Search This Blog

Friday, November 19, 2010

Security Management Weekly - November 19, 2010

header

  Learn more! ->   sm professional  

November 19, 2010
 
 
Corporate Security
Sponsored By:
  1. "Nigerian Military Frees Hostages"
  2. "San Francisco Reconsiders Contract Force"
  3. "2 Arrested After Gunshot Was Fired at Security Guard, Store Employee" Christiana, Del.
  4. "Credit Unions Ask Congress to Help With Security Breaches"
  5. "Piracy in Somalia: More Than 400 Sailors Still Being Held"

Homeland Security
Sponsored By:
  1. "Civilian Terror Trial Criticized, but Tribunals Also Face Hurdles"
  2. "U.S. Screening of All Airline Cargo Isn't Feasible, Napolitano Says"
  3. "Case Shows Rise of Non-Bank Transfers to Fund Terror" Times Square Bombing Case
  4. "U.S. Pursues Wider Role in Yemen"
  5. "'Fusion Centers' Gather Terrorism Intelligence - and Much More"

Cyber Security
  1. "Report Sounds Alarm on China's Rerouting of U.S. Internet Traffic"
  2. "Virus Could Ruin Many Industries' Control Systems"
  3. "Downtime Rated Top Risk of Data Breaches"
  4. "Forcing Browsers to Use Encryption"
  5. "Google Chrome Tops 'Dirty Dozen' Vulnerable Apps List"

   

 
 
 

 


Nigerian Military Frees Hostages
Wall Street Journal (11/18/10) Faucon, Benoit; Connors, Will

Nigeria's military has freed 19 hostages kidnapped in the Niger Delta. The majority of the hostages had been taken in recent raids by gunmen on offshore oil facilities operated by ExxonMobil and Afren PLC. The military said the hostages had been rescued from a militant camp without paying any ransom. The freed hostages included two French nationals, two U.S. nationals, two Indonesians, a Canadian and Nigerians. Militants seeking a better share of oil revenue agreed to surrender their weapons last year, though a new wave of armed groups--which the army and ex-militants say have no political agenda--have now surfaced.


San Francisco Reconsiders Contract Force
Wall Street Journal (11/18/10) White, Bobby

San Francisco's Patrol Special Police may be abolished after the end of this month, due to a growing conflict with the city's police department. The 50-person patrol team was founded in 1847 and contracts out security services to businesses and residents. City charter allows Patrol Specials to carry weapons, wear uniforms that are similar to those worn by police, and patrol neighborhoods, while being funded by the city and through security contracts. The group reports to the Police Commission, a five-person board that sets policy for the San Francisco Police Department. Later in November, the Patrol Special Police will meet with the Police Commission to determine whether they will remain part of the city charter. The group will likely disband if stricken from the charter. Gary Delagnes, president of the San Francisco Police Association, says that there is a role for the special police, but added that the agency appears to want the same authority and power as a police officer, "and we're against that." Since the late 1990s, there have been more than a dozen lawsuits involving the Patrol team and 40 misconduct investigations by the SFPD. One resident sued a Patrol Special officer in 2007 for personal injury, allegedly struck by a car driven by the officer. Last year, the Police Commission challenged the Patrol Special Police to change their uniforms so that they would not resemble SFPD uniforms, which the group refused as it may have diminished their association with the city. A study of the group, ordered by the Police Commission, recommended in September that the city remove the Patrol Special Police from the charter.


2 Arrested After Gunshot Was Fired at Security Guard, Store Employee
Newark Post (11/17/10)

A shoplifting incident at the Christiana Mall in Christiana, Del., ended in violence on Wednesday when the two suspects shot at a security guard and a store employee. The incident began about midday in the mall's Abercrombie and Fitch store, when 17-year-old Miles Turner and 18-year-old Aaron Mills allegedly attempted to steal several articles of clothing by placing them inside a plastic bag. Turner and Mills then allegedly walked out of the store with the items in their bag, ignoring the security sensors that had been activated and the story employee who asked them to stop. The employee then followed Mills and Turner out to the mall's parking lot. When a mall security guard attempted to get Turner to stop by grabbing hold of his backpack, Turner allegedly fired one shot from his handgun in the direction of the security guard and the Abercrombie and Fitch employee. Neither the store employee or the security guard was hit by the bullet. Mills and Turner then fled but were soon apprehended by police after they boarded a bus. Both have been charged with 1st degree robbery and a number of other charges.


Credit Unions Ask Congress to Help With Security Breaches
Dow Jones Newswires (11/16/10) Randall, Maya Jackson

Credit unions are asking U.S. lawmakers to help them address identity theft and fraudulent charges this holiday shopping season, saying the new financial overhaul makes it harder to offset the cost of such security breaches. The National Association of Federal Credit Unions (Nafcu) noted in a letter this week to Senate Majority Harry Reid (D-Nev.) and Senate Minority Leader Mitch McConnell (R-Ky.) that credit unions, which issue payment cards for consumers, often charge-off fraud-related losses and also spend money trying to re-establish safety for members after a breach. But the group says the Dodd-Frank Act limits credit unions' ability to charge merchants' fees that would normally help offset the cost of addressing data security breaches. The credit union group is calling for new policies requiring companies to make it clear when their data systems have been breached. It also argues that merchants should foot the bill when security breaches are their fault.


Piracy in Somalia: More Than 400 Sailors Still Being Held
Telegraph.co.uk (11/15/10) Blake, Heidi

Despite international efforts to curb it, the piracy business off the coast of Somalia appears to be continuing to grow. Already in 2010, 40 ships have been hijacked, compared to 47 in all of 2009. The number of crewmembers kidnapped now stands at 790 and is expected to exceed the 2009 total of 867. Of those captured many have been rescued. However, just over 435 remain in captivity. All in all, Somali pirates were responsible for 44 percent of all 289 reported incidents of piracy in 2010, according to the International Chamber of Commerce's International Maritime Bureau. In order to combat piracy in the area, the U.S., Britain, Europe, China, and India have all deployed naval force to protect shipping lanes, but the pirates have responded by moving their operations south and east and by venturing further a field to find ships to target.  For additional information about this story, please click here.





Civilian Terror Trial Criticized, but Tribunals Also Face Hurdles
Wall Street Journal (11/19/10) Perez, Evan

Although some Republican lawmakers said Thursday that the acquittal of Ahmed Khalfan Ghailani on all but one charge related to the 1998 U.S. Embassy bombings is proof that accused terrorists should be tried by military commissions, some experts say that military trials do not necessarily guarantee a better outcome than civilian trials. One reason why the outcome may not have been much different is the fact that military commissions are prohibited by a 2009 law from hearing evidence that was obtained through torture or degrading treatment. The issue of torture came up during Ghailani's civilian trial when the judge prohibited prosecutors from using the testimony of a key witness because the identity of that witness was learned after the CIA conducted harsh interrogations of the defendant while he was in their custody. Some experts also say that the outcome of Ghailani's trial might have actually been worse if it had taken place before a military commission. Ghailani could face 20 years to life when he is sentenced by a civilian court, while many of those who have been convicted by military commissions have gotten off with much lighter sentences. Meanwhile, Republican lawmakers say that the outcome of Ghailani's trial shows that September 11 mastermind Khalid Sheikh Mohammed and his four co-conspirators should be tried at Guantanamo Bay before a military tribunal. Officials say that the Obama administration will likely opt for a military tribunal over a civilian trial.


U.S. Screening of All Airline Cargo Isn't Feasible, Napolitano Says
Bloomberg (11/19/10) Bliss, Jeff

Homeland Security Secretary Janet Napolitano touched on a number of different security issues in an interview that is set to air on Bloomberg Television this weekend, including the air cargo security rules that were put in place after last month's failed air cargo bombing attempt. Under those rules, high risk cargo from passenger planes will be forbidden from entering the U.S. In addition, ink cartridges that weigh more than a pound will not be allowed to be brought on board passenger planes in carry-on and checked luggage. Napolitano said that such rules improved security better than a bill introduced by Rep. Edward Markey (D-Mass.) that would require all packages on air-cargo planes to undergo security screening. Napolitano noted that such a requirement is not realistic because cargo is much more complicated and comes in "more shapes and sizes" than airline passengers. In addition to air cargo security, Napolitano also addressed criticism from some Republicans that the Obama administration is not doing enough to boost border security and conduct workplace raids against illegal immigrants. The homeland security secretary noted that such criticism is unfair because the Obama administration deported and removed more people in 2009 than any other year in the past. Finally, Napolitano said that the Department of Homeland Security is working to help secure government and commercial computer networks in order to protect them from cyberattacks.


Case Shows Rise of Non-Bank Transfers to Fund Terror
Wall Street Journal (11/17/10) Perez, Evan

The effort to crackdown on terrorism financing in the wake of the September 11, 2001 terrorist attacks has forced militants and their supporters to look for channels besides the U.S. financial system to use to send money to one another. Among the methods terrorists are using is hawala, an informal network of money transmitters. While many hawalas are legally registered, authorities say that thousands of others are not. Prosecutors in the Times Square bombing case say that a hawala was used to help finance the plot. According to prosecutors, 28-year-old Aftab Ali of Brookline, Mass., met with confessed Times Square bomber Faisal Shahzad in late February and handed over $4,900 that had been sent using a hawala operated by Ali's brother. That money in turn came from members of the Pakistani Taliban. Hawalas have also been used to transfer money from the U.S. to the Somali militant group al Shabaab. Two Somali-American women were arrested by the FBI in August for allegedly making 12 hawala transfers worth less than $10,000 to the group. But prosecutors say that hawala transfers are usually made in even smaller amounts, typically less than $3,000, in order to evade anti-money-laundering and terrorism financing laws. According to Georgetown University Professor Bruce Hoffman, the use of informal money transfer networks like hawala and the use of small transfers is a sign that the effort to crackdown on terrorism financing has succeeded. He added that there may not be much more that authorities can do to prevent terrorism financing, since terrorists will always be able to find a way around whatever security measures are in place.


U.S. Pursues Wider Role in Yemen
Wall Street Journal (11/16/10) Entous, Adam; Barnes, Julian E.; Coker, Margaret

The U.S. is stepping up efforts to track down members of al-Qaida in the Arabian Peninsula (AQAP), the Yemen-based terrorist group that claimed responsibility for last month's cargo bombing plot. As part of those efforts, U.S. officials are devising plans to create forward operating bases in rural areas in Yemen where terrorist organizations operate. Such bases would be staffed by large numbers of troops, including specialized Yemeni commando units who would help the U.S. track down al-Qaida leaders. American trainers would not likely be stationed at the bases, as their presence may be opposed by the Yemeni government. Supporters of the plan to create the bases say that they would help the Yemeni government expand its control of the country while allowing American Special Operations trainers and advisers to get out of the San'a area and into the field, should the Yemeni government decide to allow them to staff the bases. The plan is still being discussed between Yemeni and American officials. Meanwhile, the CIA and other agencies are moving equipment and personnel from other areas into Yemen. The U.S. is hoping to increase the number of intelligence operatives and analysts in the country.


'Fusion Centers' Gather Terrorism Intelligence - and Much More
Los Angeles Times (11/15/10) Dilanian, Ken

In the aftermath of the September 11, 2001 terrorism attacks, the Department of Homeland Security opened 72 so-called "fusion centers" as part of an effort to improve the sharing of information and threat analysis among local law enforcement agencies. In addition to collecting data about possible domestic terrorism plots, the centers also collect and distribute criminal intelligence--including data that may seem insignificant. Homeland Security Department officials say that the collection of criminal intelligence will help the fusion centers develop a system to receive, sort, and share vital information. Such a system could become an increasingly important tool in uncovering terrorist plots before they can be carried out. Although the fusion centers have led to the discovery of dangerous individuals that would not have otherwise been found, said Harvey Eisenberg, the federal prosecutor who runs a fusion center in Maryland, some are concerned that the centers could violate citizens' privacy and civil rights. While there have been some lapses, officials with the Department of Homeland Security and fusion centers say they take a variety of steps to protect the privacy and civil rights of citizens. For instance, fusion center analysts do not run names through databases unless they have reasonable suspicion to do so. Every fusion center also has a privacy and civil liberties policy to prevent the misuse of government and commercial databases that contain large amounts of personal information.




Report Sounds Alarm on China's Rerouting of U.S. Internet Traffic
Computerworld (11/18/10) Vijayan, Jaikumar

The U.S.-China Economic Security Review Commission has submitted a report to Congress that found that China has directly impacted on Internet traffic in the U.S. and in other global regions on at least two separate occasions. The first event, the report says, occurred on April 8, when traffic to and from approximately 15 percent of all Internet destinations was routed through servers belonging to the state-owned China Telecom. This rerouting affected networks belonging to the Army, Navy, Air Force, Marine Corps, the Office of the Secretary of Defense, the Department of Commerce, NASA, and the U.S. Senate. Corporate Web sites belonging to Microsoft, Dell, and Yahoo were also affected. The second incident involved a botched attempt by Chinese authorities to block users in China from accessing Twitter, YouTube, or Facebook. Due to a network error, users in the U.S. and Chile were also unable to access the sites, and were directed to incorrect servers. While there is little concrete evidence to show whether these attacks were intentional, the report says that the problem raised by these incidents is that China and other countries do have the power to impact U.S. Internet traffic in this fashion, regardless of intent.


Virus Could Ruin Many Industries' Control Systems
Associated Press (11/18/10) Baldor, Lolita C.

Stuxnet, a worm that appears to target Iran's nuclear energy plants, can be tweaked to inflict damage on industrial control systems worldwide, and constitutes the most critical cyber threat that industry is aware of, according to government officials and experts. They caution that as industries integrate networks and computer systems to boost efficiency, they become increasingly susceptible to Stuxnet. Lawmakers say this growing threat makes it crucial that Congress move ahead on bills to broaden government controls and establish requirements to improve system safety. Symantec's Dean Turner recently told the Senate Homeland Security and Governmental Affairs Committee that there were 44,000 unique Stuxnet computer infections worldwide and 1,600 in the United States. Stuxnet targets companies that employ Windows operating software and a Siemens-designed control system. Attackers can use information publicized about the worm to develop modifications that target other industries, warns Sean McGurk, acting director of DHS' national cyber security operations center. Turner also stresses that the virus is so refined and complicated "that a select few attackers would be capable of producing a similar threat." Michael Assante with the National Board of Information Security Examiners informed lawmakers that control systems must be partitioned from other networks to make access more difficult for hackers. He urged senators to fortify government authorities and consider imposing performance requirements and other standards on the industry to curb dangerous practices and boost system security. "We must admit that our current security strategies are too disjointed and are often, in unintended ways, working against our efforts to address" cyber security challenges, Assante argued.


Downtime Rated Top Risk of Data Breaches
InformationWeek (11/16/10) Schwartz, Mathew J.

The initial response to a data breach or network attack is confusion, because two-thirds of organizations lack the appropriate data or tools to adequately understand the scope of a security incident, and 35 percent have no response plan, according to a Solera Networks survey. The group polled more than 200 security experts about their organization's ability to detect and quell sophisticated, persistent attacks. Solera's Peter Schlampp says his company has seen a shift in the type of threats organizations are facing. "Opportunistic theft and vandalism on networks is being replaced with targeted, multi-component, persistent attacks focused on specific systems and assets," Schlampp notes. "Results of the study clearly show that most organizations are ill prepared to prevent and respond to these incidents." Surprisingly, when it comes to network attacks, respondents' greatest fear is not intellectual property theft or loss of reputation, but downtime. Indeed, 92 percent of respondents said they feared egregiously long cleanup times. However, 25 percent of organizations said they were "not prepared" to deal with security incidents, and 28 percent said they were only somewhat ready. "Nearly all responders (96 percent) feel moderately or extremely threatened by employee Web activity, and 71 percent worry about IM exploits," Solera says.


Forcing Browsers to Use Encryption
CNet (11/15/10) Mills, Elinor

The Internet Engineering Task Force has developed a security mechanism to mitigate the threat from browser add-ons that allow attackers to easily capture the cookies that Web sites use to communicate with computers. When a Web site implements the security mechanism, known as HTTP Strict Transport Security (HSTS), the browsers of users visiting that site are forced to connect to a secure version of the page, regardless of whether the user types https into the URL bar. HSTS addresses several security issues that arise when Web sites do not use encryption, including the hijacking of Web accounts over insecure Wi-Fi networks. HSTS already is being used in Google Chrome and the NoScript and Force-TLS plug-ins for Firefox. The next version of Firefox also will use HSTS, although Microsoft's Internet Explorer 9 does not support the mechanism. Meanwhile, several Web sites, including PayPal, have begun using HSTS. Additional sites could adopt the mechanism once it is supported by more browsers, particularly Internet Explorer.


Google Chrome Tops 'Dirty Dozen' Vulnerable Apps List
Network World (11/15/10) Messmer, Ellen

The Google Chrome browser earned a spot on the "Dirty Dozen" list of 12 applications with the most discovered software vulnerabilities requiring patches and notifications between January and mid October. The annual list, formulated by security firm Bit9 based on public data available through the National Institute of Standards and Technology's National Vulnerability Database, distinguishes Google Chrome as the leading offender with 76 reported vulnerabilities. Apple's Safari browser secures second place spot with 60 reported vulnerabilities while Microsoft Office is third with 57. Filling out the list are: Adobe Acrobat with 54 vulnerabilities, Mozilla Firefox with 51, Sun JDK with 36, Adobe Shockwave Player with 35, Microsoft Internet Explorer with 32, RealNetworks RealPlayer with 14, Apple Webkit with nine, Adobe Flash Player with eight, and Apple Quicktime and the Opera Web browser, both tied at six. Google Chrome is a relatively nascent browser and security experts may thus be putting a lot of emphasis on it, uncovering weaknesses, says Bit9 CTO Harry Svedlove. He notes that various vulnerability types, such as buffer-overflow and cross-site scripting flaws, affected these applications.


Abstracts Copyright © 2010 Information, Inc. Bethesda, MD


  ASIS also offers a daily and a non-sponsored, special-content Professional Edition of
Security Newsbriefs. Please click to see a sample or to contact us for more information.

Unsubscribe | Change E-mail | Advertising Opportunities | Security Management Online | ASIS Online

No comments: