| Hackers' Attack on a Giant Bank Affects Millions New York Times (10/03/14) Silver-Greenberg, Jessica; Goldstein, Matthew; Perlroth, Nicole The cyberattack against JPMorgan Chase's systems earlier this year affected a much larger number of accounts than initially thought, and may actually be one of the biggest data breaches ever, observers say. JPMorgan Chase announced Oct. 2 that 83 million consumer and business accounts were compromised in the attack, which was discovered in late July and affected more than 90 of the company's servers. JPMorgan Chase had said as recently as several weeks ago that only 1 million accounts were compromised. A company spokeswoman has disputed the notion that the breach is among the largest ever. The hackers were reportedly able to access names, addresses, phone numbers, and e-mail addresses belonging to account holders by somehow obtaining administrator privileges for the affected servers. However, the hackers did not steal account passwords, Social Security numbers, or other account information. There is also no evidence any type of fraud has been committed with the stolen information. The lack of an apparent financial motive has prompted some people who are familiar with the investigation to conclude that the attack may have been sponsored by elements of the Russian government. Those familiar with the investigation say it is possible the hackers could once again enter JPMorgan Chase's systems during the months-long process of recovering from the breach. Confronting Security Challenges Posed by Legalized Marijuana SecurityInfoWatch.com (10/01/14) Griffin, Joel ASIS 2014 featured an educational session that focused on the issue of how marijuana legalization affects the security industry. Among those who participated in the session was attorney James Burke, who noted that companies that provide security for the cannabis industry face a unique combination of security challenges, including the fact that dispensaries are cash-only businesses with large sales volumes. He added that dispensaries are at risk of violent crimes of opportunity and may attract emotionally disturbed persons that include narcotics or alcohol abusers. Burke notes that security firms that work with marijuana dispensaries can take several steps to mitigate the risks they face, including training employees to deal with emotionally disturbed persons and contain any danger, ensuring guards know the location and contact information of the nearest hospital and ambulance company, reporting child abuse or endangerment by customers of licensed dispensaries, and having clear post orders. Security providers also should keep accurate and detailed records to exonerate themselves from culpability in case of an incident, Brown said. Retail Theft, Inc. Security Management (10/14) Aubele, Keith Organized retail crime (ORC) remains a major drain on the retail sector's profitability. Estimates put the annual cost of ORC at over $30 billion, contributing to shrinkage that costs more than 2 percent of total retail sales on average. ORC is very different from garden variety shoplifting, and retailers are increasingly seeing that a specialized and coordinated response involving governments and law enforcement is needed to adequately address the problem. ORC gangs include three main roles: bosses, boosters, and fences. Bosses orchestrate the crime rings, deploying boosters, who range from petty criminals to well-paid "professionals," to acquire specific quantities of specific items that are then fed back into the retail pipeline by fences. Stolen merchandise makes it way back into the retail chain through various avenues, from online marketplaces like eBay and Amazon to flea markets and standalone brick-and-mortar stores. Large national retailers have helped lead the charge in responding to and heading off ORC, helping to form several organizations dedicated to that purpose. New technologies have been invented to counter booster tactics like shelf sweeping and to better identify and track boosters as they move between retailers. Future efforts will require greater coordination and collaboration between businesses large and small and law enforcement on the national and local level. Air-Traffic Vulnerabily Examined in Fire Halting Flights Bloomberg (09/29/14) Levin, Alan A telecommunications contractor started a fire at the Chicago En Route Center in Aurora, Ill., on Sept. 26 and attempted suicide, resulting in major disruptions to air traffic in the U.S. The technician severed several cables in the basement before emergency responders found him. The arsonist targeted an area that contained the data-transmission system that allows air traffic controllers to talk to pilots. In addition to being a suicide attempt, police believe the technician was also attempting to disable the facility. The incident has prompted the Federal Aviation Administration (FAA) and lawmakers to wonder how one person could interfere with the U.S. air-traffic system in such a manner. The FAA has already begun a review of its