Friday, October 22, 2010

Security Management Weekly - October 22, 2010

header

  Learn more! ->   sm professional  

October 22, 2010
 
 
Corporate Security
Sponsored By:
  1. "Oklahoma City Police Report States Suspect Accelerated Car Towards Security Guard"
  2. "Newark Airport Security Screener Charged With Stealing From Passengers" New Jersey
  3. "PCI: Smaller Merchants Threatened" Payment Card Industry
  4. "More Questions for Facebook"
  5. "U.S. Companies Are at Risk of Spying by Their Own Workers"

Homeland Security
Sponsored By:
  1. "FBI Investigates Toxic Powder Sent to Arizona Congressman" Tucson
  2. "WikiLeaks Prompts U.S. Alert to Iraqis"
  3. "Unknown Shooter Fires at Pentagon"
  4. "Al Qaeda Remains Top Threat, U.K. Officials Say"
  5. "'Double Standard' in Classified Leak Inquiries?"

Cyber Security
  1. "Mississippi National Guard Admits Accidental Data Breach"
  2. "Pentagon Will Help Homeland Security Department Fight Domestic Cyberattacks"
  3. "Inter-Cloud Data Security Technology Developed by Fujitsu"
  4. "8 Cyber-Security Recommendations to Fight Botnets"
  5. "Internet Security Plan Under Review Would Alert Users to Hacker Takeover"

   

 
 
 

 


Oklahoma City Police Report States Suspect Accelerated Car Towards Security Guard
Oklahoman (10/22/10)

Police in Oklahoma City are reviewing a recent shooting involving a security guard at Penn Square Mall. According to a report released by the Oklahoma City police on Thursday, the incident began when the security guard observed two women stealing items from Dillard's. When confronted by the guard, the women fled to their car. As they were backing out of their parking space, the security guard stepped in front of their car to try to get them to stop. But the driver instead accelerated her car toward the guard, hitting him in the arm. The guard then opened fire on the car. The women escaped. It remains unclear whether they were hit when the guard opened fire on their car. No bystanders were hurt in the incident.


Newark Airport Security Screener Charged With Stealing From Passengers
Newark Star-Ledger (NJ) (10/19/10) Ryan, Joe

Two security screeners at Newark Liberty International Airport have been accused of stealing an average of between $400 and $700 from carry-on luggage belonging to women flying home on AirIndia flights. The first screener, Michael Arato, was charged with embezzlement and other crimes while the second screener, who has allegedly been cooperating with the Port Authority Police Department and the Department of Homeland Security for the past month, has remained unnamed and has not been charged. Arato and his accomplice have been working as screeners since 2002 and reportedly began stealing from passengers at least a year ago. Since 2007, 23 security officers have been fired nationwide for stealing from screening areas or from checked baggage.


PCI: Smaller Merchants Threatened
BankInfoSecurity.com (10/19/10) McGlasson, Linda

Cyber criminals are taking aim at smaller merchants who are less likely to be compliant with PCI standards, according to a recent Verizon Business report by Jen Mack, a former member of the PCI Security Standards Council. The report found that the most common attack methods are malware and hacking, SQL injections, and exploitation of default or guessable credentials. Most data breaches happen because merchants fail to make sure that security mechanisms are properly deployed. Mack says Level 3 and Level 4 retailers are being targeted by cyberthieves looking to steal credit card data, and they require more education on PCI compliance as they constitute the largest retailer segment. The council's plans for further education and a compliance push include a microsite for Level 3 and Level 4 merchants, which will be rolled out at the same time the final draft of the new PCI standard is issued at the end of October. Mack says merchants must place a priority on avoiding the failure to engage with their bank about PCI compliance. Fully compliant organizations follow a number of best practices, including building security into business processes from the outset, keeping compliance and security aligned, incorporating PCI activities into daily business operations, and keeping data under close control.


More Questions for Facebook
Wall Street Journal (10/18/10) Fowler, Geoffrey A.

U.S. Reps. Edward Markey (D-Mass.) and Joe Barton (R-Texas) have sent a letter to Facebook Chief Executive Mark Zuckerberg asking him to provide information about the latest security breach at the social networking site. The breach consisted of third-party applications gathering and transmitting personally identifiable information about Facebook users and their friends--including identification numbers, which can be used to look up a user's real name and find other information users have made public--to advertising and Internet tracking companies. The letter asks Zuckerberg to disclose how many users had been affected by the breach, when Facebook became aware of the problem, and what steps the social networking site plans to take to deal with the privacy issue. A Facebook spokesman said that the company wants to work with Markey and Barton in order to address any confusion surrounding the incident, but said that passing a user ID to an application may not constitute a "breach." Meanwhile, Facebook executive Mike Vernal acknowledged that user IDs were passed on to advertising and Internet companies inadvertently in violation of the company's policies. He added that while knowing a user's ID does not allow anyone to access a user's private information, Facebook is taking steps to ensure that applications comply with its privacy policy and to prevent even the inadvertent passing of user IDs to third parties.


U.S. Companies Are at Risk of Spying by Their Own Workers
New York Times (10/17/10) Drew, Christopher

Huang Kexue has been charged with economic espionage after he allegedly began sharing secrets gleaned from his work at a Dow Chemical lab in Indiana with Chinese researchers. Huang has a grant from the Natural Science Foundation of China. He grew up in China but has lived legally in the U.S. or Canada since 1995. However, while working for Dow, he also held a job as a visiting professor at a Chinese university and made eight trips to China. In addition to allegedly sharing information, Huang is also accused of attempting to smuggle samples of a bacterial strain from Dow to China in his son's suitcase. He is now being held in custody in Indiana and has been denied bail. Officials say that the spying Huang is accused of is part of a trend of corporate spies working for foreign governments who are trying to obtain the latest technological advances. China, Iran, and Russia are considered the countries most likely to be behind such economic espionage. Traditionally, technological spies focused on military advances, but now they have been found stealing business secrets from software codes to laboratory breakthroughs. It is difficult to know how widespread the practice is because public companies are often reluctant to report breaches tied to any assets that may have been compromised.




FBI Investigates Toxic Powder Sent to Arizona Congressman
CNN International (10/22/10) Thompson, Scott

The FBI has launched an investigation into a possible attack on the Tucson offices of Arizona Rep. Raul Grijalva. The investigation stems from an incident that took place at about midday Thursday local time, when staffers checking the mail discovered a white powdery substance and the drawings of two swastikas inside an envelope. After the Tucson Fire Department arrived on the scene, authorities determined that the powder was some type of toxic material. All of the nearly 12 people who were inside the office when the powder was discovered where checked out by local authorities and sent home. The powder has since been sent to an FBI lab in Phoenix, where scientists are performing a full analysis of the substance. The discovery of the toxic powder was the third security issue to take place at one of Grijalva's regional offices so far this year. Last spring, two of Grijalva's local offices were closed after the congressman received threats from someone who disagreed with his position on immigration legislation. Over the summer, a shot was fired at Grijalva's office in Yuma, shattering a window.


WikiLeaks Prompts U.S. Alert to Iraqis
Wall Street Journal (10/21/10) Barnes, Julian E.

The Pentagon's Information Review Task Force is reviewing copies of the more than 400,000 Iraq war documents that the Web site WikiLeaks could release in the next several days. After its review of the documents, which are primarily raw, low-level intelligence reports, the task force will notify some of the Iraqis named in the documents, particularly those who might need protection or other types of assistance if their names are released. However, a defense official said that it remains unclear whether WikiLeaks will redact names when it releases the documents, which are believed to have been leaked to the Web site by PFC Bradley Manning. In addition, the official noted that the Pentagon will not be able to notify everyone mentioned in the documents, given the large number of names contained in the files. The Information Review Task Force conducted a similar review of war documents from Afghanistan that were released by WikiLeaks. The Pentagon wanted to identify the individuals named in the documents because it feared that the Taliban would hunt them down and take revenge on them for working with the U.S. While Defense Secretary Robert Gates said that the release of the Afghan war documents did not reveal sensitive sources, he noted that the disclosure of the names of Afghans who had helped the military could hurt U.S. interests in Afghanistan. Others said that the release of the documents had few negative effects.


Unknown Shooter Fires at Pentagon
Wall Street Journal (10/20/10) Barnes, Julian E.

Between five and seven shots were fired at the Pentagon Tuesday morning, with some shots hitting windows in an unoccupied section of the building that was being renovated. After the shots were heard, investigators looked for evidence in the area south of the Pentagon, including areas near the adjacent highways. However, no bullet casings were found. Authorities later discovered pieces of two bullets lodged in windows. According to Steve Calvery, the director of the civilian Pentagon Force Protection Agency, the bullets were probably fired by a high-velocity rifle. Authorities are investigating a possible connection between the Pentagon shooting and an attack on the National Museum of the Marine Corps., in Triangle, Va., which lies south of the Pentagon. In the museum attack, which took place on Monday, at least 10 bullets were fired at the side of the building that faces nearby Interstate 95.


Al Qaeda Remains Top Threat, U.K. Officials Say
Wall Street Journal (10/19/10) MacDonald, Alistair

In a background briefing on the release of the U.K.'s new National Security Strategy on Monday, a British security official said that al-Qaida is still the biggest security threat to Great Britain. British security officials also noted that the threat from al-Qaida has not diminished after 10 years of war, but rather has diversified. According to the National Security Strategy, al-Qaida is weaker in Afghanistan and Pakistan but now has a broader reach throughout the Muslim world thanks to the development of affiliated groups in Somalia, Yemen, and Iraq. These affiliated groups are not trained or directed by al-Qaida, though they do share the group's objectives and methods. In addition, the report found that al-Qaida may have to begin launching smaller scale attacks against softer targets instead of large attacks. Lone wolf attacks that are inspired by al-Qaida, and are harder to detect, may become more common too, the report said. The report noted that while al-Qaida is the biggest security threat to the U.K., it is not the only one. Cyberattacks and terrorist groups connected with dissident Republicans in Northern Ireland are also a threat to the U.K.'s security as well, the report found.


'Double Standard' in Classified Leak Inquiries?
MSNBC (10/18/10) Isikoff, Michael

Some say that the Obama administration is being hypocritical in its efforts to crack down on those who leak sensitive information. Among them is Abbe Lowell, an attorney who is representing Stephen Jin-Wood Kim, a senior analyst at Lawrence Livermore National Laboratory and a former State Department Contractor who has been charged with leaking classified information about North Korea's nuclear intentions to a reporter from Fox News. The information Kim is charged with leaking includes reports about how North Korea would respond to a U.N. Security Council resolution by conducting another test of a nuclear bomb. Experts such as John Bolton, the former undersecretary of state for disarmament, say that the information released by Kim--who is the fourth person charged by the Obama administration for leaking sensitive data in the last several months, which is more than the number of people prosecuted by the last three administrations combined--was unremarkable and could have been gleaned from news reports. According to Lowell, it is hypocritical for the Obama administration to prosecute Kim when White House officials gave author Bob Woodward much more sensitive information for his new book, including details about a highly-classified meeting between then-Director of National Intelligence Mike McConnell and then-President-elect Barack Obama in November 2008. Some top administration officials agree that there is a double standard, which they say makes it very difficult to crackdown on those who leak sensitive information. However, another White House official said that there is no double standard, and that the president did not authorize anyone to provide Woodward with sensitive information.




Mississippi National Guard Admits Accidental Data Breach
eSecurity Planet (10/20/10) Barrett, Larry

The Mississippi National Guard has revealed that sensitive information of almost 3,000 of its members was accidentally posted online in early September and was available to anyone on the Web for more than a month. The records that were posted included the names of the guardsmen as well as their Social Security numbers and phone numbers. In the aftermath of the breach, all affected individuals were notified and plans were made to implement improved data security procedures to prevent a similar incident from happening in the future, said National Guard spokesman Col. Tim Powell. News of the breach comes in the wake of a recent security review by identity theft expert Robert Siciliano, which found that federal government and military organizations are at a high risk of breaches involving sensitive information. Siciliano found that federal government and military organizations are the sixth-most likely to accidentally release someone's Social Security number. State government agencies were at an even higher risk, Siciliano found.


