Friday, November 9, 2007

Daily Report

CBS and the Associated Press report that 23 illegal immigrants employed by Ideal Staffing Solutions Inc., were arrested Wednesday, after being accused of using fake security badges to work in critical areas of O’Hare International Airport, Illinois, including the tarmac. The arrested workers, 21 from Mexico and two from Guatemala, face state criminal charges and deportation. (See items 13)

Fox News reports that radical Islamists, who have failed in efforts to hit traditional military and diplomatic targets, are increasingly eyeing so-called “soft targets,” and could be moving toward greater use of chemical and biological weapons, according to “Terrorism 2002-2005.” (See item 38)

Information Technology

31. November 8, Computerworld – (National) Survey: With data breaches, less is more (dangerous). A report released this week by the risk management firm ID Analytics Inc. found that, when it comes to security incidents involving the compromise of identity data, big breaches may actually be better than smaller ones -- at least from a consumer standpoint. Researchers studied the fallout from 12 security breaches involving the loss of Social Security numbers and other personally identifiable data. In all, the fate of over 10 million records containing identity data was analyzed. Out of the breaches studied, the research found that the highest rate of organized misuse of data occurred with the smaller breaches. On average, about one in 200 identities were misused in breaches involving 5,000 identities or less. In comparison, the misuse rate was less than 1 in 10,000 for security incidents involving 100,000 or more individuals. What that means is that a consumer whose identity was exposed in a massive data breach is likely to be less at risk than someone who lost theirs in a small breach, said the chief privacy officer at ID Analytics. Even in cases where large data files are compromised, he explained, ID thieves rarely have the resources, the time, or the knowledge needed to misuse more than just a fraction of the data they acquire. The study also found no evidence to suggest that those who had the breached data were broadly disseminating it into the Internet black market, he said -- indicating that the extent to which stolen data is being made to criminal elements is probably less widespread than most assume. In most cases, the stolen identity data tended to be used by small clusters of people for making applications for new credit cards, he said.

32. November 7, SC Magazine – (National) SecureWorks: Anti-spyware solution scam steals personal financial information. A complex plot involving fake anti-spyware products has scammed thousands of victims out of money and personal information, according to SecureWorks. Hackers in Russia and other Eastern European countries are using the Russian Business Network (RBN) internet service provider (ISP) and other hosting outlets to lure victims into clicking on malicious ads on high-traffic websites, the company reported this week. Clicking on a malicious advertisement opens a pop-up warning about a suspicious problem on the victim’s computer, initiating a “sales process” for a bogus anti-spyware solution that costs $19.95 to $79.95. The rogue websites collect credit card numbers, names and other personal information in the process, according to the SecureWorks. Finally, the “anti-spyware solution” downloads a trojan, such as Zlob, which retrieves other personal information from the victim’s computer over time, or a rootkit, which gives the attacker remote control of the victim’s computer. The names of the bogus anti-spyware found in this offer include Spyshredder, AntiVirGear, MalwareAlarm and about 40 others. The scammers make money not only from the sale of the “solution,” but also from the sale of credit card numbers and access to the trojan- and rootkit-infected computers. According to SecureWorks, the scam thrives on collaboration among a number of internet criminals who randomly inject the ads with the malicious code, making it difficult for the website owner to predict which ads are malicious, said SecureWorks chief technology officer. “This type of scam will be around for a while because it’s showing success,” he said.

33. November 7, Computerworld – (International) Russian hacker gang goes dark to relocate; may be moving to China. The Russian Business Network (RBN), a notorious hacker and malware hosting organization that operates out of St. Petersburg, Russia, has gone off the air, security researchers said today. According to a pair of Trend Micro Inc. researchers, RBN went dark around 10 p.m. EST Tuesday. “The routing information for their IP addresses has been withdrawn,” said a network architect at Trend Micro. “That’s significant because while RBN has had connectivity issues in the past, then the routing [to its IP addresses] was still being advertised. This time, they’ve been voluntarily withdrawn,” he said. “This is not the result of someone, such as their ISP, blackholing their traffic,” he continued. Another report, however, on The Washington Post’s Web site, claimed that while RBN has severed links to the Internet, its upstream connectivity providers had begun to refuse to route RBN traffic as early as mid-October. By relinquishing control of the IP blocks it had been allocated, RBN essentially cut ties to the Internet and made it impossible for its domains, which number in the thousands, to access the Web or for users to reach those domains. He speculated that RBN is simply shifting to new digs, diversifying its considerable back-end infrastructure, trying to lay low or all of the above. “No one knows why they’ve done this, but I think they’re down, not out,” he said. A Trend Micro research project manager, agreed. “We’re seeing signs of RBN-like activity elsewhere, in Turkey, Taiwan and China. RBN may be moving to places even more inaccessible to the law [than Russia]. Everyone knows they were in St. Petersburg, but now they’re changing houses, changing addresses.”

Communications Sector

34. November 7, UPI – (National) Emergency response computer system created. U.S. scientists have created a computer architecture that enables the secure transmission of information to first responders during emergencies. Princeton University researchers said the architecture allows the transmission of sensitive information during such instances as natural disasters, fires or terrorist attacks. The system, called a transient trust, prevents the information from being intercepted by others and access stops as soon as the recipient no longer has need for it. Data provided on a transient-trust basis might include floor plans of a building, medical information about occupants or satellite maps of a given area. The study was presented in Alexandria, Virginia, during a conference last month held by the Association for Computing Machinery Computer and Communications Security.

35. November 7, IDG News Service – (National) Fast mobile on track but faces curves. Backers of the emerging mobile technology called LTE (Long Term Evolution), or SAE (System Architecture Evolution), said Wednesday that recent tests met targets for physical-layer throughput to both stationary and moving users. The LTE/SAE Trial Initiative (LSTI), backed by the 3GPP (Third-Generation Partnership Project) and numerous mobile giants, said the technology met expected peak data rates in tests with both single-antenna and multiple-antenna radios in lab and urban field settings. The peak data rate for LTE in initial deployments is 100mbps downstream and 50mbps upstream, according to LSTI. Because that speed is for one channel, which would be shared by many users in a given area, a real user would get anywhere between 2mbps and 10mbps, according to an analyst at the Marshall Group. But the technological jump still faces several hurdles. First, most carriers will need new radio spectrum to carry LTE services, he said. LTE will need about twice as much spectrum as currently used by 3G technology to deliver promised speeds. Once networks get up and running, the speed you get will depend partly on how many base stations your carrier puts up for it, as well as how many other people are trying to use your local base station, he said. Also, the wireless link between the handset and base station doesn’t go all the way to the Internet. In between is the carrier’s “backhaul” connection, which today often consists of one or more T1 leased lines at 1.5mbps each. Without upgrades, backhaul could create a bottleneck. LTE’s rival, mobile WiMax, will be out sooner with large deployments in the United States next year. From the start, WiMax should deliver speeds at least at the low end of the 2mbps-to-10mbps range, he said. But it faces the same questions when it comes to real speed to the subscriber’s phone or laptop.

No comments: