 product categories with information about prices, characteristics, uses, and retail agents. The program's interface resembles an online shopping Web site. Manufacturers register to display their products and customers can order the items they want. "I believe that software displaying goods with information to help consumers distinguish between products is one of the best ways for businesses to promote their brands as well as strengthen their images in the market," Nhu says. "Information about products must be acquired and frequently updated from original manufacturers and their authorized distributors, who are the most reliable sources of information."




Escaped Terror Suspect in Singapore Custody
Wall Street Journal (09/24/10) Hookway, James; Venkat, P.R.

Malaysian police on Friday deported Mas Selamat Kastari, the suspected leader of the Singapore branch of the terrorist group Jemaah Islamiyah, back to Singapore two and a half years after he escaped from a prison in the city-state. Kastari was wanted in Singapore because he is believed to have been the head of the group that was responsible for the 2002 Bali bombings, along with several other attacks. In addition, Kastari is believed to have been plotting to hijack an airplane and crash it into Singapore's Changi Airport. Kastari's case is currently under investigation, and he is being held without trial under the authority of Singapore's Internal Security Act. His return to Singapore comes after he escaped through a bathroom window at the Whitley Road Detention Center in 2008. Kastari then used an improvised floatation device to cross the strait between Singapore and Malaysia, where he spent 12 months on the run. During that time it was feared that Kastari was receiving support from a network of terrorists in the region. He was later captured by Malaysian authorities in April 2009.


Trains, Mass Transit Systems Remain Most Vulnerable Points for Terror Plots
Kansas City infoZine (09/22/10) Ramos, Cesar Noriega

Former Homeland Security Secretary Tom Ridge and Rep. Charles Dent (R-Pa.) took part in a discussion earlier this week about homeland security issues. During the discussion, which was hosted by the Republican policy group the Ripon Society in Washington, D.C., Dent noted that trains, ferries, and mass transit systems are more vulnerable to terrorist attacks than airplanes. Dent noted that this is because the nation has spent $5.2 billion on aviation security this year, while spending just $110 million on security for surface transportation. He added that terrorists could be more likely to attack surface transportation networks since security on these networks is not as stringent as security for airlines. However, Dent conceded that it would be impossible to use the same level of security on surface transportation networks as on airlines because doing so would make them less useful. Ridge, meanwhile, decried the apparent intelligence failures that led to attacks such as the Fort Hood shootings last fall. He noted that while progress has been made, there is still resistance among U.S. government agencies to share intelligence information with one another.


Police Chief: Threat of Attack on France Hits Peak
Associated Press (09/22/10) Keaten, Jamey

French National Police Chief Frederic Pechenard said Wednesday that France is facing a "peak" terror threat from al-Qaida in the Islamic Maghreb (AQIM). Experts say that there are several reasons why AQIM could target France, including the French Senate's recent decision to ban the full-body veils that some Muslim women wear. Others say that AQIM could attack France in retaliation for its support of a raid by Mauritanian forces against the group in July that left six of its members dead. Pechenard noted that if AQIM or other terrorist groups do decide to attack France, likely targets could include public transportation systems, department stores, or large public gatherings. Pechenard's warnings come ahead of massive protests against the French government's pension reform on Thursday. Pechenard said he did not believe that the protests would be targeted by terrorists, though security officials in Paris will be closely monitoring the events for any possible trouble.


Terrorism Trial Security Relatively Scaled Back
Wall Street Journal (09/21/10) Barrett, Devlin; Gardiner, Sean

The upcoming trial of Ahmed Khalfan Ghailani in New York City will not have the same security measures that city officials wanted to put in place for the proposed trial of Sept. 11 mastermind Khalid Sheik Mohammed. Although New York City officials had asked for $200 million federal help for security for Mohammed's trial, they have not asked for any help to secure the federal courthouse in Lower Manhattan where Ghailani will be tried on charges of being involved in the bombings of two U.S. embassies in East Africa in 1998. Part of the reason why New York City is not asking for help with security is because Ghailani is not as well known as Mohammed and does not need the same security measures. But even though officials in New York City have not asked for help in securing Ghailani's trial, the U.S. Marshals and other federal agencies will be working to supplement existing security measures around the courthouse and the jail where Ghailani is being held. Sources say that these supplemental security measures will include additional screening inside the courthouse, additional guards outside the courthouse, and barricades to protect the courthouse from car bombs.


Students Turn Terrorist for NSU-BA Class
Tulsa World (OK) (09/20/10) Wofford, Jerry

Oklahoma's Northeastern State University is offering a course at its Broken Arrow campus that aims to train the next generation of counterterrorism officials in how terrorists think and act. During the course, students are divided into "terrorist cells" that engage in many of the same activities that real terrorist cells do, beginning with developing a manifesto to recruit followers. After followers are brought in, they are then put through the indoctrination and radicalization process. Once that process has been completed, the terrorist cell then begins planning an operation to get its message out. The exercise requires students to follow several rules, including keeping quiet about their plans, not communicating with other "cells," and not having contact with the professor about their plans, which is considered to be a breach of security. Groups that break the rules lose their points. James Hall, the assistant professor who teaches the course, said the exercise will help students think like terrorists and learn how terrorist operations begin and grow. In addition, the exercise will help students learn how to prevent terrorist attacks from being carried out, Hall said. Hall added that the skills students learn in his course will help train them to fight terrorism in the real world. "Terrorism is not going away," he said. "But if we have people out there who know how terrorism operates and can see it, that will help fight it."




Mobile WorkForce Poses Increasing Security Threat
InformationWeek (09/22/10) Schwartz, Mathew J.

A new MessageLabs Intelligence Report from Symantec finds that Web site blocks based on company policies get triggered 35 percent more often by employees when they are traveling, compared with working in their office or home office. Most likely, users outside the office are "taking the opportunity to visit a greater variety of Web sites than they would when at their desks," says MessageLabs analyst Paul Wood. Examining browsing habits both inside and outside the office, the report determined that mobile workers are more than five times as likely to trigger blocks relating to not-allowed downloads. Workers on-the-go are also more likely to try to breach policies on shopping, search engines, and personals or dating sites. Surprisingly, however, attempts to view sexually explicit content were more likely to occur within the office. The findings corroborate the argument, frequently proffered by security experts, that in the absence of automatic enforcement, written security policies alone do little to affect behavior or make companies more secure. The study also demonstrated "that more than 80 percent of Web sites blocked as malicious were found to be legitimate Web sites that had been compromised." A slight decline in spam from August to September was observed, while the number of malicious sites uncovered by Symantec Hosted Services daily shrank by 11 percent in the same period. On the other hand, the volume of new malware rose by 9 percent to account for nearly a quarter of all Web-based malware.


Minor Changes Urged for Data Breach Bill
GovInfoSecurity.com (09/22/10) Chabrow, Eric

Witnesses testifying on the proposed Data Security and Breach Notification Act of 2010 told a U.S. Senate subcommittee that industries should be exempt from the law if they are already required to notify individuals of such intrusions under other laws. In its current draft, the legislation would require businesses and organizations to adopt security protocols to reasonably safeguard their databases from unauthorized access and to alert all affected consumers of data breaches in a timely manner unless no reasonable risk of identity theft or harm to consumers exists. Symantec's Mark Bregman agrees that organizations covered by other statutes should be exempt from a new breach notification ordinance, and says that any new legislation should not dictate the creation of new standards, but tap existing standards that include the PCI Security Standard. Although federal law would preempt state law under the breach notification bill, state law enforcers would be permitted to prosecute data breach perpetrators. Subcommittee chairman Mark Pryor (D-Ark.) says the panel could vote on the bill as early as next week.


Phishing Scams Focus on Workplace E-Mail, Not Twitter, Facebook: Survey
eWeek (09/21/10) Rashid, Fahmida Y.

Small business IT managers who took part in a recent SpamTitan survey said that malware attacks that originate from social networking sites were not a major threat to their businesses, despite the fact that the number of such attacks is growing. According to IT managers, the bigger threat is spam. Of those who took part in the survey, 75 percent said that spam is the biggest source of phishing scams that target business users. However, the survey also found that 37 percent of IT managers agreed that phishing attempts that originate from social networking sites is a "growing phenomenon," though an equal percentage said that such attacks are a natural response to the increased popularity of online user communities. The results of other surveys confirm that email scams are a bigger threat than scams that originate from social networking sites. A recent Kaspersky Lab survey found that 52 percent of all scams in the first three months of this year were emails that attacked customers of HSBC, eBay, and PayPal. Only 6 percent of scams in the first three months of 2010 originated from Facebook.


Local DDoS Testbed Bids to Future-Proof Systems
Computerworld Australia (09/21/10) Hutchinson, James

Queensland University of Technology researchers are working to test and mitigate the risks of distributed denial-of-service attacks by creating and running an internal testbed. The new dosTF testbed uses eight Linux and Windows-based computers and three VMware servers to create 200 virtual hosts to simulate attacks. Each computer is equipped with two Ethernet cards and is monitored by SNMP messaging, with experimental scenarios recorded in XML format to be later documented and potentially replayed for further experimentation. The experiments were conducted on an internal network instead of on a live system so as not to break international laws, says Queensland researcher Desmond Schmidt. He notes that similar testbeds have been established at the University of Utah and the University of California, Berkeley, but because of their location they are problematic for researchers in the India-Australia region to use. Each of the computers and virtual hosts in the dosTF testbed can be used as an attacker, traffic generator, defender, or vulnerable service, and can be activated using a central command line. Schmidt says the testbed has been successful in two separate denial-of-service attacks.


Nations, Companies Should Prepare for Cyberwar, Experts Say
PC World (09/20/10) Gross, Grant

Security experts who took part in ArcSight's Project '10 conference in National Harbor, Md., said that the U.S. and other nations need to take several steps to prepare for a possible cyberwar. For instance, governments should develop cyberwar policies that will allow them to take countermeasures during a cyberattack, including forming mutual aid agreements with other nations, said Eneken Tikk, the head of the legal and policy branch of the Cooperative Cyber Defence Centre of Excellence in Estonia. In addition, Tikk said that nations should develop national cybersecurity policies that are designed to protect them from cyberattacks. Tikk also said that the U.S. needs to take another look at a law that exempts Internet service providers from lawsuits involving traffic on their networks. Doing so could allow ISPs to filter Internet content, Tikk said, which in turn could protect against cyberattacks. Allowing ISPs to filter Web content could also allow them to prevent Internet users who do not secure their computers from accessing the Web, said Prescott Winter, the chief technology officer for ArcSight's public sector division. Winter acknowledged that while it would be difficult to adopt new Internet regulations in the U.S., he noted that doing so could make the Web more secure.


Abstracts Copyright © 2010 Information, Inc. Bethesda, MD


  ASIS also offers a daily and a non-sponsored, special-content Professional Edition of
Security Newsbriefs. Please click to see a sample or to contact us for more information.

Unsubscribe | Change E-mail | Advertising Opportunities | Security Management Online | ASIS Online

No comments:

Post a Comment