Pentagon Will Help Homeland Security Department Fight Domestic Cyberattacks
New York Times (10/20/10) Shanker, Thom

The White House has adopted new rules for using the Pentagon's cyberwarfare capabilities to respond to a cyberattack on the nation's vital computer networks. The rules require the president to approve the Department of Defense's use of its expertise in cyberwarfare to respond to a cyberattack, much in the same way that the president dispatches military forces to respond to natural disasters. The Department of Homeland Security, meanwhile, would be responsible for directing the use of the Pentagon's cyberwarfare capabilities. As part of the new approach, a team from the Department of Homeland Security will be sent to Fort Meade, Md., the home of the National Security Agency and the military's Cyber Command. In addition, a group of military networking experts would be sent to the operations center at the Department of Homeland Security. Officials say the rules will help the government to quickly respond to a cyberattack while protecting civil liberties that could be threatened in the event the military uses it expertise in cyberwarfare. Officials also say the rules were needed because most of the government's computer-network capabilities are entrusted to the Pentagon, while most of the important targets for a cyberattack are on U.S. soil. A full National Defense Strategy for Cyber Operations will be released by the Pentagon this year, while broader interagency guidance will be released by the Obama administration some time next year. That guidance could take the form of a presidential directive.


Inter-Cloud Data Security Technology Developed by Fujitsu
PhysOrg.com (10/19/10)

Fujitsu Laboratories researchers have developed security technology that enables confidential data to be safely shared among different computing clouds. The technology masks confidential information before it is processed in the cloud, transferring applications from the cloud to inside the company, making cloud services available without transmitting actual data. The researchers say the system allows users to transmit sensitive data in the cloud and encourages new uses of cloud computing such as cross-industry collaborations. The masking technology deletes or changes confidential parts of the data before it is transmitted to an external cloud. The technology's information gateway also can transfer cloud-based applications to in-house sandboxes for execution. The sandbox will block access to data or networks that lack pre-authorized access. The data traceability technology uses the logs taken from data traffic to make the data in the cloud visible to the user.


8 Cyber-Security Recommendations to Fight Botnets
Government Technology (10/19/10) Collins, Hilton

Botnets are perhaps the biggest cybersecurity threat to organizations, says CDW-G's Peyton Engel. He says that governments are particularly at risk because they often do not have as much money as private companies to spend on security measures that will protect them from botnets. Engel says that organizations should take a number of steps to protect against the threat from botnets, including installing a Windows firewall to block network-based attacks, disabling the Autorun feature so that computers do not automatically install software, and compartmentalizing networks so that threats and infections can be isolated. In addition, he says that organizations should consider installing host-based intrusion to prevent botnets from taking root in a system and filtering outgoing data to impede communications between botnets and the remote servers that hackers use to obtain information. Also recommended is augmenting monitoring capabilities so organizations can more easily cull information about network health. However, organizations should not implement all of these security measures, and should instead develop a cybersecurity strategy that is best for them.


Internet Security Plan Under Review Would Alert Users to Hacker Takeover
Associated Press (10/18/10) Baldor, Lolita C.

An Australian program allowing Internet service providers to alert customers if their computers are commandeered by hackers and restrict online access if they do not correct the problem is being considered by the U.S. government. Certain sections of the plan have kindled the interest of experts and U.S. officials, but any government attempt to monitor or regulate the Internet could spark fervent public opposition. White House cyber coordinator Howard Schmidt says the United States is studying a number of voluntary ways to help small businesses and the public better shield themselves online, and possibilities include provisions in the Australian effort that enable customers to receive alerts from their ISPs if their computer is hijacked by hackers via a botnet. However, officials are not advocating an option in the program that permits ISPs to block or limit Internet access by customers who fail to fix their infected computers, arguing that this would be technically problematic and face heavy resistance. Center for Strategic and International Studies fellow James Lewis says that any step-up in regulations is a source of concern for ISPs, and they worry about consumers' response to monitoring or other security measures. He notes that online customers may not want their ISPs to restrict online access if their computer is infected, and they may resist the idea of being under an obligation to keep their systems clean of infection. Still, they may be open to having their ISP notify them of cyber attacks and help them to cure infections by providing instructions, patches, or antivirus software. Lewis says carriers playing a part in defending online customers from cyber attack is an inevitability, but Harris Corp.'s Dale Meyerrose cautions that voluntary programs will be insufficient. "We need to have things that have more teeth in them, like standards," he says. For example, coffee shops or airports might restrict their wireless services to laptops outfitted with certain safeguards, while ISPs that put programs in place might be eligible for specific tax incentives.


Abstracts Copyright © 2010 Information, Inc. Bethesda, MD


  ASIS also offers a daily and a non-sponsored, special-content Professional Edition of
Security Newsbriefs. Please click to see a sample or to contact us for more information.

Unsubscribe | Change E-mail | Advertising Opportunities | Security Management Online | ASIS Online

No comments:

Post a Comment