Thursday, May 15, 2008

Daily Report

• According to the Associated Press, Federal investigators have concluded that a lack of company safeguards such as alarms and automatic shutoffs led to a massive chemical plant explosion in Danvers, Massachusetts in November 2006. (See item 3)

• Autopia reports that an FAA airspace redesign project meant to reduce congestion and delays at airports in the Northeast corridor is creating pilot confusion that could result in safety problems. The plan creates additional jet routes by allowing planes to fly closer to one another and by routing departing flights on a set of parallel paths, rather than having them criss-cross. (See item 14)

Information Technology

25. May 14, Associated Press – (International) NATO allies sign agreement on cyber defense center. Seven NATO allies signed a deal Wednesday to fund a research center to boost the alliance’s defenses against cyber attacks, seen as a growing threat to military and civilian computer networks. The center is based in the Baltic nation of Estonia, which was hit last year by an unprecedented wave of cyber attacks that crippled government and corporate computer networks. The attacks followed a dispute over the relocation of a Soviet war memorial in the Estonian capital, leading many to suspect the Kremlin was behind the virtual strikes. Moscow denied involvement. Defense chiefs from Estonia, Latvia, Lithuania, Germany, Italy, Spain and Slovakia all signed the agreement to provide staff and funding for the center in Tallinn. “It is a cooperative effort to bring all the best minds together in cyber defense,” said a U.S. general and NATO’s top commander in charge of military modernization. “We cannot say that we are not going to defend the Web that everybody needs.” The United States will join the project as an observer, and other NATO nations may join later. The agreement was signed during a regular meeting of chiefs of defense staff from the 26 NATO allies. The defense center will be operational in August, although the formal opening is planned for 2009. A staff of 30 specialists will conduct research and training on cyber warfare. Source: http://www.iht.com/articles/ap/2008/05/14/europe/EU-GEN-NATO-Cyber-Defenses.php

26. May 13, InformationWeek – (National) Microsoft patch Tuesday: Six vulnerabilities fixed in four bulletins. Microsoft issued its May security fix, addressing six vulnerabilities in four bulletins. Three of the bulletins describe critical vulnerabilities in Microsoft Word, Microsoft Publisher, and Microsoft Jet Database Engine. The fourth details a moderate vulnerability in Microsoft’s Malware Protection Engine, which powers products like Windows Live OneCare, Microsoft Antigen, Microsoft Windows Defender, and Microsoft Forefront Security. All the vulnerabilities addressed this month are client-side vulnerabilities. MS08-026 fixes two privately reported holes in Word that could have allowed an attacker to take control of a victim’s computer using a maliciously crafted Word file. MS08-027 fixes a privately reported vulnerability in Publisher that, similarly, could have allowed an attacker to subvert a victim’s computer using a maliciously crafted file. MS08-028 repairs a publicly reported flaw in the Microsoft Jet Database Engine (4.0) in Windows. If successfully exploited, the vulnerability could allow an attacker to execute arbitrary code, mitigated by the user’s administrative rights. MS08-029 resolves two privately reported issues affecting Microsoft Malware Protection Engine that could have allowed a remote attacker to craft a malicious file that, when scanned, could have led to a denial of service attack. Source: http://www.informationweek.com/story/showArticle.jhtml?articleID=207603294

Communications Sector

27. May 14, ComputerWeekly.com – (International) Lack of bandwidth and huge traffic threatens to engulf companies. Around half of European IT managers expect their bandwidth requirements to grow by over 50 percent in the next five years, but do not expect to see more than a 5 percent increase in their budgets according to research commissioned by Viatel. The pan-European business communications provider’s survey warns that companies may stand to face serious WAN problems in the future with pressures such as storage, green technologies and compliance strongly competing for budget, and a significant proportion of companies (28 percent) believing that their bandwidth requirements would double within five years. Driving this growth was the sheer weight of email and web traffic with 39 percent of the survey seeing this as the biggest contributor to the need for more bandwidth. 30 percent believed that VoIP and converging technologies such as video on demand would also have a significant effect on traffic in the future, and 18 percent attributed the increase in bandwidth requirements to supporting ERP and CRM systems. Even though 91 percent believed their bandwidth needs would grow significantly over the next five years, three quarters of the sample stated that increasing network bandwidth was not their top IT concern. Preparing for the impact of the downturn in the economy, as well as dealing with the worsening security climate were the clear priorities with over half (56 percent) of the sample making, preparing and implementing business continuity plans the top concerns for the coming year. Protecting the business against emerging IT security threats, such as denial-of-service attacks, also accounted for a large slice of IT managers’ budgets. Source: http://www.computerweekly.com/Articles/2008/05/14/230685/lack-of-bandwidth-and-huge-traffic-threatens-to-engulf.htm

28. May 14, Inquirer – (National) Doctors fear wireless internet killers. Doctors are concerned that the proposed use of unoccupied TV airwaves for high-speed Internet services could kill critically ill patients. The American Society of Healthcare Engineering, an arm of the American Hospital Association, claims that signals which monitor critically ill patients could be lost because of interference. They say that using empty channels for unlicensed broadcasts could disrupt the monitoring of patients’ heart rates, blood oxygen levels and other vital signs at hospitals. If the machines go down, even for a few seconds, doctors lose information on the patient’s condition. Medical device maker GE Healthcare asked the FCC to ‘proceed carefully’ when it permitted use of the idle channels. Since the 1980s, hospitals have used channels 33 to 36 to operate unlicensed wireless patient-monitoring devices. Channel 37 has been set aside for exclusive use of medical equipment. However some hospitals still use other channels. Source: http://www.theinquirer.net/gb/inquirer/news/2008/05/14/doctors-fear-wireless-internet

No comments: