Monday, March 17, 2008

Daily Report

• According to the KAKE 10 Wichita, a series of explosions at a chemical plant in Sterling, Kansas, woke up residents there Friday morning. Residents in the area say they heard explosions between five to eight minutes at the Jacam Chemicals plant in the southern part of the town. Sterling Police are confirming they received a call to the plant shortly after 5 a.m., but are not saying it was explosion at this time. (See item 3)

• Agence France-Presse reports U.S. officials said Thursday that “real and growing” threats to U.S. computer and telecommunications networks were behind the holding of Cyber Storm II, the largest-ever cyber-security exercises, this week. Computer security experts from five countries, more than 40 private sector companies, and numerous government and state agencies are spending a week fielding simulated “real-world,” on-line attacks on the computer systems of government bodies, corporations, transportation and other key industries. (See item 27)

Information Technology

26. March 13, Associated Press – (National) Electronic gadgets latest sources of computer viruses. Many of today’s new technologies have unwanted extras from the factory: pre-installed viruses that steal passwords, open doors for hackers, and make computers spew spam. Recent cases reviewed by the Associated Press include some of the most widely used tech devices: Apple iPods, digital picture frames sold by Target and Best Buy stores, and TomTom navigation gear. In most cases, Chinese factories – where many companies have turned to keep prices low – are the source. So far, the virus problem appears to come from lax quality control, perhaps a careless worker plugging an infected music player into a factory computer used for testing, rather than organized sabotage by hackers or the Chinese factories. It is the digital equivalent of the recent series of tainted products traced to China, including toxic toothpaste, poisonous pet food, and toy trains coated in lead paint. But sloppiness is the simplest explanation, not the only one. If a virus is introduced at an earlier stage of production, by a corrupt employee or a hacker when software is uploaded to the gadget, then the problems could be far more serious and widespread. Knowing how many devices have been sold, or tracking viruses with any precision, is impossible because of the secrecy of electronics makers and the companies they hire to make their products. But given the nature of mass manufacturing, the numbers could be huge.
Source:
http://www.cnn.com/2008/TECH/ptech/03/13/factory.installed.virus.ap/index.html

27. March 13, Agence France-Presse – (National) US holds largest ever simulated cyber-attack exercise. U.S. officials said Thursday that “real and growing” threats to US computer and telecommunications networks were behind the holding of Cyber Storm II, the largest-ever cyber-security exercises, this week. Computer security experts from five countries, more than 40 private sector companies, and numerous government and state agencies are spending a week fielding simulated “real-world,” on-line attacks on the computer systems of government bodies, corporations, transportation, and other key industries. The Department of Homeland Security (DHS) Under Secretary for the National Protection and Programs Directorate said the Cyber Storm II exercise sought to foster personal links between key officials in business and government. Those people, he said, are not always willing to share information about security issues involving the networks they run. Cyber Storm II tested the warning systems in place for attacks and sought to identify gaps in the way information was shared and reactions coordinated across various sectors. DHS officials declined to say what kinds of threats they found were most dangerous or what specific weaknesses were identified, citing security needs, but said a report on the exercise would be released later this year.
Source:
http://news.yahoo.com/s/afp/20080313/tc_afp/uscomputerinternetsecurity_080313232801;_ylt=Aq2VbO4qhZVic5Wjm8.igiDYa7gF

28. March 13, USA Today – (National) Bush calls for tighter cybersecurity. A sudden spike in the number of successful attacks against federal government information systems and databases has led President Bush to propose a multibillion-dollar response. The number of incidents reported to the Department of Homeland Security rose by 152 percent last year, to nearly 13,000, according to a new government report. The security breaches, more than 4,000 of which remain under investigation, ranged from the work of random hackers to organized crime and foreign governments, says the president of the Cyber Security Industry Alliance. The increase and severity of data breaches prompted Bush to recommend a 10 percent increase in cybersecurity funding for the coming fiscal year, to $7.3 billion. That is a 73 percent increase since 2004. Much of heightened concern focuses on China, which could be infiltrating U.S. government information technology systems despite denials by Beijing. In its annual report to Congress last week on China’s military power, the Pentagon said several cyberspace attacks around the world in 2007 were sourced back to China.
Source:
http://www.usatoday.com/news/washington/2008-03-13-cybersecurity_N.htm?csp=34

Communications Sector

29. March 13, EETimes.com – (National) iPhone ups ante for security software. Apple’s iPhone and Microsoft CE-based devices are upping the ante for security software in embedded systems, according to experts presenting at the Cellular Telecommunications and Internet Association Wireless conference next month. Embedded security software has become essential to these open-system-based mobile devices, as they grapple with traditional security in addition to new concerns, such as providing a safe execution environment for third-party applications. Besides security software for embedded systems that must manage copy-protected content, Discretix, Safenet and others, such as Mocana Corp., are now being asked by mobile-device makers to supply safe operating environments in addition to all the bits and pieces necessary to secure that transactions can be safely handled by open-system mobile devices.
Source: http://www.eetimes.com/rss/showArticle.jhtml?articleID=206903458&cid=RSSfeed_eetimes_newsRSS