Search This Blog

Friday, June 24, 2011

Security Management Weekly - June 24, 2011

header

  Learn more! ->   sm professional  

June 24, 2011
 
 
Corporate Security
  1. "Columbia Probe Expands " Alleged Theft of $6 Million From New York City's Columbia University
  2. "Jewelry Shop Robber Fires Shot While Being Chased Through Century City Mall" Los Angeles
  3. "Debit Breach Hits Ohio Accounts"
  4. "Risk's Rewards: Organizational Models for ERM" Enterprise Risk Management
  5. "Catch Me If You Can" Creation of Robbery Database for Banking Industry

Homeland Security
  1. "Suspect in Shootings Eluded Detection" Last Fall's Shootings at Washington, D.C., Area Military Facilities
  2. "Osama bin Laden Phone Calls Show He Had Powerful People Watching Over Him"
  3. "Petraeus Hearing to Probe CIA Role"
  4. "U.S. To Launch Trusted Air Traveler Program in Fall"
  5. "Pentagon Bomb Scare: Is the Suspect a Lone-Wolf Terrorist?"

Cyber Security
  1. "Hacker Admits Stealing iPad Data"
  2. "Hacker Group Posts Arizona Police Documents"
  3. "Inside the Anonymous Army of 'Hacktivist' Attackers"
  4. "U.K. Detains Hacking Suspect"
  5. "Hacked Off: Executive Learns From Cyberattack" Ted Chung, CEO of Hyundai Capital Services

   

 
 
 

 


Columbia Probe Expands
Wall Street Journal (06/23/11) El-Ghobashy, Tamer

Prosecutors in New York have broadened their investigation into a fraud case that resulted in nearly $6 million being stolen from Columbia University. The investigation was initially launched in November 2010, when George Castro was accused of running a scheme that would divert money from the university that was intended for New York Presbyterian Hospital into a bank account associated with a company owned by Castro. He pleaded not guilty in December. A grand jury has also indicted two other men on charges of grand larceny and criminal possession of stolen property for their involvement in the case. Walter Stephens and Jeremy Dieudonne allegedly received $35,000 and $285,000 of the stolen funds, respectively. The men said they worked for Castro. Stephens has pleaded not guilty and is being held on $25,000 bail while Dieudonne remains at large. Columbia officials say it is unclear how Castro and his associates were able to reroute funds from the university as they are not believed to be affiliated with the school. Stephen's Facebook profile says that he received a Ph.D from Columbia in international finance. His attorney has declined to comment on his credentials and the university was unable to immediately confirm if he had been awarded a degree. Stephen's attorney has also said that his client knew nothing of the fraud, saying that just because Castro paid him with stolen money "doesn't mean Mr. Stephens stole."


Jewelry Shop Robber Fires Shot While Being Chased Through Century City Mall
Los Angeles Times (06/22/11) Blankstein, Andrew

An unidentified man posing as a customer robbed the Fast Fix jewelry store in Los Angeles's Westfield Century City mall at gunpoint and stole an undisclosed amount of jewelry on June 22, the Los Angeles Police Department said. After the incident, a security guard started to chase the man, who fired at least one shot into the air while still in the mall. The robber then hopped into a waiting car and sped off. Nobody was hurt. LAPD detectives are still investigating the incident.


Debit Breach Hits Ohio Accounts
BankInfoSecurity.com (06/21/11) Roman, Jeffrey

A breach of debit card accounts that began in April has now affected more than 20 banks and credit unions in the Northeast Ohio area. FICO's Mike Urban says the most likely cause of the breach was the interception of CVV2 card security codes used to authenticate signature-based online or over-the-phone purchases. Using stolen debit data, scammers struck accounts with bogus signature-based transactions used for such purchases. Tens of thousands of accounts may have been compromised, based on the number of targeted organizations. Fraudulent transactions at Walmart, CVS, and AutoZone were reported, while other purchases were initiated abroad, including in Germany and the Philippines. The intrusion also could have been related to a phishing scheme, and TowerGroup's George Tubin points to the likelihood of a link among all the exposed debit accounts. "It's not a skimming situation," Urban says. "Likely, it was related to one or several attacks on a card-not-present merchant."


Risk's Rewards: Organizational Models for ERM
CSO Magazine (06/11) von Hoffman, Constantine

Businesses often create various monitoring groups like information security, physical security, and business continuity that report to multiple leaders, such as CSO, CIO, or COO. But such an approach often prevents a company from having a department or person who knows all the risks faced by a company. Many businesses are addressing this uncertainty by deploying enterprise risk management (ERM) processes that merge the information and the responsibility in a single place. ERM efforts enable the integration of threat information and yield improved analyses. "Now the information is not just seen through the security lens. We're beginning to see where we can learn from each other's perspective," notes Eric Cowperthwaite, CISO for Providence Health and Services. Having a uniform system is beneficial because all entities must rely on standardized evaluation criteria, assessment process, and definitions. Deploying ERM to its full advantage requires forming a single department or team that is responsible for risk. This requires buy-in from senior management or that leaders take the initiative to launch it. It is also important to comprehend the full business lifecycle, or how people, processes, and technologies impact vendor management, business continuity, information risk, product-development risk, and fraud and loss.


Catch Me If You Can
US Banker (06/11) Vol. 121, No. 6, P. 34 Fest, Glen

Security officials at major banks are guiding an initiative with the American Bankers Association to devise BanCAPture, a two-years-in-the-making robbery database. BanCAPture enables banks to submit robbery details directly to the FBI, instead of through local law enforcement agencies, so that the bureau can perform faster data analysis and help banks enhance their security. In addition, the database will let banks exchange crime information with each other, leading to more immediate notifications of potential threats in banks' geographic regions. Enabl-U Technologies CEO Kevin McMenimen says that the system allows easy submission of information about robberies that occur in users' branches and ordering of custom reports analyzing robberies across the nation. "The real value comes in two places," McMenimen notes. "I know events are happening in my area, so I can protect my people and my brand. The other one is on resource allocation. Now I can look at this information, what's working and what's not." BanCAPture is already in use at enough major banks so that data can come in from 40 percent of the U.S.'s branches, and the ABA says the database will be made available at all banks, thrifts, and credit unions this summer. McMenimen attributes the database's protracted rollout to the challenge of managing the legal and compliance issues of participating large banks, and pilot banks were coaxed to adopt the platform by assurances from Enabl-U and CAP Index that the data had restricted availability. BanCAPture advocate Stephanie Clarke with Cleveland's KeyBank says that having robbery data at hand will help in detecting trends and spotting where and when ATM skimming is likely to flourish so preventative measures can be implemented. KeyBank also can employ the database to identify any areas of difficulty for new branch expansion. The FBI is expected to fully participate in BanCAPture and incorporate its own robbery statistics into the database.




Suspect in Shootings Eluded Detection
Washington Post (06/24/11) P. A1 White, Josh; Klein, Allison

Authorities say that Yonathan Melaku, the 22-year-old Marine Corps Reservist who was arrested June 17 after a security scare at the Pentagon, was able to avoid detection because he lived a seemingly ordinary life, living at his parent's home in Alexandria, Va. Staying under the radar, authorities said, may have helped Melaku avoid being caught for allegedly carrying out a number of shootings in the Washington, D.C., area last fall. Between Oct. 16 and Nov. 1, shootings took place at the Marine Corps Museum in Triangle, Va., the Pentagon, and a Marine recruiting center in Chantilly, Va. Officials initially believed that whoever carried out the shootings had a grievance with the Marine Corps, but now they are not sure as to what the motivations for the shootings may have been. On June 17, Melaku was arrested in Arlington National Cemetery and was found in possession of the bomb making material ammonium nitrate. A subsequent search of Melaku's home uncovered directions for making a timer for an improvised explosive device as well as a list of materials needed for such a device, such as a battery and wires. No ties between Melaku and any terrorist organization have been discovered, though officials have said that his writings and documents found on his laptop seem to point to a desire to carry out jihad. Melaku faces between 35 years to life in prison if convicted on the charges against him.


Osama bin Laden Phone Calls Show He Had Powerful People Watching Over Him
Telegraph.co.uk (06/24/11) Nelson, Dean

The discovery of cell phone records belonging to Osama bin Laden's courier is raising questions about Pakistan's Inter-Services Intelligence (ISI). The records show that the courier had made calls to the commanders of the ISI-linked terrorist group Harkat ul Mujahideen (HuM). The group is believed to be involved in Pakistan's proxy war with India in the disputed region of Kashmir, and was involved in the murder of Daniel Pearl. U.S. officials have also said that the commanders were in touch with Pakistani intelligence officials on a regular basis. However, there is no evidence that anyone from HuM was protecting bin Laden or that the group's leaders were in touch with officials at ISI about the al-Qaida chief.


Petraeus Hearing to Probe CIA Role
Wall Street Journal (06/23/11) Gorman, Siobhan; Barnes, Julian E.

Gen. David Petraeus will appear before the Senate Intelligence Committee on Thursday for a confirmation hearing, as lawmakers consider whether or not he should replace Leon Panetta as CIA director. Among the issues that could be raised at the hearing is the manner in which captured al-Qaida militants should be handled. Gen. Petraeus has said in the past that he believes that al-Qaida militants should be captured rather than killed whenever possible. However, lawmakers want to know where these militants would be detained now that the CIA's prison network has been shut down. One potential option is to detain captured militants at U.S. military facilities. Lawmakers are also expected to ask Gen. Petraeus about whether he plans to maintain the current rapid pace of unmanned drone attacks in Pakistan that has been established by Panetta or whether he believes that the attacks should be scaled back, as some in the State Department and the U.S. military are advocating. A number of aspects of Gen. Petraeus's likely approach to the job of CIA director are already known, including the fact that he will expand the use of joint CIA-special operations assaults like the one that was carried out against Osama bin Laden's compound last month. Gen. Petraeus is expected to be easily confirmed by the Senate.


U.S. To Launch Trusted Air Traveler Program in Fall
Reuters (06/23/11) Pelofsky, Jeremy

The Transportation Security Administration (TSA) has announced that it plans to launch a new trusted traveler program in the fall in select airports and with select airlines. Under the program, users will be able to pay to undergo security background screenings so that they can be selected for lighter screenings when they fly. "We're working with airlines, U.S. carriers initially, to say for those who are willing to share information about themselves, what can we gain from that that would help us make informed judgments" about passenger security, TSA Administrator John Pistole said in testimony before the Senate Homeland Security Committee on Wednesday. Pistole also said that he hopes to address concerns about TSA treatment of children, but noted that youngsters cannot be exempted because militants have used children in attacks in the past. "We have changed the policy to say that there will be repeated efforts to resolve that without a pat down," Pistole said. "I will be announcing something in the not-too-distant future about a change in policy as it relates to children."


Pentagon Bomb Scare: Is the Suspect a Lone-Wolf Terrorist?
ABC News (06/20/11)

Authorities are continuing to investigate the security scare that took place near the Pentagon on June 17. The scare began around 2 a.m. that day, when an army policeman confronted Marine Corps Reserve Lance Corporal Yonathan Melaku at Arlington National Cemetery, which is located near the Pentagon. Melaku ran away after being confronted by the policeman, though officers eventually caught him. After Melaku was arrested, authorities found him in possession of four bags that were labeled "ammonium nitrate," a substance that is used to make bombs. Melaku was also carrying used 9mm ammunition and a notebook that contained the words "al Qaeda," "Taliban rules," and "mujahidin." Fearing that Melaku may have planted bombs at Arlington Cemetery and the nearby Iwo Jima Memorial, authorities shut down traffic near the Pentagon and conducted a search of Melaku's Alexandria, Va., home. Those searches did not uncover any explosives. Tests on the substance Melaku was carrying also came up negative for explosive material. Authorities believe that Melaku was acting alone. No links between Melaku and terrorist organizations have been found.




Hacker Admits Stealing iPad Data
Wall Street Journal (06/24/11) Bray, Chad

A 26-year-old San Francisco man pleaded guilty on Thursday to identity theft and conspiracy charges stemming from his involvement in the security breach of AT&T's servers last year. Prosecutors said that Daniel Spitler and another man wrote a program that mimicked the behavior of an Apple iPad 3G in order to trick the servers into thinking that they were communicating with an actual iPad. In addition, Spitler and his accomplice allegedly exploited a vulnerability in AT&T's Web site so that they could steal the e-mail addresses and personal information of roughly 120,000 iPad users, including chiefs of corporations, federal officials, and Hollywood executives. Prosecutors said that Spitler and his accomplice carried out the attack in order to do damage to AT&T and to promote themselves and the hacker group Goatse Security.


Hacker Group Posts Arizona Police Documents
Wall Street Journal (06/24/11) Morse, Andrew; Sherr, Ian

The hacker group LulzSec has posted confidential files from the Arizona Department of Public Safety to protest against what it said was the racial profiling of immigrants in the state. The files included e-mails, training manuals, and intelligence documents, and are believed to have been accessed via the e-mail accounts of eight officers. A spokesperson for the police said that they are looking into the details of the breach in an attempt to prevent future hacks. This is the latest in a string of LulzSec attacks. The group's other targets included Sony, the Atlanta chapter of FBI affiliate InfraGard, and PBS.


Inside the Anonymous Army of 'Hacktivist' Attackers
Wall Street Journal (06/23/11) Bryan-Low, Cassell; Gorman, Siobhan

The rise of so-called "hacktivist" groups like Anonymous and LulzSec is causing computer experts to be increasingly worried about the security of public and private sector computer systems. Both groups, which are made up primarily of young males in their late teens, 20s, and early 30s, are difficult for law enforcement agencies to target because they generally lack a leadership structure or a formal decision-making process. Gregg Housh, a Boston-based Web designer who helps Anonymous with logistics, says that Anonymous is powerful because it is more of an idea than a group. However, those who have taken part in Anonymous--which has been blamed for a data security breach at the Internet security firm HB Gary Federal that resulted in 70,000 e-mails being posted online--say that it has a core group of about 15 people who run Anonymous' online chat rooms. In addition to running the online chat room, the core leaders can also ban someone from a channel on Anonymous' online forums or ban them from an entire network. LulzSec, meanwhile, consists of a core group of about 10 people and is known for its hacking abilities. The group has taken responsibility for a number of recent cyberattacks, including attacks against Web sites run by the U.S. Senate and the CIA.


U.K. Detains Hacking Suspect
Wall Street Journal (06/21/11) Bryan-Low, Cassell; Gorman, Siobhan

A 19-year-old man who is believed to have been involved in network security breaches and denial-of-service attacks against a number of companies was arrested in the U.K. on Monday. Sources who are familiar with the case say that the man who was arrested was Ryan Cleary, a name that has occasionally been connected to the hacker groups Anonymous and LulzSec. Security specialists say that Cleary became a prominent member of Anonymous following the FBI's seizure of several computers belonging to another Anonymous member in January. Those computers were being used by Anonymous to launch cyberattacks. After the computers were seized, Anonymous began using a botnet that Cleary controlled with his own computers, security specialists said. Security specialists also believe that Cleary took his botnet to LulzSec, another hacker group that is believed to have been involved in a number of cybersecurity breaches at several different companies and government agencies. The computers that were being controlled by Cleary are believed to have been used for LulzSec's Internet chat channel. Police are still trying to determine whether Cleary was a member of LulzSec.


Hacked Off: Executive Learns From Cyberattack
Wall Street Journal (06/20/11) Ramstad, Evan

Major changes have been made to the structure of Hyundai Capital Services following the data security breach at the South Korean consumer-finance company in early April. During that security breach, hackers stole confidential information from the company's computer system and threatened to release it if the company did not pay a ransom. Three suspects associated with a South Korean group were eventually arrested, though another group of hackers that was also found to have been involved in the attack were beyond the reach of South Korean authorities because they were located in the Philippines. Since the attack, CEO Ted Chung has begin treating the information-technology department as a unit that is essential to everything the company does, instead of treating it as one of many units. Chung has also spent time learning about network architecture, security infrastructure, and the tradeoffs that sometimes have to be made between protecting data and ensuring customer satisfaction. In addition, Hyundai Capital Services' IT department has added a security unit that reports directly to Chung. Finally, the introduction of a number of new products has been slowed down to ensure that new security vulnerabilities are not created.


Abstracts Copyright © 2011 Information, Inc. Bethesda, MD


  ASIS also offers a daily and a non-sponsored, special-content Professional Edition of
Security Newsbriefs. Please click to see a sample or to contact us for more information.

Unsubscribe | Change E-mail | Advertising Opportunities | Security Management Online | ASIS Online

No comments: