Monday, March 10, 2008

Daily Report

• According to Agence France-Presse, a spokesman for the U.S. Department of State said authorities have placed Syria on a Port Security Advisory List because of concerns about the connections between Syria and international terrorist organizations. The move allows the U.S. