Thursday, March 6, 2008
Daily Report
• According to NBC News, in a bulletin released Friday to U.S. law enforcement officials, the Transportation Security Administration (TSA) is warning of “continued strong terrorist interest” in targeting mass transit systems in the U.S. The 10-page threat assessment, titled the “Mass Transit System Threat Assessment,” cautions that the “U.S. mass transit and passenger rail systems are vulnerable to terrorist attacks because they are accessible to large numbers of the public and are notoriously difficult to secure.” (See item 12)
• ABC News reports that the Department of Homeland Security and the FBI issued an assessment, called “Potential Threats to Popular Sports and Entertainment Venues,” that said arenas and stadiums are attractive “potential targets during events.” The assessment repeatedly noted that the FBI and DHS have no “information on any credible or specific current terrorism plots to attack stadiums or arenas in the United States.” (See item 31)
Information Technology
26. March 4, Government Executive – (National) Contractor networks create security risk, Defense official says. Information technology contractors pose a major security risk by not locking down their networks properly, according to the Defense Department’s top IT official. The threat, along with risks associated with offshoring and acquisitions of American IT firms by foreign companies, are driving defense and intelligence agency initiatives to develop stricter information security standards. Contractors managed 1,353 systems on behalf of federal agencies in fiscal 2007, according to an Office of Management and Budget fiscal 2007 report on the implementation of the 2002 Federal Information Security Management Act, submitted to Congress in late February. Less than half of 25 major agencies said they “almost always” ensured that information systems used or operated by a contractor met the requirements of FISMA, OMB policy, and guidelines set by the National Institute of Science and Technology. Lack of oversight, combined with contractors’ failure to secure their networks, put sensitive government information at risk, said the Defense Department’s chief information officer and assistant secretary for networks and information integration, during a panel discussion Tuesday at the Information Processing Interagency Conference in Orlando, Florida. “We have a propensity to talk about the infrastructure, but we have to remember why we’re here – to protect the data,” he said. “There’s ‘exfiltration’ of sensitive data from contractors, [which is] a big issue for national security.” Smaller companies often present bigger risk because they are less accustomed to dealing with sensitive or classified information flowing through their networks than large systems integrators. Defense is working to educate large contractors and develop standards to ensure that proper security protocols are followed, and the department plans to do the same with network and IP providers.
Source: http://govexec.com/dailyfed/0308/030408j2.htm
Source: http://www.darkreading.com/document.asp?doc_id=147581
Communications Sector
28. March 5, Computerworld – (National) “Green” building windows can block cell signals. Indian Wells. The senior vice president for strategic planning and technical architecture at Bank of America said the bank has discovered that energy-efficient windows in its newer buildings are blocking cellular phone signals. As a result, the bank faces paying premium access charges to wireless carriers to enhance indoor cellular signals, she said. She spoke yesterday at a panel discussion on wireless technology at the Mobile & Wireless Enterprise 2008, sponsored by Frost & Sullivan. With more than 15 buildings in Charlotte, where the bank is headquartered, the three buildings designated as green are the ones where the cellular signal problem has been detected, she said. Bank of America is making good progress on a multi-year deployment of voice-over-IP phones for nearly all of its 200,000 workers, but the cellular problem in the green buildings was not anticipated, she said. And the bank’s staff is not yet sure how widespread the problem might be, though she says she suspects “we’re at the tip of the iceberg.” Several analysts and IT managers at the conference said they had never heard of the problem before, but Bank of America said the interference has been linked to a special doping material used in the manufacturing process. Metal is a well-known enemy of cellular signals, and companies in some large steel-framed buildings know that they need to enhance signals -- especially in the deep interiors of such buildings. But metal in window materials is a more recent development. In recent years, some greenbuilding architects have relied on new windows that have a thin metallic coating that reduces energy usage by reflecting heat into the building in the winter and out in the summer. On the flip side, some businesses have used the transparent metal linings in some window glass as a security advantage, blocking Wi-Fi piggybacking from outside – not to mention hackers sitting in a parking lot hoping to read data moving inside the building.
Source:
http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9066660&taxonomyId=17&intsrc=kc_top
Source:
http://www.rcrnews.com/apps/pbcs.dll/article?AID=/20080304/FREE/887188996/1017/rss01