Monday, October 22, 2007

Daily Report

· Local Florida news station, WKMG 6, reports that several individuals have been arrested recently in Florida for using specially altered trucks to siphon off fuel from gas stations. Police believe that the trucks may be linked to an organized crime ring. (See item 1)

· Government Executive writes that witness testifying before a Wednesday of the House Homeland Security Subcommittee on Emerging Threats, Cybersecurity, Science and Technology said that current regulations to protect control systems supporting power plants nationwide fall short of federal recommendations, posing a serious threat to electric infrastructure and national security. (See item 3)

Information Technology

26. October 19, E-Security Planet – (National) Code Green brings data loss prevention to SMBs. A new Data Loss Prevention (DLP) appliance has been launched by Code Green Networks Inc. of Santa Clara, California. The new CI-750 appliance enables small offices with 50-250 users and distributed enterprises to protect sensitive data leaving the organization. The company’s founder says small businesses face identical challenges as larger organizations in terms of protecting confidential data and safeguarding intellectual property - including having to comply with the same federal and state regulations and guidelines as organizations with more resources at their disposal. This is especially true with new guidelines set forth by the Federal Trade Commission (FTC) for protecting personal information, and recent amendments to the Federal Rules of Civil Procedure (FRCP) regarding the protection of electronic communications for e-Discovery purposes. However, unlike their large enterprise counterparts, small businesses typically do not have in-house security experts or compliance officers advising them on what they should be doing to secure their data. As a result, they are not quite in step with their larger industry counterparts when it comes to deploying technology and instituting and enforcing data protection policies. The appliance costs $10,000, which the company’s owner says is a price point intended for small businesses.

27. October 19, Computer World – (National) Attacks exploiting RealPlayer zero day in progress. Attackers are exploiting a zero-day vulnerability in RealPlayer in order to infect Windows machines running Internet Explorer, Symantec Corp. said late Thursday. The security company issued an alert that rated the threat with its highest possible score. According to a warning issued to customers of its DeepSight threat network, Symantec said an ActiveX control installed by RealNetworks Inc.’s RealPlayer program is flawed. When combined with Microsoft Corp.’s Internet Explorer (IE) browser -- which relies on ActiveX controls to extend its functionality -- the bug can be exploited and malicious code downloaded to any PC that wanders to a specially crafted site. Only systems on which both RealPlayer and IE have been installed are vulnerable. Symantec also referenced a blog that had posted some information about the RealPlayer vulnerability Wednesday morning. The blogger, identified only as Roger, claimed that the NASA space agency has warned workers not to use IE because of an unspecified problem with RealPlayer. Roger quoted from what he claimed was a NASA bulletin. “The malware appears to be spreading through a large variety of common and highly-respected Internet sites,” the NASA warning reportedly said. “However it does not appear these sites are themselves infected. The affected sites are serving solely as a mechanism to attract potential victims.” NASA’s public affairs team at the Ames Research Center in northern California was not available for comment Thursday night.

Communications Sector

28. October 19, BBC – (International) Mobile phone use backed on planes. Cellular phone use is currently prohibited on planes because there is evidence that it interferes with onboard communication and navigation systems. Research published in 2003 found that mobile phone signals skewed navigation bearing displays by up to five degrees. But now, regulators around Europe are calling for consultation on the potential introduction of a technology that permits mobile calls without risk of interference with aircraft systems. If given the go ahead, the service would allow calls to be made when a plane is more than 3,000 meters high. Individual airlines would then decide if they wanted to introduce the technology. The European Union has recommended to member states that the plan go ahead and space on the airwaves has been reserved for the technology. The proposed system utilizes an on-board base station in the plane which communicates with passengers’ own handsets. The base station - called a pico cell - is low power and creates a network area big enough to encompass the cabin of the plane. The base station routes phone traffic to a satellite, which is in turn connected to mobile networks on the ground. A network control unit on the plane is used to ensure that mobiles in the plane do not connect to any base stations on the ground. It blocks the signal from the ground so that phones cannot connect and remain in an idle state. The regulator said that the technology could be implemented next year.

29. October 18, The Star Tribune – (Minnesota) Globalstar signs agreement to increase satellite messaging capacity to 10 times and further expand Simplex data coverage. Globalstar, Inc., a provider of mobile satellite voice and data services to businesses, governments, and individuals, today announced that Radyne Corporation business unit AeroAstro will supply Globalstar with the necessary network upgrades that will enhance both the receiver sensitivity and the overall customer messaging capacity of the Globalstar Simplex data network. According to the recently signed agreement, AeroAstro will provide Globalstar with the ground network upgrades needed to expand the current subscriber messaging capacity of the Globalstar Simplex data network by 10 times and increase receiver sensitivity of the network by up to 40 percent. Increased receiver sensitivity will further expand the geographic coverage area of Globalstar’s gateway earth stations and is expected to improve Simplex message transmission reliability, which already exceeds 99 percent in the gateways’ primary coverage area. Deliveries of the necessary upgrades are scheduled to begin in early 2008. Globalstar’s Simplex data network is used to support a variety of aviation flight-following, emergency asset, fleet and personal tracking applications. Simplex data modem integrated solutions are also used for a number of remote monitoring and alarm applications, both within and beyond the reach of traditional wireless and terrestrial infrastructure. Information such as GPS location co-ordinates, remote status and other sensor information can be sent to customers using the Globalstar Simplex network.