| |
Is Brazil the Target of Industrial Espionage?
BBC News (United Kingdom) (10/16/13) Uchoa, Pablo
Although it has been more than a month since Edward Snowden leaked documents that suggested that the National Security Agency (NSA) had spied on the Brazilian oil company Petrobras, the U.S. has been unable to reassure Brazil about the aims of its surveillance programs. Some have said that the spying amounted to industrial espionage, though those allegations have been firmly denied by the U.S. Former White House Director of Privacy and Civil Liberties Timothy Edgar said that U.S. intelligence agencies are not focused on committing industrial espionage but are instead working to prevent international terrorism and reduce the spread of weapons of mass destruction. So far, the U.S. intelligence services have remain closed-mouthed on their reasons for allegedly monitoring electronic communications in Brazil, including those of Brazilian President Dilma Rousseff. Analysts said that with Brazil often going counter to U.S. interests as it seeks to expand its geopolitical sphere of influence, it would not be a surprise to know that Brazil had been marked as an intelligence priority. President Obama has promised that a current review of NSA procedures would reassure Brazil and other allies that American intelligence agencies are only interested in collecting information needed to protect the U.S.
New Calif. Law Requires Employers to Make Security Accommodations for Domestic Violence Victims
Security InfoWatch (10/16/13) Herdt, Timm
California Gov. Jerry Brown signed a bill on Oct. 11 that will require employers to make security accommodations for employees who are victims of domestic violence, sexual assault, or stalking. Under the new law, employers will be prohibited from discriminating against employees based on their status as a victim of any of these crimes, and will be forbidden from taking adverse actions against or terminating an employee because of that status. Employers will also be required to accommodate some employee requests for increased security, such as changing a telephone extension to guard against potential harassing phone calls. However, the law does not require employers to accommodate any requests that would create an undue hardship on the operation of the business. Workers seeking the protection of the law will be required to notify their employers of their status by providing documentation, such as a court order, police report, or a letter from a medical provider or victim's advocate. The law is scheduled to go into effect on Jan. 1.
Confronting the Insider Threat
Security Management (10/13) Spadanuta, Laura
The recent case of National Security Agency (NSA) leaker Edward Snowden has highlighted the potential threat posed by company contractors, employees, or other individuals with access to sensitive information. However, unlike Snowden, who says he always intended to use his contracting job to expose NSA surveillance, most insider security risks do not begin with malicious intent. The risks can be created, instead, by employees who feel slighted at home or at work and need to feel empowered in other ways. Regardless of the reasons, companies need to take steps to restrict access to sensitive information as much as possible and track anyone who does access that data without clearance. Companies should screen job candidates for certain traits, such as dishonesty, rigidity, narcissism, or a need for control, during the hiring process via a thorough background check that contacts employers or other references. However, companies should be aware that there are strict rules they must follow when looking into a potential hire's personal life or financial history. Once on the job, there are also red flags employers can look for, such as a change in behavior or productivity. Pulling together these signs into a realistic risk assessment can be tricky, so companies should assemble teams that periodically meet to discuss anyone who might be exhibiting suspicious behaviors.
How Awareness and Communication Improve Workforce Protection
Security Magazine (10/13)
Violence in the workplace is a greater issue in the United States than elsewhere in the world, says Paul N. Whelan, a senior manager at global staffing provider Kelly Services who is focused on preventing workplace violence. The definition of "workplace violence" involves confrontations and verbal arguments. "The key is to understand what can lead to violence and mitigating the risk from there," Whelan says. "Is an employee not being paid correctly? Is there inappropriate banter about emotionally charged issues (religion or politics)?" Domestic abuse also may impact a workforce, says Barry Nixon, founder of the National Institute for the Prevention of Workplace Violence. Managers should be aware that arguments conducted over the phone, over email, or in person could impact the whole staff, and should establish plans and suggestions for troubled employees. Nixon suggests that companies implement a post-hire questionnaire, including a domestic violence section, to help them gain up-front information about an employee’s situation for future use among enterprise security executives. A company's level of involvement can change public opinion and save lives. For example, many U.S. taxi companies were plagued by workplace violence, but major changes in operations, including the addition of security cameras, GPS, instant communication, and credit-card offerings instead of operating on an all-cash basis, have helped decrease the homicide rate of taxi drivers. Whelan recommends that firms use a top-down approach to building a workforce protection policy, and that enterprises of all sizes partner with local law enforcement and trained personnel or security officers. Firms also should gain certifications and training through security organizations and read security-industry publications for points of reference for solutions and information.
A Winning Team
Security Management (09/13) Vol. 57, No. 9, P. 63 Ricci, Joseph; Etheridge-Longmore, Ann
In order for casinos to provide effective security managers must find job candidates that display certain skills and hone those skills through training. Candidates for casino security should have good customer service attitudes and capable of dealing with people positively. Physical fitness is also important as the job can require strenuous physical activity when necessary. An effective training program that can be used for employees is the ASIS International's Private Security Officer Training Guidelines. The guidelines suggest training last two days: 8 hours of job training, 16 hours of site and security training, and 24 hours on the job training. Job candidates should also complete a test to determine honesty and professionalism. Some casinos require security officers to be able to handle a number of situations such as inebriated customers, unruly people, predatory adults, and even children. Security officers should also be informed of state laws that require certain rules for gambling games. There must also be consideration for outside security and dealing with celebrities if a situations dictates.
Norway Investigates Possible Assailant in Kenya Mall Siege
New York Times (10/18/13) Kulish, Nicholas; Libell, Henrik Pryser
A spokesman for the Norwegian Police Security Service said that investigators are questioning friends and relatives of Hassan Abdi Dhuhulow, a Norwegian citizen born in Somalia who may have been among the assailants who carried out the attack on the Westgate shopping mall in Nairobi. The Norwegian Police Security Service said recently that it learned a Norwegian citizen of Somali origin may have been involved in the attack in September, and sent investigators to Nairobi to work on the investigation with Kenyan security services. Among the individuals interview by Norweigian authorities was Dhuhulow's sister, who said that her brother had begun taking "long vacations" to Somalia in 2009. Meanwhile, Kenyan officials have released the names of four militants believed to have carried out the attack, though that list did not include Dhuhulow's name. However, officials believe the names released were noms de guerre, not birth names. Investigators say that Dhuhulow is one of the militants seen in surveillance video from the mall. Dhuhulow's former classmates recognized him in the video footage from the mall based on his gait and hand gestures, and one described him as having been "fanatical when it came to Islam."
Former Pentagon Official to Be Chosen as Homeland Security Chief
New York Times (10/18/13) Schmidt, Michael S.; Savage, Charlie
President Obama will nominate Jeh C. Johnson as the next secretary of the Department of Homeland Security on Friday. Johnson aided in the president's first-term efforts to re-evaluate the counterterrorism policies of President Bush and helped frame many of the Obama administration's national security policies as the Defense Department's general counsel. During his time with the Defense Department, Johnson also helped to shape the polices on detaining terrorism suspects and impacted the policies on targeted drone strikes in Somalia and Yemen. Shortly before leaving his job at the Pentagon in December, Johnson warned that there would be a need for the country to fight terrorism without remaining on a "perpetual wartime footing," a sentiment echoed by President Obama in a speech in May. While some members of Congress have praised the nomination, concerns remain that more than 40 percent of senior leadership positions at DHS are either vacant or have an "acting" placeholder. If he is confirmed by the Senate, Johnson will fill the vacancy left when Janet Napolitano resigned in July.
Snowden Says He Took No Secret Files to Russia
New York Times (10/18/13) Risen, James
Former National Security Agency contractor Edward Snowden said in an interview earlier this month that he did not take any secret NSA documents with him when he fled to Russia in June. Instead, he gave all of the classified documents he had obtained to journalists he met in Hong Kong without keeping copies for himself, saying that taking them with him "wouldn't serve the public interest." In addition, he said that his familiarity with China's intelligence abilities from his time at the NSA enabled him to protect the documents from China's spies. Snowden noted that there is no chance that the Russians or the Chinese obtained any of the sensitive documents. Snowden also commented on why he became disillusioned with the NSA and chose to disclose the documents, saying the decision developed slowly, as he started to have doubts about the intelligence community when he was working as a technician in the CIA's station in Geneva. He added that a negative response to an effort he made to alert his superiors to a vulnerability in the CIA's personnel Web applications convinced him that if he tried to work through the system to bring change it would only result in retribution and punishment.
Documents Reveal NSA’s Extensive Involvement in Targeted Killing Program
Washington Post (10/17/13) Miller, Greg; Tate, Julie; Gellman, Barton
Documents released by National Security Agency (NSA) leaker Edward Snowden indicate that the agency has played a significant role in the CIA's effort to kill suspected terrorists by using drone strikes, despite the fact that the drone campaign has been portrayed as being exclusively run by the CIA. The documents note that NSA has created a unit known as the Counter-Terrorism Mission Aligned Cell (CT MAC), which uses a variety of techniques to gather information from the electronic communications of terrorist suspects. For example, the unit has a number of cyber-espionage tools at its disposal that can be used to secretly gain control over the computers of terrorist suspects or other targets. Man-in-the-middle attacks are also used to intercept communications between two computers, which in turn allows the NSA to collect files for real-time alerts and longer-term analysis in the agency's databases. These and other tactics have been used against targets in Pakistan's Federally Administered Tribal Areas, where the leadership of the core al-Qaida organization is based, and against targets associated with al-Qaida affiliates in Yemen and Africa. Among the terrorist suspects who have been targeted in these NSA surveillance efforts and subsequently found themselves in the crosshairs of CIA drones is Hassan Ghul, who provided an important piece of intelligence that was used to locate Osama bin Laden. Ghul was killed in a drone strike in Pakistan last year.
NSA Collects Millions of E-Mail Address Books Globally
Washington Post (10/15/13) Gellman, Barton; Soltani, Ashkan
Senior intelligence officials and top-secret documents released by Edward Snowden indicate that the National Security Agency (NSA) is collecting hundreds of millions of e-mail address books and instant messaging buddy lists, some of which belong to Americans, each year. The data collection effort is carried out with the help of foreign telecommunications providers as well as intelligence services overseas that control facilities used to direct Internet traffic. The program does not target individual users, but instead collects e-mail address books and instant messaging buddy lists when they are transmitted across global data links by e-mail and instant messaging providers. The collection of e-mail address books and buddy lists takes place outside the U.S., since the NSA is legally prohibited from engaging in the bulk collection of these contact lists from domestic facilities. Nevertheless, many of the more than 250 million address books that are collected each year and the roughly 500,000 buddy lists that are collected each day contain the contacts of many Americans, two senior U.S. intelligence officials say. This is because these contact lists are often transmitted through overseas Internet traffic conduits, even if a person never leaves the U.S. Government officials say that the program allows them to identify relationships between terrorists and other foreign intelligence targets and that rules are in place to minimize the collection, use and dissemination of information that identifies a U.S. citizen or permanent resident.
Apple iMessage Research Sparks Corporate Security Debate
CSO Online (10/17/13) Gonsalves, Antone
Researchers at the Hack in the Box conference on Oct. 17 showed that Apple could gather messages sent over its iMessage service, either for its own purposes or on the orders of the U.S. government. Apple had previously claimed that it had end-to-end encryption on iMessage that would prevent such actions--claims which Quarkslab's Cyril Cattiaux said were "basically lies." Cattiaux and other cybersecurity experts say that because messages sent over iMessage can be collected, companies need to make sure they institute additional security for sensitive information sent via iMessage or similar services. "If you're concerned about trusting Google or Apple with your data, but still want to use their hosted services, you need to use another layer of encryption," said Zak Dehlawi, a senior security engineer for Security Innovation. Dehlawi said those "layers" might include using "Off-the-Record" messaging to encrypt conversations or using S/MIME or PGP certificates to encrypt e-mail.
DDoS Attacks Grow Shorter but Pack More Punch
Dark Reading (10/16/13) Prince, Brian
The average distributed denial-of-service (DDoS) attack size now stands at 2.64 Gbps for the year, an increase of 78 percent from 2012, according to Arbor Networks' new report on the state of cybersecurity in the third quarter. The number of attacks monitored by the firm that are more than 20 Gbps increased a staggering 350 percent so far this year. Meanwhile, 87 percent of these attacks last less than an hour. Arbor Networks' Gary Sockrider says shorter duration attacks are not inherently more difficult to detect, but they can be harder to curtail. He says many organizations today rely on network- or cloud-based mitigation of DDoS attacks. Since they depend on rerouting attack traffic to scrubbing centers, there is a slight delay in mitigation while routing or domain name changes proliferate. The past several years have seen a clear trend of growing attack sizes, which Sockrider attributes to a mix of factors. "First, there is increased availability of simple-to-use tools for carrying out attacks with little skill or knowledge," he notes. "Second, there is a growing proliferation of DDoS-for-hire services that are quite inexpensive. Third, increasingly powerful workstations and servers that get compromised also have significantly faster connections to the Internet from which to generate attacks." Security experts say one benefit of shorter DDoS attacks is they minimize an attacker's exposure. Arbor says in its report that the largest monitored and verified attack size during the quarter was 191 Gbps.
Security Spending Continues to Run a Step Behind the Threats
CSO Online (10/16/13) Hulme, George V.
The number of cyberattacks that organizations are experiencing and the costs of those attacks are on the rise in spite of increases in IT security spending, according to PricewaterhouseCoopers and CSO's Global Information Security Survey. The survey found that the average IT security budget this year is $4.3 million, an amount that is 51 percent higher than it was last year. However, the number of cyberattacks that have been detected has risen from 2,989 in 2012 to 3,741 this year. At the same time, average losses per incident have increased by 23 percent between 2012 and 2013. A number of explanations have been offered as to why the cost of cyberattacks has risen in spite of increased IT security spending. For example, some say that the rising costs are the result of organizations not focusing enough on improving their ability to respond to security breaches and overly focusing on preventing and identifying attacks. The Blackstone Group's Jay Leek says the emphasis on prevention is clearly not effective at minimizing the financial impact of cyberattacks. He notes that organizations need to invest in their ability to respond to cyberattacks because they will inevitabiy need to use these capabilities at some point, given the high likelihood of a security breach.
Report: Many Employees Bypass Cybersecurity Measures
Federal Times (10/15/13) Medici, Andy
Employees who circumvent security measures are responsible for 49 percent of security breaches at federal agencies, according to a MeriTalk report released Tuesday. Roughly two-thirds of federal network users say their agency's security protocols are burdensome and time-consuming, and 69 percent believe additional cybersecurity measures increase the amount of time required to complete work, the report says. In addition, about 31 percent of users bypass security measures at least once a week. Cyberprofessionals should work with employees to streamline processes and reduce the incidence of employees bypassing security measures, says Akamai's Tom Ruff. Approximately 74 percent of cyberprofessionals say they are unprepared for an international cyberattack, and 70 percent say they are not prepared for a denial-of-service attack. Cybersecurity should be a top priority for federal agencies, according to roughly 95 percent of cybersecurity professionals.
IT Seen as Vulnerable When Shutdown Ends
GovInfoSecurity.com (10/15/13) Chabrow, Eric
IT systems that were shut down along with the federal government will be more vulnerable than normal to cyberattacks once they are restored, say government IT security experts. Hackers likely will have used the time during the shutdown to find ways to exploit flaws in systems when they are eventually restored. Studies conducted by the SANS Institute have shown that an unpatched system going live online could experience an attack within 21 minutes. In the two weeks since the shutdown began, Microsoft and Adobe have revealed flaws in their software and offered patches to fix them. But the SANS Institute's Alan Paller says it could take agencies days or longer to patch all of their applications once systems are brought back up, giving attackers time to exploit the flaws. It is not only patches that present security risks. Systems brought back online could revert to their default settings that do not include security protections that were added over the years. Also, in many cases, outside contractors who are responsible for the security of government IT systems have pursued other jobs outside of government because their employers could not afford to pay them during the shutdown. Experts say this could be significant if those are the persons responsible for overseeing security configurations.
Abstracts Copyright © 2013 Information, Inc. Bethesda, MD |
No comments:
Post a Comment