Search This Blog

Friday, March 28, 2014

Security Management Weekly - March 28, 2014

header

  Learn more! ->   sm professional  

March 28, 2014
 
 
Corporate Security
Sponsored By:
  1. "U.S. and U.N. Call on Myanmar to Curb Violence Against Aid Groups"
  2. "Target Had Chance to Stop Breach, Senators Say"
  3. "Nearly Two Dozen Charged in Statewide Retail Theft Ring"
  4. "Companies in Russia Urged to Dust Off Evacuation Plans"
  5. "The Top Steps to Handling an Executive Kidnapping"

Homeland Security
Sponsored By:
  1. "White House Pushes Congress to Quickly Pass Changes to NSA Data Collection Program"
  2. "ASIS Signs MOU with DHS"
  3. "Jurors Convict Abu Ghaith, Bin Laden Son-in-Law, in Terror Case"
  4. "Qaeda Militants Seek Syria Base, U.S. Officials Say"
  5. "New Images 'Most Credible' Lead Yet on Plane"

Cyber Security
Sponsored By:
  1. "Coburn: Senate Panel Aiming for Bill to Boost DHS Cyber Hiring"
  2. "Computer Security Problems at VA More Than Doubled in the Past Six Years" Department of Veterans Affairs
  3. "Microsoft Warns Word Users of Ongoing Attacks Exploiting Unpatched Bug"
  4. "Report: Passwords Take a Toll on Employees"
  5. "Feds Aren't Worried About Windows XP Vulnerabilities"

   

 
 
 
 
 
 

 


U.S. and U.N. Call on Myanmar to Curb Violence Against Aid Groups
Wall Street Journal (03/28/14) Mahtani, Shibani ; Myo, Myo

The U.S. Embassy in Myanmar and the United Nations have expressed concerns about the security of aid workers in the country's Rakhine state following violence on Wednesday and Thursday outside the offices of two humanitarian organizations. The Embassy said in a statement that it has relocated at least three American aid workers, as well as a number of workers from other countries, to protect them after thousands of Buddhist protesters broke the windows of the offices of the medical aid group Malteser International and Medicins sans Frontiers in the city of Sittwe. The demonstrators also reportedly threw stones at aid workers' homes in the area. The U.S. Embassy said the incident highlighted the lack of security and the breakdown in the rule of law in Sittwe and Rakhine state. The U.N., meanwhile, has called on the government of Myanmar to take steps to better protect aid workers. A curfew has been put in place in the region to prevent further violence. Threats, intimidation, and harassment directed at the aid workers has become increasingly common amid complaints from the Buddhist population that the agencies are helping Muslims more than Buddhists. Sittwe and Rakhine state are heavily segregated along religious lines.


Target Had Chance to Stop Breach, Senators Say
New York Times (NY) (03/27/14) Harris, Elizabeth A.

At a Senate Commerce Committee hearing on Wednesday, Democratic Sens. Jay Rockefeller (W.Va.) and Richard Blumenthal (Conn.) said that Target's top executives were behind the company's failure to heed warning signs and stop the data breach in 2013. A committee staff report had indicated that the company may have missed several chances to prevent the attack, as it neglected to establish stronger protections against suspicious activities and failed to respond to warning signals from its malware intrusion system. Blumenthal noted that these warnings were missed by Target's management, and warned that technology is "useless there is good management." Target Chief Financial Officer John Mulligan testified at the hearing and told lawmakers about the steps the company is taking to improve its data security, including implementing stronger authentication requirements and limiting access to the company's systems. He said that Target is "asking hard questions" about whether it could have taken different actions before the breach was discovered "that would have resulted in different outcomes." Several Democratic senators have backed a bill which would allow the Federal Trade Commission to regulate data security standards and force companies that suffer data breaches to notify any customers that might have been affected.


Nearly Two Dozen Charged in Statewide Retail Theft Ring
Orlando Sentinel (FL) (03/27/14) Roustan, Wayne K.

The Miami-Dade, Fla., State Attorney's Office filed charges against 23 people in connection with their alleged involvement in a Florida shoplifting ring that is believed to have stolen $15 million worth of goods. Sixteen of the suspects were arrested on March 27 after a year-long investigation dubbed Operation Over the Counter, which was conducted in cooperation with several Florida law enforcement agencies and the Department of Homeland Security. The suspects had a variety of roles in the ring, which included shoplifters, middlemen, and retailers who fenced the products online and in a family-owned store. State Attorney Katherine Fernandez-Rundle reports that the suspects will face racketeering charges because they were paid an estimated $1,000 daily to steal lots of small items like Tylenol and razors from retailers such as Walgreens, Publix, and CVS. Other charges against the suspects include aggravated white-collar crime, dealing in stolen property, and money laundering.


Companies in Russia Urged to Dust Off Evacuation Plans
Bloomberg (03/20/14) Drajem, Mark

Corporate security analysts say that American companies doing business in Russia face a number of potential security risks stemming from the dispute between Moscow and the West over the status of Ukraine's Crimea region. Brian M. Jenkins, a senior adviser to the president of the research firm RAND Corp., says that the tensions could result in an increase in anti-American sentiment in Russia. Companies doing business in Russia should be on the lookout for signs that the local population is becoming increasingly angry with the U.S., and should be prepared to evacuate their personnel if the situation becomes too dangerous, Jenkins said. Jenkins added that any non-essential travel to Russia should be delayed for the time being. In addition, companies doing business in Russia should be aware of the potential for cyberattacks and should plan accordingly by implementing appropriate cybersecurity measures, Jenkins said. Meanwhile, Control Risks Global Research Director Charles Hecker says that companies that operate in heavily-regulated industries in Russia could face retaliation from that country's government if the U.S. decides to adopt more stringent sanctions or if tensions increase.


The Top Steps to Handling an Executive Kidnapping
Security Magazine (03/14) Sanchez, Aaron

Executive kidnapping remains a serious risk in some countries important to global business operations, but professional response consultants say there are ways to prevent these incidents and to ensure that those involved in abductions can be safely returned to their families. The first hours are the most critical in the event of a kidnapping, which means companies should establish a Crisis Management Plan (CMP) and identify a response company that handles kidnappings in high risk zones. Companies should also consider kidnap/ransom and extortion coverage that reimburses losses from a ransom payment and other associated costs. For companies working in areas with a high kidnapping risk, response consultants should work with organizational security to develop a CMP that includes tools, techniques, and personnel to respond and manage any incident quickly. That said, no two kidnappings are exactly alike, making it important that the response consultant and the crisis management team do not eliminate any possibility that could contribute to the victim's safe return, including working with law enforcement. Finally, it is important that companies do not allow kidnappings or the possibility of kidnappings to derail business operations in an area.




White House Pushes Congress to Quickly Pass Changes to NSA Data Collection Program
Washington Post (03/28/14) Nakashima, Ellen

A senior Obama administration official says the White House hopes Congress will move quickly to pass legislation that would codify the president's proposal for overhauling the National Security Agency's telephone metadata collection program. President Obama has already ordered a number of changes to the program, including limiting NSA analysts from searching for records beyond two hops from the original phone number they search for. In addition, every phone number that is queried must be certified by a judge as being associated with a terrorist or terrorist organization. However, legislation is needed to make these and other proposals from the administration permanent. The president wants Congress to reform the metadata collection program in a number of other ways as well, including limiting the government to receiving phone records only with an order from the Foreign Intelligence Surveillance Court that approves the use of certain phone numbers for queries. That limitation would not be applicable in the event of an emergency. Meanwhile, Senate Intelligence Committee Chairwoman Dianne Feinstein (D-Calif.) said she will schedule a hearing to examine the president's proposal. The senior Obama administration official hinted that the White House wants Congress to pass reform legislation within the next 90 days, before the authorization for the current version of the program expires.


ASIS Signs MOU with DHS
SecurityInfoWatch.com (03/27/14) Griffin, Joel

ASIS International and the Department of Homeland Security (DHS) Science and Technology Directorate signed a memorandum of understanding (MOU) on Wednesday that promises to help ASIS members and vendors more easily gain insight into DHS's risk mitigation and security technology research efforts. The agreement calls for ASIS and DHS to work together on a variety of outreach efforts to educate ASIS members and vendors about some of DHS's capability gaps and technology requirements. Thomas J. Langer, the secretary of the ASIS board, said the MOU will help the security industry focus its research and solutions on critical security problems identified by DHS. Langer added that the agreement underscores the important role public-private partnerships have to play in securing the nation's cities and its critical infrastructure. Utilizing the advancements in security that have been achieved by ASIS members and vendors will be beneficial in the effort to improve critical infrastructure security, Langer said, in part because federal funding will be allocated for other programs.


Jurors Convict Abu Ghaith, Bin Laden Son-in-Law, in Terror Case
New York Times (03/27/14) Weiser, Benjamin

A federal jury on Wednesday convicted Sulaiman Abu Ghaith, who served as a spokesman for Osama bin Laden in the wake of the Sept. 11 attacks, on three terrorism charges that could result in him spending the rest of his life in prison. Abu Ghaith--who was convicted on charges of conspiring to kill Americans, providing material support to terrorists, and conspiring to provide material support to terrorists--appeared in a series of videotaped messages that prosecutors said were an attempt to spread bin Laden's threats, provide encouragement to al-Qaida members, and recruit new members for the terrorist group. In one of those videos, Abu Ghaith reportedly praised the Sept. 11 attacks and suggested that there would be more terrorist attacks involving airplanes. Abu Ghaith's attorneys suggested during the trial that their client was not always speaking for al-Qaida in the videos and that he was sometimes speaking on behalf of the entire Muslim world. The attorneys say they are considering appealing the conviction. If their appeal fails and the Abu Ghaith case is successfully concluded once and for all, it could make it easier for the Justice Department to try other suspected terrorists in federal court instead of in military tribunals.


Qaeda Militants Seek Syria Base, U.S. Officials Say
New York Times (03/26/14) Schmitt, Eric

U.S. intelligence and counterterrorism officials are concerned about the dozens of al-Qaida operatives who are traveling from Pakistan to Syria, possibly as an effort to turn that war-torn country into a new base of operations and a launching pad for attacks on the West. The concerns are based in part on new intelligence assessments that indicate that al-Qaida chief Ayman al-Zawahri and other senior leaders of the terrorist group are hoping to create new terrorist cells in Syria. Officials say these new cells are being populated by dozens of al-Qaida operatives from Pakistan, including experienced fighters, who are charged with identifying, recruiting, and training the 1,200 people from the U.S. and Europe who have traveled to Syria to fight in the country's civil war. There are a number of reasons why al-Qaida is trying to establish a base in Syria, including the fact that placing operatives in Syria puts them out of reach of the U.S. drone campaign in Pakistan. American officials also believe that Syria is an appealing location for al-Qaida because of its location near Iraq, which is home to a number of al-Qaida support networks. However, at least one Western security official disagrees that the al-Qaida members who have traveled to Syria are planning to attack Western interests, and says that the fighters who are traveling to the country are not going as part of an organized effort by al-Qaida.


New Images 'Most Credible' Lead Yet on Plane
Washington Post (03/26/14) Yang, Jia Lynn; Wan, William

Malaysian Defense Minister Hishammuddin Hussein reported March 26 that new satellite images that show more than 100 pieces of debris floating in the Indian Ocean may be the "most credible" lead so far on the fate of Malaysian Airlines Flight 370. According to Hishammuddin, some of the objects seen in the images taken of the ocean surface about 1,600 miles off the coast of Perth, Australia, are as long as 75 feet. The images were captured by France's Airbus Defence and Space three days ago and analyzed by Malaysia's remote sensing agency. Although it is too soon to know if the images do indeed show the remains of Flight 370, Malaysian officials have shared them with Australian authorities running the search in that area of the Indian Ocean. This is the fourth set of satellite images showing debris that may have come from the plane, but physical searches have yet to turn up any actual signs of the plane's wreckage. The search for the plane's debris was delayed on March 25 because of bad weather.




Coburn: Senate Panel Aiming for Bill to Boost DHS Cyber Hiring
Politico Pro (03/26/14) Romm, Tony

Sen. Tom Coburn (R-Okla.) says the Homeland Security and Governmental Affairs Committee at its next markup session will consider a bill to help the Department of Homeland Security hire more cybersecurity professionals. Coburn said a bill is coming but did not offer a specific timeframe, while Sen. Tom Carper (D-Del.) stressed hiring is one of many cybersecurity issues the committee must tackle.


Computer Security Problems at VA More Than Doubled in the Past Six Years
NextGov.com (03/25/14) Brewin, Bob

During a recent hearing of the U.S. House Veterans Affairs Oversight and Investigations Subcommittee, Government Accountability Office officials reported the Veterans Affairs Department has failed to adequately secure its networks and computer systems despite numerous reports of flaws and breaches in the last 16 years. GAO says the number of computer security incidents the VA has reported to the U.S. Computer Emergence Response Team more than doubled over the last six years, from 4,834 in 2007 to 11,382 in 2013. Reported incidents included unauthorized access, denial-of-service attacks, malware infections, improper use of computer resources, and a variety of scans, probes, and attempts to breach VA networks and systems. GAO's Gregory Wilshusen cites a specific incident from January when 5,400 veterans using the VA eBenefits system were able to view the data of other veterans. Wilshusen says the VA struggles with access control, data security, and network risk management, and needs to develop a comprehensive, agency-wide information security program aimed at ensuring privileges are properly assigned, data is segregated and secured, and contingency plans are developed to prevent significant service disruptions.


Microsoft Warns Word Users of Ongoing Attacks Exploiting Unpatched Bug
Computerworld (03/24/14) Keizer, Gregg

Several versions of Microsoft Word contain a vulnerability that could allow an attacker to execute remote code, according to Microsoft. The vulnerability exists in the way Word parses Rich Text Format files, and can be exploited by convincing a potential victim to open a specially-crafted RTF file or by previewing a malformed message on a Windows machine running Microsoft Outlook 2007, 2010, and 2013, all of which use Word as their default editor. Attackers also could convince potential victims to visit malicious Web pages that feature drive-by attacks that exploit the RTF parsing vulnerability. However, DevOps' Andrew Storms says it is more likely that attackers will send malicious RTF files to victims via email, since cybercriminals can convince users to open a malicious email more easily than to trick them into visiting an infected website. Microsoft says the vulnerability exists in several versions of Word, including Word 2013, Word 2013 RT, and Word 2010, although only attacks against Word 2010 users have been seen in the wild. The company is working on a patch for the vulnerability, and is urging users of the affected versions of Word to utilize a Fix It that prevents the program from opening RTF files until the patch is finished.


Report: Passwords Take a Toll on Employees
Wall Street Journal (03/24/14) King, Rachael

According to a report from the National Institute of Standards and Technology, employees have so much difficulty remembering their passwords that they often wind up engaging in potentially risky practices while navigating password-protected systems simply because they are just trying to finish their work. The report found that employees are generally aware that these practices, including reusing the same password or writing down passwords, are less than ideal in terms of security. The report states that until IT departments are able to introduce user-friendly security, such practices are likely to continue. The report suggested that companies should introduce single sign-on technology that would enable employees to use one password for multiple systems, as employees are more willing to memorize a more complicated and secure password when they only have one such password to remember. The report adds that if this course of action is not viable, companies should try to implement as much consolidation and standardization of authentication as they can while urging employees to use password managers.


Feds Aren't Worried About Windows XP Vulnerabilities
NextGov.com (03/21/14) Sternstein, Aliya

The Obama administration says federal agencies do not expect problems when Microsoft ends support for the Windows XP operating system. On April 8 Microsoft will no longer provide security updates for Windows XP and about 10 percent of government computers still use the program. Some consider the matter to be a serious problem as the computers could become vulnerable to hackers. "Agencies have made significant progress in moving off Windows XP, and the federal government is ahead of the private sector in this regard," says a White House Office of Management and Budget official. Some agencies say continuing to use Windows XP is cost-effective because certain computers may not be connected to the Internet. Federal agencies also have been receiving help from the Department of Homeland Security to beef up security. Microsoft officials say the risk to federal computers users should be limited beyond April 9. “Because we are tightly working with our customers, and because of the types of systems that have yet to make the move off XP, we do not feel there is a substantially greater risk for the federal government on April 9 than there is on April 7,” says Microsoft’s Mark Williams. “That being said, at the end of the day, it’s important to remember that the most safe system is a modern one.”


Abstracts Copyright © 2014 Information, Inc. Bethesda, MD


  ASIS also offers a daily and a non-sponsored, special-content Professional Edition of
Security Newsbriefs. Please click to see a sample or to contact us for more information.

Unsubscribe | Change E-mail | Advertising Opportunities | Security Management Online | ASIS Online

No comments: