Tuesday, October 9, 2007

Daily Report

  • The Associated Press reports that five hundred people were evacuated early Friday morning at the Indianapolis International Airport, after security officials intercepted a person carrying an urn containing what appeared to be cremated remains. It is not known how many flights were affected by the incident. (See item 11)
  • Reuters reports that the H5N1 bird flu virus has mutated to infect people more easily and is circulating in birds in Africa and Europe. The mutation allows the virus to live and thrive in the human nose, throat, and upper respiratory tract, which are much cooler than avian body temperatures. According to researchers, more mutations are needed for H5N1 to become a pandemic strain. (See item 27)

Information Technology

34. October 5, El Paso Times – (National) New e-mail scam: Hit-man threat. An Ocean County, New Jersey resident reported an email from a so-called Eddy saying “I know that this may sound very surprising to you but it’s the situation. I have been paid some ransom in advance to terminate you with some reasons listed to me by my employer.” The sender, then, demanded $8,000 in exchange for sparing his life. The email also warned the recipient not to contact any friends or relatives about the message because they might be involved in the murder plot. However, after conducting some research on the internet, the man discovered that a similar email scam had been running in Arizona. The F.B.I. received 115 reports of similar emails in less than one month last winter from around the country claiming amounts of money up to $80,000.
Source: http://www.elpasotimes.com/nationworld/ci_7092970

35. October 5, IDG News Service – (California) Bad things lurking on government sites. The U.S. federal government took steps earlier this week to shut down Web sites in California in order to protect the public from hacked Web sites, but new incidents show that the problem is not going away any time soon. On Thursday, compromised pages hosted by the Brookhaven National Laboratory and the Superior Court of Madera County, California, were still hosting inappropriate content. Brookhaven had links that redirected visitors to pornographic Web servers, and the Madera County court site featured ads for pornography and Viagra. Brookhaven is a U.S. Department of Energy lab that specializes in nuclear and high-energy research. The security of U.S. government Web sites has been front-page news in California this week after the U.S. General Services Administration, which administers the .gov top-level domain, temporarily removed California's state servers from the Internet's Domain Name System (DNS) infrastructure, apparently because of a security problem on the Web site of a small state agency, the Transportation Authority of Marin. Security researchers have called for better awareness and responsiveness for website administrators – especially in the .gov and .edu domains – because of the constant danger those sites face by hackers. Even when outside researchers discover flaws, they have a very difficult time contacting Web site administrators to report the problem, one researcher said. “Everyone has really got to do a better job on securing the Internet. You can’t just put a Web server out there and forget about it any more,” he added.
Source: http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9041023&taxonomyId=17&intsrc=kc_top

36. October 4, Infoworld – (National) Security vendors bring zombie fighters to life. Data leakage prevention might currently be the hottest IT security submarket, but vendors are also tuning up their product offerings to help customers ward off the presence of botnet-infected zombie computers. As botnet operators continue to advance the sophistication of their attacks and the manner in which they use and manipulate their armies of infected devices, businesses are asking technology providers for new defense mechanisms, vendors claim, with both anti-virus market leader Symantec and network security specialist Arbor Networks introducing new products to address the problem this week. According to Symantec’s most recent Internet Security Threat Report, published in September, the company’s sensors detected more than 5 million distinct botnet-infected computers during the first six months of 2007, which represents roughly a 7 percent increase when compared to the same period last year. Heightening the issue is the speed at which botnet operators are changing the locations of their command and control centers, which act as the brains of the distributed zombie computer systems. The average command and control center stays up and running for only four days at a time at this point, according to Symantec’s latest research. Arbor, which markets technologies used by enterprises, ISPs, and other carriers to monitor for attacks in the traffic flowing over large networks, launched an updated version of its PeakFlow SP platform, which includes new capabilities for sniffing out botnets. Among the upgrades to the package that will help its customers separate zombie activity from legitimate traffic are new capabilities that give network operators the ability to see what type of applications are responsible for individual packets of data, company officials said.
Source: http://www.infoworld.com/article/07/10/04/Security-vendors-bring-zombie-fighters-to-life_1.html

37. October 4, The Associated Press – (National) Retailers, creditors clash on security. Retailers and the credit card industry are at odds as they try to restore consumer confidence after recent massive thefts of credit card information. The National Retail Federation on Thursday urged a card industry organization to stop requiring retailers to keep customers’ card numbers for up to 18 months. The stored data helps track product returns and disputed or suspicious transactions. But retailers say the data would be more secure if only credit card companies and banks that issue the cards stored it. The biggest recent retail data breach involved TJX Cos., the Framingham, Mass.-based discount retailer, which said early this year that information from at least 45 million customer credit and debit cards had been exposed to potential fraud. Last month, Canadian investigators concluded TJX had kept data with insufficient encryption — and for years after it should have been purged. Less than half the nation’s biggest merchants appear to be complying with card industry security standards — which include encryption and other safeguards — despite a Sept. 30 deadline set by Visa USA, which plans to levy monthly fines up to $25,000 against merchant banks that noncompliant retailers rely on. The retail federation said U.S. retailers are increasingly at odds with the card industry over the security standards, known as PCI. Despite spending $1 billion on meeting the standards the past three years, their attempts to comply “are not enough to accomplish the ultimate goal of protecting the consumer,” the letter read. “Data breaches have continued to occur at an unacceptable rate.”
Source: http://news.yahoo.com/s/ap/20071004/ap_on_hi_te/retail_data_security;_ylt=AkodNtZMiKgxd1G0.tQFj1IjtBAF

Communications Sector

38. October 5, Webwire – (National) Qwest Customer Internet Protection Program increases security for broadband customers. In a press release Friday, Qwest Communications International Inc. announced a program designed to help curtail the spread of viruses and malicious software on the Internet and to assist customers whose computers are infected with viruses or malware. The Qwest Customer Internet Protection Program (CIPP) notifies Qwest Broadband customers about viruses and malware that may be on their computers, informs them of safe Internet security practices and helps them clean viruses and malware from their computers. The proliferation of cyber crime continues to require individuals, businesses and even government agencies to take action against ever-changing methods of attack, the release said. Because viruses and malware can cause problems not only for individual broadband customers, but also for the online community, Qwest said it proactively monitors its network to detect viruses or malware.
Source: http://www.webwire.com/ViewPressRel.asp?aId=49653

39. October 4, RCR Wireless News – (National) Court won’t expedite VZW’s challenge to open access. The U.S. Court of Appeals for the District of Columbia Circuit rejected Verizon Wireless’ emergency motion for fast-track treatment of its challenge to the Federal Communication Commission’s open-access rule, increasing the likelihood that litigation will remain in play in the lead up to the Jan. 16 start of the 700 MHz auction. Verizon Wireless had argued it was imperative that judicial review of the issue be completed before the auction begins. The FCC and Frontline Wireless L.L.C. opposed Verizon Wireless’ emergency motion, with the commission acknowledging more 700 MHz suits may be forthcoming and should be addressed as a package rather than in piecemeal fashion by the court. Additional suits could reach the court after the FCC acts on petitions for reconsideration of 700 MHz rules.
Source: http://www.rcrnews.com/apps/pbcs.dll/article?AID=/20071004/FREE/71004001/1005

40. October 4, PR Newswire – (National) E-SPONDER Express™ now available for responder agencies. In a press release Thursday Convergence Communications announced the availability of E-SPONDER Express(TM), the first plug-and-play incident management appliance that enables first-responders to prepare, respond and recover from emergency incidents and meet NIMS (National Incident Management Systems) obligations. E-SPONDER Express is listed at $19,999. E-SPONDER Express comes with NIMS/ICS (Incident Command System) policies and procedures already built into the system. According to the company, organizations are able to effectively manage an incident following NIMS/ICS guidelines by filling out ICS Forms in the system, and reporting against the data captured in the system during the incident. Reports and forms it manages can be used as proof of NIMS/ICS compliance. As a result of Homeland Security Presidential Directive (09/04 HSPD Directive 5), all first response agencies must meet certain certification criteria for NIMS/ICS. Proof of compliance is necessary for reimbursements under FEMA guidelines as well as accreditation and certification. E-SPONDER Express helps jurisdictions meet the NIMS obligations of ICS implementation, IAP creation, corrective action planning, personnel accountability, resource accountability and management and standardization of the planning process, said the company.
Source: http://www.examiner.com/p-49628~E_SPONDER_Express_TM__Now_Available_for_Responder_Agencies.html