| |
Which Health-Care Workers Are Most Likely to Be Assaulted?
Wall Street Journal (12/08/10)
Healthcare workers are at a higher risk of assault than employees in other industries, a study by two physician researchers at Johns Hopkins Hospital in Baltimore has found. Citing government statistics, the study noted that the rate of assaults at healthcare facilities was 8 per 10,000 workers, while the rate for all private-sector industries was 2 per 10,000 workers. However, nursing staff in nursing homes, long-term care facilities, intensive care units, psych units, and emergency departments are at an even higher risk of assault, the study noted. The study blamed the higher-than-average assault rate at healthcare facilities on several factors, including the fact that the public no longer views physicians with "reverence," as well as the fact that patients are becoming increasingly frustrated when dealing with the healthcare system. The study noted that healthcare facilities should protect their employees by performing ID checks, installing security cameras, conducting regular threat assessments, and training employees on how to recognize dangerous situations and de-escalate a potentially violent situation. Walk-through metal detectors, however, will not do anything to prevent assaults that do not involve guns and could introduce weapons into healthcare facilities since they are operated by armed guards, the study noted.
Experts Alert Managers to Workplace Violence Warning Signs
Stamford Times (Conn.) (12/08/10) Evans, Tom
Although homicides are the most common cause of death in the workplace in nine of the 10 largest metro areas in the U.S, 70 percent of companies do not have a plan in place to handle a workplace violence incident, according to a National Institute for Occupational Safety and Healthy. As a result, employees need to be on the lookout for signs that a colleague may be prone to committing an act of violence, said Rich Cordivari, the vice president of learning and development at Allied-Barton Security Services. Things to watch for that indicate that someone could be involved in a violent episode include an increased need for supervision, fascination with weapons, and strained work relationships. Sgt. Kevin Fitzgibbons of the Stamford (Conn.) Police Department said that those who feel ostracized or slighted by their employer may also be prone to committing an act of violence.
White House to Continue Copyright Crackdown
Politico (12/06/10) Romm, Tony
White House intellectual property czar Victoria Espinel says the Obama administration will launch more operations against Web sites that provide illegal access to copyrighted material. Espinel says future actions could target online pharmacies that sell counterfeit drugs. Espinel and others have already had a number of meetings with GoDaddy, Google, Microsoft, and others about the issue. According to Espinel, an announcement about future actions against Web sites that are engaged in copyright infringement will be made in the next several weeks. Espinel's announcements come in the wake of a Justice Department operation that resulted in the closure of more than 80 Web sites that were allegedly involved in the sale of counterfeit goods and the sharing of copyrighted films, music, and TV programs. That operation has resulted in increased support for the Combating Online Infringement and Counterfeits Act, which would give the executive branch more authority to shut down U.S.-based Web sites that provide illegal access to copyrighted material.
Theft Leaves Tons of Evidence
Wall Street Journal (12/03/10) Matthews, Robert Guy
Authorities in Baltimore have charged a scrap-yard owner with the theft of 96 tons of the metal nickel. The nickel, which was worth $2.6 million, had been mined in Australia but was stolen at a warehouse in Baltimore sometime around Labor Day weekend. The nickel was transported by ship from a BHP Billiton mine in Australia to a Baltimore port, where it took four truckloads to steal. Suspicions by a metal trading company that had been contacted by miner BHP Billiton about purchasing the metals, led the police to Alan Verschleisser, who owns at least three scrap yards in Baltimore. Verschleisser denied wrongdoing, but was charged by federal authorities and appeared in court on Nov. 30. The theft also involved about 50,000 tons of less valuable ferrochrome. Commodities such as copper and aluminum are often stolen when the economy is good, but thieves rarely bother with nickel and ferrochrome because specialized industrial machinery must be used to make the materials useful. However, nickel has been rising in price, and is now one of the highest priced non-precious metals, selling for about $23,000 per metric ton.
Companies Beware: The Next Big Leak Could Be Yours
Globe and Mail (CAN) (12/02/10) Robertson, Jordan
For years, experts have warned that disgruntled insiders and inefficient security policies could be significant risks to many companies, and the WikiLeaks release of U.S. diplomatic documents shows that powerful corporations may be next. The WikiLeaks organization claims to possess incriminating documents from a major U.S. bank, prompting a new urgency to rethink corporations' information security. Company records, including emails, documents, and databases, are all at risk of revelation, whether that information is related to new products, possible acquisitions, insider trading, or ongoing legislation. While many companies' security limits who can see the information, such precautions are still subject to error, especially when networks become more complex or companies reorganize. These networks are even less secure if someone who has legitimate access decides to leak company secrets. WikiLeaks now claims to have inside information about such corporations as Bank of America and BP PLC. Security experts have strongly recommended that large companies adopt clear policies on who should access certain data, but these warnings have often gone unheeded. Companies may protect their data by configuring email servers and restricting to whom documents can be sent, and some people may be prevented from copying and pasting from documents. Downloads to thumb drives and CD-ROMs could also be blocked, and some technologies are available to check if executives' email messages are being checked too often.
Congress Steps Up Action Against WikiLeaks
Homeland Security Today (12/10) McCarter, Mickey
Rep. Peter King (R-N.Y.) on Thursday introduced legislation that would make it illegal to disclose documents similar to the ones that were recently leaked by WikiLeaks founder Julian Assange. Under the bill, known as the SHIELD Act, it would be illegal to publish the names of American intelligence sources who supply information to the U.S. military or the nation's intelligence community. The bill will serve as a companion to a bill introduced earlier this month by Sens. Joseph Lieberman (I-Conn.), John Ensign (R-Nev.), and Scott Brown (R-Mass.), which is also known as the SHIELD (Securing Human Intelligence and Enforcing Lawful Dissemination) Act. Taken together, both bills would amend the Espionage Act to provide human intelligence sources with the same protections that are currently given to communications intelligence. King says his bill is necessary to protect the nation's security as well as the lives of the nation's intelligence sources, who he said have been put in danger as the result of the release of secret documents by WikiLeaks.
AP Enterprise: FAA Loses Track of 119,000 Aircraft
Associated Press (12/10/10)
The Federal Aviation Administration (FAA) has revealed that it is missing vital information on 119,000 of the 357,000 private and commercial aircraft that are registered in the U.S. According to the FAA, the registrations of these planes are questionable because they include invalid addresses or are missing forms. In addition, some of these registrations are questionable because sales of the aircraft were not reported, the FAA says. The FAA is concerned that these problems could result in terrorists or criminals purchasing aircraft without the government's knowledge or using the registration numbers of other aircraft to evade detection by systems designed to track flights. To correct the problems with the registrations, the FAA is planning to cancel all aircraft registrations over the next three years and force aircraft owners to re-register their planes within three months. The FAA's one-time registration certificate will also be eliminated and replaced with one that must be renewed every three years. Aircraft owners who fail to re-register will lose their registration certificate and will be forced to ground their planes. The changes are being criticized by some who say that they will not improve security, since most of the paperwork problems are associated with the registrations of small planes that are unlikely to be used by terrorists.
Baltimore Man Arrested in Foiled Terrorism Plot
Los Angeles Times (12/09/10) Drogin, Bob; Serrano, Richard
A 21-year-old Baltimore man was arrested in an FBI sting on Wednesday for allegedly trying to detonate what he thought was a car bomb outside an Armed Forces recruiting station in Catonsville, Md. Antonio Martinez, a U.S. citizen who began calling himself Muhammad Hussain after he converted to Islam, came to the attention of law enforcement officials in early October after an FBI informant saw posts about jihad on his Facebook account. The FBI informant then developed an Internet friendship with Martinez. According to court documents, Martinez asked the informant about attacking recruiting centers or other military targets to retaliate for the deaths of Muslims at the hands of the U.S. military. The documents also noted that Martinez originally wanted to "shoot everybody" in the Catonsville recruiting station, though the informant and Martinez eventually discussed building a car bomb instead. The FBI eventually built a phony car bomb and parked it outside the Catonsville recruiting station on Wednesday, when Martinez tried to detonate the device with a cell phone. Martinez was immediately arrested and charged with attempted use of a weapon of mass destruction and attempted murder of federal officials and employees. He could face life in prison if convicted on those charges. Officials say that the case underscores the fact that terrorist organizations no longer need to develop terrorist plots by convincing recruits to travel to far-away training camps. In addition, the case shows that the threat from radicalized individuals here in the U.S. is becoming increasingly active, said Homeland Security Secretary Janet Napolitano.
Islamists Raise Fears of Violent 'Clash of Cultures' in Europe
MSNBC (12/08/10) Johnston, Ian
Experts fear that there could someday be a violent clash between Islamists and non-Muslims in Europe. According to Dr. John J. Le Beau, a professor of strategy and security studies at the George C. Marshall European Center for Security Studies in Germany, there are roughly 5,000 to 10,000 Islamists in Europe who are willing to commit acts of violence. Le Beau added that it is only a matter of time before a terrorist attack is successfully carried out in Europe. Should a major attack occur, Le Beau said, there could be a "spontaneous violent reaction on the part of others" in Europe--a reaction that he said could result in the Balkanization of Western Europe. One European country that has already seen a clash of cultures is the U.K., which is home to a large number Muslims, some of whom have been radicalized. Among them is Anjem Choudary, who planned an Islamist parade in the town of Wootton Bassett to protest the killing of Muslims in Afghanistan. Although the parade did not take place, it still provoked anger from the public. With Islamists such as Choudry calling for a Taliban victory over the U.S. and the implementation of Islamic Shariah law around the world, the European Union is taking steps to limit the spread of radical Muslim propaganda. For instance, legislation is being considered that would allow E.U. member states to shut down Web sites that are being used to spread propaganda that is deemed to be too extreme. The E.U. is also working to develop programs that can monitor the Internet for threats and unusual behavior.
WikiLeaks Publishes List of Worldwide Infrastructure 'Critical' to Security of U.S.
MSNBC (12/06/10)
The U.S. and the U.K. have condemned the latest release of sensitive documents by the Web site WikiLeaks, saying that the move was "irresponsible" and could hurt the national security of countries around the world. This latest document was written after the State Department asked diplomats in February of last year to identify "systems and assets" that are so important that there would be a significant impact on U.S. security, the U.S. economy, or the health of the American public if they were incapacitated or destroyed. Among the assets identified in the document are factories, undersea cables, communication hubs, and drug manufacturing plants. The document also identified fuel companies, pipelines, and an African cobalt mine. There are concerns that the document could be used as a hit list for terrorists. A spokesman for WikiLeaks defended the release of the document, saying that the U.S. government had already made it available to 2.5 million people--such as military personnel and private contractors--despite the fact that the information it contained was deemed highly sensitive. The spokesman also noted that the document does not mention the exact locations of these assets or the security measures that are being used to protect them. However, the document did ask U.S. diplomats to file reports on the security vulnerabilities of the assets and the security measures that are being used to mitigate these risks--something that the WikiLeaks spokesman said is proof that U.S. embassy officials do play a role in intelligence gathering, despite claims to the contrary.
WikiLeaks Backers Threaten More Cyber Attacks
Reuters (12/09/10) Prodhan, Georgina; Pelofsky, Jeremy
Supporters of WikiLeaks are vowing to launch more attacks against companies that have blocked business with the site in retaliation for its release of thousands of secret U.S. diplomatic cables. In an interview with BBC Radio 4, a spokesman for the group behind the distributed denial of service attacks against a number of different Web sites said that the campaign is "still going strong" and that "more people are joining." That campaign has targeted the Web sites of several companies who have stopped doing business with WikiLeaks, including MasterCard and Visa, which announced that they would no longer process donations for the site. As of Thursday evening, both MasterCard and Visa's main Web sites seemed to be functioning normally, though MasterCard said that there was a limited interruption of some of its online services. Visa's Web site had previously been unavailable in the U.S. Also targeted in the attacks was PayPal and Amazon, whose Web sites also appeared to be working correctly on Thursday evening. However, previous attempts to access PayPal's Web site were unsuccessful. As for Amazon, hackers were unable to bring down the site because they did not have the capability to do so. Meanwhile, authorities in the Netherlands have arrested a 16-year-old boy for being behind the attacks on MasterCard and Visa's Web sites.
MasterCard SecureCode Down as WikiLeaks DDos Attacks Continue
V3.co.uk (12/09/10) Neal, David
Companies that refused to process donations for WikiLeaks are under siege by angry hackers, and MasterCard was one of the latest victims with an assault that took down parts of its online presence, including its 3-D Secure authentication system MasterCard SecureCode. "This means that all MasterCard and Maestro transactions cannot be processed via 3-D Secure," according to a post by Secure Trading. The processor also said that Visa's 3-D Secure System, Verified by Visa, is being impacted by the attacks. Other targeted firms include PayPal and Swiss Bank Post Finance. MasterCard said that it was making "significant progress" in bringing service to its corporate Web site back up, and stressed that its core payments business was unaffected despite being targeted by hackers. "Our core processing capabilities have not been compromised and cardholder account data has not been placed at risk," MasterCard said.
Feds, Financial Sector in R&D Initiative
GovInfoSecurity.com (12/07/10) Chabrow, Eric
Accelerating the commercialization of cybersecurity innovations designed to protect critical financial services IT networks is the goal of a collaborative research and development (R&D) effort between the U.S. government and the financial services sector, according to a blog post from White House Cybersecurity Officer Howard Schmidt and federal CTO Aneesh Chopra. The blog says the federal government has signed a memorandum of understanding between the Department of Homeland Security, the National Institute of Standards and Technology, and the Financial Services Sector Coordinating Council (FSSCC) calling for the coordination of the design, development, and provision of advanced cybersecurity technologies and processes. The FSSCC will support R&D efforts to shield the physical and electronic infrastructure of the financial services and banking industries. Schmidt and Chopra say U.S. competitiveness is dependent on secure IT systems, such as online services provided by the financial services industry. The five-year R&D agreement makes each organization responsible for its own funding, and does not require a specific investment of any of the parties. "Ensuring these online services are reliable, accurate, safe, and secure against threats is a shared responsibility of the public and private sectors alike," write Schmidt and Chopra.
99.98 Percent of Domains Unsigned by DNS Security Extensions
InformationWeek (12/07/10) Schwartz, Mathew J.
Organizations are not doing enough to protect domain name servers from attacks or outages, according to a new study by InfoBlox and the Measurement Factory. Though the use of Domain Name System Security Extensions (DNSSEC) has risen 340 percent between 2009 and 2010, just 0.02 percent of Internet zones are currently being signed with the specifications. Of the Internet zones that are signed with DNSSEC, 23 percent are using expired signatures. According to VeriSign's Matt Larson, DNSSEC is necessary to patch vulnerabilities in the domain name system and prevent cache poisoning attacks. Security experts also say the protocol is needed to protect domain names and prevent incidents such as the one that took place last April, in which 1 percent to 2 percent of global network prefixes were routed through Chinese servers. In addition to finding that a large number of domains are still not signed by DNSSEC, the study also found that there is little redundancy in authoritative domain name servers. Three-quarters of all name servers are only advertised in a single, autonomous system. This means that there is a single point of failure in the event of problems in the routing infrastructure.
US Works to Secure Networks as Hackers Advance
Associated Press (12/05/10)
The U.S. Department of Homeland Security is taking several steps to better protect non-military government computer systems from hackers. For instance, DHS is reducing the number of network connections used by federal workers from the current 2,400. DHS also is improving the monitoring of computer usage by employees and is making it more difficult to move data onto flash drives or CDs. In addition, DHS is working to migrate the government's Internet and email traffic to secure networks that will eventually be protected by programs that are capable of detecting and preventing intrusions. However, it may take several years before DHS has fully installed such programs, experts say. There are several reasons why the process of implementing intrusion detection and prevention programs has been slow, including the fact that officials are still trying to finalize complex contracts with network vendors and deal with a number of technology issues. There also are privacy issues that need to be resolved, including the impact that the intrusion detection and prevention programs will have on federal workers and the general public. Experts point out that the delay in implementing these programs could give cybercriminals the opportunity to improve the techniques they use to steal sensitive data.
Abstracts Copyright © 2010 Information, Inc. Bethesda, MD |
No comments:
Post a Comment