The Associated Press reports that Exelon Corp. will end its contract with Wackenhut Corp., which had provided security at the Peach Bottom nuclear power plant in south-central Pennsylvania. Wackenhut security officers were caught on videotape sleeping while on duty in the “ready room,” which is just steps away from the nuclear reactors. (See item 8)
CNN reports that an FBI investigation has revealed that Homeland Security computers were hacked into and that “significant amounts of information” was sent to Chinese language websites. Lawmakers said dozens of DHS computers were compromised and the incidents “were not noticed until months after the initial attacks.” (See item 30)
30. September 25, CNN – (National) Investigators: Homeland Security computers hacked. Hackers compromised dozens of Department of Homeland Security computers, moving sensitive information to Chinese-language Web sites, congressional investigators said Monday. Investigators blamed Unisys, a government contractor, saying the firm hired to protect DHS computers tried to hide the incidents from the department. The FBI is investigating the incidents, a congressional staffer said, and two members of Congress have asked the department’s inspector general to also launch an investigation. “The results of our [committee] investigation suggest that the department is the victim not only of cyber attacks initiated by foreign entities, but of incompetent and possibly illegal activity by the contractor charged with maintaining security on its networks,” said two congressional representatives in a written statement. The lawmakers said committee investigators found dozens of DHS computers were compromised and the incidents “were not noticed until months after the initial attacks.” The extent of the damage is unclear, but a House Homeland Security Committee staff member said the hackers “took significant amounts of information.”
31. September 25, CNet News – (National) Trojan attack targets top executives. Security company MessageLabs reported that 1,100 e-mails containing malware-infected RTF (rich text file) attachments were recorded over a 16-hour period this month. Four separate waves appeared between September 13 and 14, the company said. “All (the e-mails) were going after (top-level) management. The e-mails included the company name in the subject field, purporting to be a recruitment company. The top-level nature of the targets clearly indicates that the attackers are after information,” the MessageLabs representative said, “but the greater concern is the social-engineering technique used to spread the Trojan-harboring e-mail. The way that this works has the potential to be so effective. You are getting that top-down approach – if they forward that e-mail on internally, that e-mail is coming from a trusted source,” he said. Another security expert recently said that the perfect attack would be a zero-day attack using a rootkit-cloaked Trojan sent to an H.R. manager who, due to company policy, would be compelled to open the document. H added that there is little that organizations can do to protect against these threat types besides educating users of the risks, because banning the receipt of common file types is impractical.
33. September 25, News Week – (