Friday, January 25, 2013

Security Management Weekly - January 25, 2013

header

  Learn more! ->   sm professional  

January 25, 2013
 
 
Corporate Security
  1. "Algeria Gas Compound Lacked Armed Guards"
  2. "U.S. Firms, Officials Resisting Europe's Push for Stronger Digital Privacy Rules"
  3. "Chinese Factory Workers Angry Over Strict Rules Hold Bosses Hostage for More Than a Day"
  4. "Three Arrested Over Dutch Art Theft"
  5. "Algeria Attack Poses Fresh Security Issues"

Homeland Security
  1. "Mali Exposes Flaws in West's Security Plans"
  2. "Facing Congress, Clinton Defends Her Actions Before and After Libya Attack"
  3. "After Threats Against U.S., North Korea Turns Ire to South"
  4. "Suspect Charged in Lone Star College Shooting" Houston
  5. "Inauguration-Goers Find Tight DC Security, Delays"

Cyber Security
  1. "'Cyber 9/11' May Be on Horizon, Homeland Security Chief Warns"
  2. "70 Percent of Exploit Kits Come From Russia, Says Report"
  3. "Cyber-Crime Ring Targeted U.S. Bank Accounts, Feds Say"
  4. "Security Researchers Cripple Virut Botnet"
  5. "As Defenses Against Network DDoS Attacks Improve, Hackers Find a New Target" Distributed Denial of Service

   

 
 
 

 


Algeria Gas Compound Lacked Armed Guards
New York Times (01/24/13) Krauss, Clifford; Kulish, Nicholas

Reports indicate that the gas companies running the Algerian facility attacked by 30 Islamist militants last week did not have any armed guards on the premises, leading security experts to suggest that the presence of guards may have been able to at least slow the attack. The remote facility was protected by government patrols, steel-wire fences, and long-range reconnaissance equipment. However, that was not enough to hold back militants armed with mortars, grenade launchers, and .50 caliber machine guns. Security experts say that, even if armed guards would not have been able to stop such an attack, they might have held them off long enough to allow other employees to escape. Algerian law prohibits the use of foreign armed guards but BP, Norway-based Statoil, and Algeria's own Sonatrach--the three companies that jointly operated the facility--could have employed local private security. The companies have said they will commission an independent review of the incident, which left at least 27 foreigners dead.


U.S. Firms, Officials Resisting Europe's Push for Stronger Digital Privacy Rules
Washington Post (01/24/13) Timberg, Craig

An effort to impose new limits in Europe on how Internet companies gather and use consumer data is being rebuffed by U.S. industry groups and the Obama administration. However, privacy advocates support a bill before the European Parliament that they believe could provide consumers with a range of protections. If such standards were to be implemented in Europe, they would likely impact consumers globally and potentially give them the ability to prevent the collection of their personal information and have it be deleted from existing files. "Europeans can’t afford to wall themselves off from the rest of the world," says U.S. Commerce Department general counsel Cameron Kerry. "We have to maintain the free flows of information."


Chinese Factory Workers Angry Over Strict Rules Hold Bosses Hostage for More Than a Day
Associated Press (01/22/13)

Some 1,000 striking workers at an electronics manufacturing plant in Shanghai, China, last week held their managers hostage for a day and a half as they protested new workplace rules that they said were too strict. A guard at the Shanghai Shinmei Electric Company reported that the trouble started early Jan. 18 when workers at the plant began a mass protest of new rules imposing a two minute time limit to bathroom breaks, a 50 yuan fine for being late once, and termination for being tardy a second time. The plant is owned by Japanese firm Shinmei Electric and 10 Japanese nationals were among the 18 managers who workers held in the plant until shortly before midnight the next day after some 300 police officers surrounded the facility. Such incidents of labor unrest are increasing in China, as employers try to squeeze more productivity out of a workforce that is increasingly demanding higher wages and better working conditions.


Three Arrested Over Dutch Art Theft
Wall Street Journal (01/22/13) Van Daalen, Robin

Police in Romania say that they have arrested three individuals suspected of involvement in the theft of some $25 million worth of paintings from a Dutch art gallery last year. The art heist from De Kunsthal gallery in Rotterdam last October was one of the most expensive such thefts in 2012. An unknown number of thieves were able to steal seven paintings by renowned painters such as Matisse, Picasso, and Monet from the small museum, which has no permanent collection and instead exclusively exhibits borrowed works or traveling collections. The heist was a blow to the museum, which faced harsh criticism over its security measures, which did not include guards. Despite the arrests of the suspects in the case, none of the stolen paintings have yet been recovered.


Algeria Attack Poses Fresh Security Issues
Associated Press (01/21/13)

European energy firms have evacuated personnel from Algerian energy facilities in the wake of the deadly militant attack on the Ain Amenas gas facility in southern Algeria last week, but security experts say that even the high death toll of that attack will not scare foreign firms away from Algeria's energy sector. Harnser Risk Group Analyst Alison Lyall says that the rewards of working in Algeria will eventually draw firms like BP and Norway's Statoil back to Algeria, but that there will be a reassessment of security risks in the region. Former Royal Dutch Shell security executive Ian McCredie says that foreign energy companies had been aware of the security risks involved in southern Algeria, but had not taken any steps to enhance security. He noted that "there will need to be a reassessment" of the security situation in Algeria in the aftermath of the attack. One obstacle, however, will be the Algerian government itself, which has stubbornly refused any outside security help. Algerian Energy Minister Youcef Yousfi said Sunday that Algeria would take charge of improving security at its energy facilities, adding that, "there is no question of accepting outside security forces."




Mali Exposes Flaws in West's Security Plans
The Wall Street Journal (01/24/13) Entous, Adam; Barnes, Julian E. ; Hinshaw, Drew

The ongoing conflict between Islamic extremists and French military forces in the West African nation of Mali has highlighted breakdowns in cooperation on security issues between some Western nations. NATO officials at recent meetings discussing violence in North and West Africa said U.S. Defense Secretary Leon Panetta had previously promised the Pentagon would do "whatever it takes" to help France fight against the Mali militants. Senior U.S. defense officials have meanwhile disputed NATO's account of Panetta's comments and said Washington's messages to France had been misunderstood. One senior U.S. defense official recently said the United States would not pick up the tab on the Mali conflict and act as a global police force while European countries were downsizing their own militaries. The source further explained that the United States was reluctant to follow along with what it considers a unilateral action by France. "We weren't consulted. We were informed when they went in. This isn't a combined operation," the defense official said. The United States has become increasingly reluctant to intervene in the deteriorating situation in Africa as its own ongoing conflicts in the Middle East strain the willpower of its citizens and the extent of its military. Countries in Europe, meanwhile, are struggling with debt and are less able to supply their own military pursuits.


Facing Congress, Clinton Defends Her Actions Before and After Libya Attack
The New York Times (01/24/13) Gordon, Michael R.

Secretary of State Hillary Clinton testified before a joint House and Senate panel on Jan. 23 and defend her handling of last September's terrorist attack on the U.S. diplomatic compound in Benghazi, Libya. Clinton was quick to accept responsibility for the security lapses at the compound that led to the deaths Ambassador J. Christopher Stevens and three other Americans, but she did not place the blame upon herself, saying that any security requests made to the State Department were handled by professionals in the department and not directly by her. "I didn’t see those requests. They didn't come to me. I didn't approve them. I didn't deny them," she explained. The hours of testimony did little to shed light on the White House's involvement in making sure diplomatic outposts in Libya and the surrounding region were secure on the anniversary of the September 11, 2001 terrorist attacks. Sen. John McCain (R-Ariz.), meanwhile, placed blame upon the Obama administration for its reluctance to supply aid to the Libyan government to combat militias in the country that he said "still... remain a challenge to democracy in Libya." Moving the microscope from her, Clinton tried to put the Benghazi attack in a larger context. "Benghazi didn't happen in a vacuum," she said. "The Arab revolutions have scrambled power dynamics and shattered security forces across the region."


After Threats Against U.S., North Korea Turns Ire to South
CNN (01/25/13) Kwon, K.J.; Mullen, Jethro

A day after North Korea warned the United Nations it would conduct another nuclear test and would conduct more long-range rocket launches in response to tougher sanctions the organization imposed on it, the country on Jan. 25 shifted its focus to South Korea with a statement warning that it would take direct action against its southern neighbor should it take part in those U.N. sanctions. An editorial in the Chinese newspaper Global Times meanwhile warned that China would reduce its assistance to North Korea should the country engage in further nuclear tests that are in violation of U.N. security protocols. The editorial tempered this sentiment by saying that China would steadfastly oppose any U.N. sanctions on North Korea that it deemed too extreme. U.S. Secretary of Defense Leon Panetta said at a Pentagon press conference on Jan. 24 that there were no indications North Korea was on the verge of another nuclear test, but he said detecting a test beforehand would be difficult at best. "They have the capability, frankly, to conduct these tests in a way that makes it very difficult to determine whether or not they are doing it," he said. "We are very concerned with North Korea's continuing provocative behavior."


Suspect Charged in Lone Star College Shooting
Houston Chronicle (01/23/13) Tolson, Mike

An argument between two young men on the campus of Lone Star College in north Harris County, Texas, ended with shots being fired on Tuesday, sparking fears of another campus massacre. Investigators were still trying to determine the exact sequence of events as of late Tuesday, though they say that the incident began when of the men pulled a handgun on the other during an argument. The other man and a school maintenance worker were shot and wounded. The shooting panicked students nearby, who feared a repeat of the Sandy Hook Elementary School shooting in Newtown, Conn., last month. A SWAT team was eventually called in to respond to the situation and the campus was closed as police searched the woods near the campus for the shooter, who had escaped. The search ended when the suspect turned up at a nearby hospital after accidentally shooting himself in the hip. The campus was eventually reopened. It remains unclear why the two men were arguing, and it is also not certain why the maintenance man was shot. The man who accidentally shot himself is believed to be the gunman and has been charged with aggravated assault. The other man who was a party to the argument has been deemed a person of interest in the case.


Inauguration-Goers Find Tight DC Security, Delays
Associated Press (01/21/13)

Security for President Obama's second inauguration was extremely tight, and officials reported no major incidents or problems, although checkpoints and blocked streets caused delays. Local police worked with the National Guard and out-of-town officers to patrol street corners, Metro stations, and checkpoints around the National Mall. Everyone entering the Mall had to be screened for weapons and other hazards. There were some protest groups along the Inaugural parade route, but demonstrations were largely peaceful and were directed at long-running national and international concerns rather than the president himself.




'Cyber 9/11' May Be on Horizon, Homeland Security Chief Warns
CNet (01/24/13) Kerr, Dara

U.S. Homeland Security Secretary Janet Napolitano reiterated the need for cybersecurity legislation during a talk at the Wilson Center think tank on Jan. 24, saying that a "cyber 9/11" could happen "imminently," according to a report from Reuters. Such a catastrophic attack could take down the power grid, water infrastructure, transportation networks, and financial networks in one swoop. She mentioned that a cyber attack could cause damage on the same scale of damage that Hurricane Sandy caused, which included downed electrical lines and destabilized information systems throughout the Northeastern United States. "We shouldn't wait until there is a 9/11 in the cyber world," she said at the talk. "There are things we can and should be doing right now that, if not prevent, would mitigate the extent of damage." Cybersecurity laws has been in the Congressional pipeline for years, including measures that would give the president vast power over control of the Internet in the event of a cyberemergency. Napolitano said the time to act should be sooner rather than later. "The clarion call is here and we need to be dealing with this very urgently," She said. "Attacks are coming all the time. They are coming from different sources, they take different forms. But they are increasing in seriousness and sophistication."


70 Percent of Exploit Kits Come From Russia, Says Report
ZDNet (01/23/13) Osborne, Charlie

About 60 percent of flaws in computing systems used by exploit kits are more than two years old, and most exploit kit development occurs in Russia, according to a study by Solutionary's Security Engineering Research Team (SERT). The report says 70 percent of 26 exploit kits studied by SERT either were released or created in Russia, with China and Brazil following in exploit kit development. The report also suggests that despite the numerous high-profile distributed denial-of-service attacks in the last three months of 2012, the number of reported attacks dropped slightly. SERT's Rob Kraus says the fact that cybercriminals are able to breach network defenses by targeting old vulnerabilities and using old strategies demonstrates that many companies are far behind when it comes to cybersecurity. Many organizations also are neglecting to patch vulnerabilities properly, the report found. In addition, SERT says most malware is not spotted by the majority of antivirus or anti-malware software, and about 30 percent of samples were traced back to JavaScript malware variants.


Cyber-Crime Ring Targeted U.S. Bank Accounts, Feds Say
Los Angeles Times (01/23/13) Tangel, Andrew

Federal prosecutors on Wednesday charged three foreign nationals who are suspected of being involved in the spread of a computer virus aimed at stealing consumer bank account information and money from consumers in the U.S. and Europe. The three individuals allegedly created and distributed the Gozi virus to target banks in Europe, though in 2010 they are believed to have started using it to infect the computers in the U.S. The virus eventually infected over 40,000 computers in the U.S., prosecutors say, allowing the cyber criminals to obtain their victims' bank-account data and other information and send it to a server in the Netherlands. That server was found to contain more than 3,000 user names for accounts at seven banks in the U.S.


Security Researchers Cripple Virut Botnet
IDG News Service (01/21/13) Constantin, Lucian

Spamhaus announced that it will lead an effort to cripple the Virut botnet through targeted takedowns of the domains used by its command-and-control servers. Symantec estimates the Virut botnet, which is spread by malware that hides in otherwise clean executable, HTML, ASP, and PHP files, is composed of about 300,000 machines. Primarily used to spread other malware such as ZeuS and Khelios, Symantec last week warned that there was an effort underway to use Virut to spread and resurrect the Waledec botnet, which was shut down by Microsoft in 2010. Spamhaus' Thomas Morrison says after the announcement his group made contact with computer emergency response teams and country-code domain registries in Austria, Poland, and Russia, where the domains used by Virut's C&C servers were based. Spamhaus coordinated with CERT Polska, the incident response team of .pl domain registry NASK, to capture more than 23 .pl domains being utilized by Virut. Spamhaus also was able to work with Russian IT security firm Group-IB to get the .ru domains being used by Virut's masters taken down. The group has contacted the Austrian registry and CERT.


As Defenses Against Network DDoS Attacks Improve, Hackers Find a New Target
Government Computer News (01/22/13) Jackson, William

Distributed denial of service attacks are one of the most common attacks against networks, but as network administrators have better learned to defend against them, experts say they are seeing more attacks move up the hierarchy to Layer 7 applications attacks. Application attacks use specially formed or malformed queries and requests that servers must process slowly until the processing capacity is exhausted. Application attacks are more efficient in that they require less firepower than a network attack and can focus on a specific application or process rather than an IP address or range of addresses. Botnets traditionally have fueled this distribution, but more recently the rise of virtual computing has opened new doors for distributed attacks. An analyst with Akamai Technologies says compromised cloud-hosting structures are very difficult to fight, since cloud computing gives attackers access to large amounts of processing power. Both network and application layer attacks exploit a network or a server's limited resources rather than its vulnerabilities. These characteristics make such attacks difficult to defend against by patching or updating software and hardware, although hardening systems can help.


Abstracts Copyright © 2013 Information, Inc. Bethesda, MD


  ASIS also offers a daily and a non-sponsored, special-content Professional Edition of
Security Newsbriefs. Please click to see a sample or to contact us for more information.

Unsubscribe | Change E-mail | Advertising Opportunities | Security Management Online | ASIS Online

No comments:

Post a Comment