Monday, February 25, 2008

Daily Report

• According to the North Platte Bulletin, there is a train derailment accident somewhere in the U.S. every five hours, according to the Federal Railroad Administration (FRA). There were 1,696 derailments nationwide from all railroad companies, a reduction of 14 percent from 1,982 derailments in 2006. There were 1,722 hazmat releases nationally from United Pacific (UP) and 215 hazmat cars damaged or derailed. (See item 13)

• BBC reports that several hundred protesters attacked the U.S. and other embassies on February 23 in Serbia’s capital in anger at Western support for Kosovo’s independence. The UN Security Council condemned the attacks. The violence followed a peaceful rally by at least 150,000 people in the city. Later about 1,000 protesters smashed their way into the U.S. embassy, throwing flares through the window while others scaled walls to rip down the US flag. (See item 23)

Information Technology

27. February 22, Internet News – (International) Yo quiero antivirus. Malware goes multilingual. Cybercriminals are turning their targets on the growing markets around the world, creating localized content in native languages or targeting specific interests of that nation. That is the main takeaway from McAfee Avert Labs global malware trends Sage report, called “One Internet, Many Worlds.” For the longest time, Americans and English-speakers were the targets, but the crooks are going global. The growth of emerging markets like BRIC (Brazil, Russia, India and China) and EMEA (Europe, Middle East and Africa) has served to make them targets as well. “Two years ago, we couldn’t have had this conversation,” a security research and communications manager for McAfee’s Avert Labs, told “Most malware and spam was 95 to 98 percent English, directed at people who speak English. Now international malware is six to seven percent of the total instead of one to two percent, and it’s growing.” With 23 languages in the European Union alone, McAfee’s researchers found that cybercriminals are either hiring locally in different nations or swapping code written in different languages so they can target specific countries. The rise in international malware is just a logical follow on to the growth in international markets. The problem is only growing. At the start of the year, McAfee identified around 528 new pieces of malware per day. By the end of 2008, it expects to see 750 new pieces per day.

28. February 21, Electronic Frontier Foundation – (National) Research team finds security flaw in popular disk encryption technologies. A team including the Electronic Frontier Foundation (EFF), Princeton University, and other researchers have found a major security flaw in several popular disk encryption technologies that leaves encrypted data vulnerable to attack and exposure. An EFF Staff Technologist and a member of the research team said “This new class of vulnerabilities shows it is not a sure thing. Whether your laptop is stolen, or you simply lose track of it for a few minutes at airport security, the information inside can still be read by a clever attacker.” The researchers cracked several widely used disk encryption technologies, including Microsoft’s BitLocker, Apple’s FileVault, TrueCrypt, and dm-crypt. These “secure” disk encryption systems are supposed to protect sensitive information if a computer is stolen or otherwise accessed. However, in a paper and video published on the Internet on Thursday, the researchers show that data is vulnerable because encryption keys and passwords stored in a computer’s temporary memory – or RAM – do not disappear immediately after losing power. Laptops are particularly vulnerable to this attack, especially when they are turned on but locked, or in a “sleep” or “hibernation” mode entered when the laptop’s cover is shut. Even though the machines require a password to unlock the screen, the encryption keys are already located in the RAM, which provides an opportunity for attackers with malicious intent. The research released Thursday shows that these attacks are likely to be effective against many other disk encryption systems because these technologies have many architectural features in common. Servers with encrypted hard drives are also vulnerable. The researchers have submitted the paper for publication and it is currently undergoing review.

Communications Sector

29. February 21, – (National) Researchers figure out how to crack GSM phone security. Two enterprising researchers claim to have figured out a way to eavesdrop on calls made using GSM mobile phones, cracking open its much-vaunted encryption. According to the two men who presented the technique at the Black Hat security conference in Washington this week, GSM calls can now be recorded over long distances and cracked open in half an hour using only $1,000 worth of field programmable gate array-aided computer equipment and a frequency scanner. Although GSM’s 64-bit A5 stream cipher has been theoretically vulnerable for some time, this is the first time anyone has demonstrated a way of doing it without investing in expensive, specialized equipment and without it taking years. According to one of the men, spend $100,000 on hardware and the crack can be done in only 30 seconds using massively parallel processing technology. His company, Pico Computing Inc., is now developing the fast version to sell to agencies such as law enforcement, but plans to give away the slower version for free. GSM is used all over the world by mobile phone companies, and is used in the U.S. by several networks, most notably AT&T and T-Mobile. It is considered to be secure enough that even criminals use it, simply cycling phones to avoid the theoretical risk of being tracked.