operations systems and contractor safety protocols. All FAA air-traffic facilities have multiple backup systems, but former airline executive Robert Mann said the FAA needed to create even more backups. Jeff Price, an aviation security consultant, said he believes "this incident will be a call to action to review security at FAA facilities, because unfortunately now that one person has done this, others will get the idea." Oklahoma Beheading: Was it an Act of Terrorism? Christian Science Monitor (09/28/14) Sappenfield, Mark A man accused of beheading a coworker and stabbing another at a Vaughan Foods processing plant in Moore, Okla., on Sept. 26 does not appear to be formally connected with any terror groups. Alton Nolen was sympathetic toward such groups, however, based on the Islamist invectives and an image of a decapitation posted to his Facebook page. Investigators are trying to determine whether the incident was the action of a lone-wolf Muslim terrorist or that of an angry employee imitating what he had seen online, including the Islamic State's beheading of Western captives. Nolen's attack, which was stopped when he was shot by the company's CEO, appears to be an incident of spontaneous rage since it occurred shortly after he had lost his job. Nolen's choice of victims also appears to have been random. Pierson Steps Down as Head of Secret Service Washington Post (10/02/14) Leonnig, Carol D.; Nakamura, David Secret Service Director Julia Pierson tendered her resignation on Wednesday, one day after she testified at a tense congressional hearing about a number of recent lapses in President Obama's security. Pierson reportedly resigned because she believed that the attention being paid to her was distracting from the effort to get to the bottom of the security lapses, including the incident last month in which a man jumped the fence at the White House and made it into the East Room before being tackled by an agent. President Obama said he had full confidence in Pierson's leadership in the aftermath of that incident, but aides say he changed his mind after learning through the media on Tuesday that the Secret Service failed to screen a security guard who was allowed to ride in an elevator with him during a trip to Atlanta last month. The guard was armed and had a criminal record. White House Press Secretary Josh Earnest said Wednesday that reports about that incident as well as the mounting problems at the Secret Service led him to conclude that Pierson should resign. Joseph Clancy, who retired from the Secret Service and has been working in the private sector for the last several years, will become the agency's acting director until a permanent replacement is found. The independent panel of security experts performing the search for a new director will reportedly consider external candidates, and will also decide whether a review of the problems at the Secret Service is warranted. Pierson Failed to Provide Fresh Start for Secret Service That Administration Wanted Washington Post (10/02/14) Leonnig, Carol D. There were high hopes within the Obama administration a year and a half ago when Julia Pierson was appointed to serve as director of the Secret Service that she would be able to reform the agency, which at the time was still reeling from the Colombia prostitution scandal, although those hopes have been dashed amid the continuing systemic problems that ultimately brought about her resignation. Among the problems that Pierson was unable to address was the lack of confidence members of the First Family's security detail and others have in the agency's senior leaders, including Pierson herself. One Secret Service supervisor who spoke on condition of anonymity said Pierson "doesn't know anything about security planning in a post-9/11 world." The supervisor cited an incident in the spring in which Pierson was presented with a security plan for the U.S.-Africa Leaders Summit, which was attended by the president when it was held in Washington, D.C., over the summer, and ordered that extra layers of fencing be removed and closed streets be reopened. "We need to be more like Disney World," Pierson reportedly said when explaining her reasoning behind her decision. "We need to be more friendly, inviting." Dan Emmett, a former counterassault team leader and Secret Service agent, said Pierson's resignation is a good step toward reforming the agency but said that real change will not come unless all members of upper management are replaced. Armed Contractor with Criminal Record Was on Elevator with Obama in Atlanta Washington Post (10/01/14) Leonnig, Carol D. An armed security contractor with three convictions for assault and battery was able to board and ride an elevator with the president on Sept. 16 in violation of Secret Service protocols and standards. The incident occurred during a visit to the Centers for Disease Control and Prevention in Atlanta. Agents first took an interest in the contractor when he would not comply with orders to stop filming the president with a cell phone camera. After detaining him and running his name through national databases, the agents discovered the man's criminal history. All individuals at a venue being visited by the president are supposed to be subject to a background check before the visit takes place, and those found to have criminal records or a history of mental illness are supposed to be barred from the premises while the president is present. The security contractor at the CDC was apparently not screened in advance of the president's visit. When the contractor's supervisor was made aware of the issue, the contractor was fired immediately and surrendered his weapon, which agents had not realized he had until that moment. President Obama was not informed of the incident. Secret Service head Julia Pierson reportedly asked a top manager to conduct an informal investigation, rather than referring the incident for proper review. Obama: U.S. Intelligence Underestimated ISIS Strength, Overestimated Iraqi Military's Resilience Homeland Security News Wire (09/29/14) In an interview with "60 Minutes" on Sunday, President Obama admitted that the U.S. intelligence community failed to properly gauge the growth and threat posed by the Islamic State in the months before it swept into northern Iraq. The president added that the intelligence community also failed to anticipate the weakness shown by the Iraqi security forces in the face of that invasion. Director of National Intelligence James Clapper has also said that he was caught off guard by the collapse of Iraq's security forces, saying that, "It boils down to predicting the will to fight, which is an imponderable." During the interview, the president further laid out his administration's plan of action against the Islamic State, which includes ending the group's ability to bring in new fighters and access fuel and financing. He also denied that the rise of IS was a direct consequence of U.S. inaction in the Syrian civil war and its withdrawal of combat troops from Iraq in 2011. Instead, he laid the blame at the feet of former Iraqi Prime Minister Nuri al-Maliki. "When we left, we had left them a democracy that was intact; a military that was well-equipped; and the ability then to chart their own course," the president said. "And that opportunity was squandered over the course of five years or so because the prime minister, Maliki, was much more interested in consolidating his Shia base." Secret Service Fumbled Response After Gunman Hit White House Residence in 2011 Washington Post (09/28/14) Leonnig, Carol D. An investigation by the Washington Post has found that the Secret Service failed to properly respond to a 2011 incident in which a gunman fired at and struck the White House. On November 11, 2011, Oscar R. Ortega-Hernandez fired a semi-automatic rifle at the White House from a car parked only a few hundred yards away before speeding off. Despite several Secret Service agents hearing the shots and their impacts, a supervisor very quickly declared that no shots had been fired and ordered agents to stand down. The president and first lady were not at the White House during the shooting, though their youngest daughter and the first lady's mother were. One agent who had heard the shots and their impacts failed to raise the issue later for fear of being criticized. Damage from the shots, including a broken window, was not discovered until four days later after Michelle Obama had returned. Even then, Secret Service agents failed to inform Mrs. Obama of the incident, leaving her to find out about the shooting from a White House usher. Rep. Jason Chaffetz (R-Utah) says the incident "is symptomatic of an organization that is not moving in the right direction." Chaffetz chairs the House Oversight and Government Reform Committee, which will hold a hearing about security issues at the White House on Tuesday. Xen Project Discloses Serious Vulnerability That Impacts Virtualized Servers IDG News Service (10/01/14) Constantin, Lucian The Xen Project has disclosed information about a major vulnerability in its Xen open source hypervisor that could hurt the security of many virtualized servers. Xen is widely used by cloud computing providers and virtual private server hosting companies. The security vulnerability is being tracked as CVE-2014-7188, and was privately revealed to leading cloud providers in advance. The vulnerability enables a virtual machine created using Xen’s hardware-assisted virtualization (HVM) to read data stored by other HVM users that share the same physical hardware, which weakens a security barrier in multi-tenant virtual environments. A malicious HVM user could use the flaw to crash the host server, the Xen Project said. The vulnerability only affects Xen running on x86 systems, not ARM, and does not impact servers virtualized with Xen’s paravirtualization mode instead of HVM. Amazon Web Services and Rackspace have been compelled to reboot some of their customers’ virtualized servers. Amazon had to reboot up to 10 percent of its Elastic Cloud Compute servers over the span of several days to apply the patch, and Rackspace saw a quarter of its 200,000 customers similarly affected. Research Examines Twitter Abuse by Attackers Security Week (10/01/14) Prince, Brian Many Twitter messages are linked to potentially malicious content, such as phishing pages, spam, and malware, according to a Trend Micro study that analyzed more than 500 million Tweets. Out of the 570 million Tweets examined, Trend Micro found that 33 million, more than one in 20, contained links to some form of malicious content. Spam in particular came in two different forms: traditional spam using hash tags that would quickly get shut down, and what Trend Micro described as "searchable spam." This type of spam largely advertises for pirated or fake products such as pirated software and eschews the use of hashtags to better avoid being shutdown by Twitter. The spam largely originates in Russia and Ukraine and are often written in Russian, even though about half of the traffic to their links is from non-Russian-speaking countries, suggesting motivated individuals know how to seek them out. Other examples of common malicious Tweets were phishing scams that use compromised accounts to spam their contacts with links to phishing pages that ask for the user's Twitter credentials. Hackers Charged with Stealing Over $100m in U.S. Army and Xbox Technology The Guardian (09/30/14) Woolf, Nicky Four men who were allegedly part of an international hacking ring were charged this week with breaking into the computer systems of Microsoft, the U.S. Army, and video-game manufacturers. The men allegedly stole Xbox technology, pre-release copies of video games for the system, as well training software for the Army's Apache helicopter, according to the indictment. The U.S. Department of Justice said the suspects stole more than $100 million in intellectual property. Assistant U.S. Attorney Ed McAndrew said the FBI was alerted to the hacking operation in January 2011. The suspects were jointly charged with conspiring to commit computer fraud, copyright infringement, wire fraud, mail fraud, identity theft, and theft of trade secrets. They have been charged individually with aggravated identity theft, unauthorized computer access, copyright infringement, and wire fraud. Cybersecurity Defense Hampered by Lack of ‘White Hat’ Hacker Talent CIO Journal (09/30/14) Boulton, Clint Attendees at the recent Work-Bench Enterprise Security Summit discussed a variety of cybersecurity issues security professionals are facing, including the lack of skilled candidates for IT security jobs. Bloomberg's Paul Wood says he has experienced difficulty in finding cybersecurity professionals who know how to strike an appropriate balance between security needs and the need for the company to carry out its operations. Meanwhile, Thomson Reuters' Louis Briscoe say he works hard to keep trained cybersecurity professionals from going to work elsewhere. However, he notes his company's white hat hackers are staying engaged in their jobs because they are busy dealing with a variety of threats. Thomson Reuters also invests heavily in cybersecurity training, Briscoe notes. The panelists also discussed the best ways to protect IT systems from attackers. Wood notes organizations should take a holistic approach that involves people, processes, and technologies. He says this includes providing all employees with cybersecurity training and using technologies designed to detect potentially malicious behavior. Coordinated Attacks Call for More Sophisticated Cyber Defense InformationWeek (09/29/14) Kenyon, Henry Public- and private-sector IT security leaders agree one of the keys to defending against the latest cyber attacks is better collaboration and information sharing between organizations. Hewlett-Packard's Jacob West says today's attacks are the product of highly specialized attackers working in tandem, making modern attacks more dangerous and harder to catch than those of previous years. Organizations need to be more willing to share the information they have and work together to respond to attacks in order to stand a chance. An example of this is the information-sharing efforts of the federal government being overseen by the U.S. Department of Homeland Security. Information sharing and collaboration is key to federal cybersecurity efforts, according to DHS deputy under secretary for cybersecurity Phyllis Schneck. She notes one example of collaborative security is DHS' Einstein continuous diagnostics and mitigation system. Schneck says DHS plans to expand its government information-sharing efforts into the private sector, and West says the private sector may finally be ready to embrace them. Previous attempts to foster information sharing in the private sector has foundered due to proprietary concerns, but West says the recent wave of massive data breaches has helped to change the private sector's attitude toward information sharing. Abstracts Copyright © 2014 Information, Inc. Bethesda, MD |
No comments:
Post a Comment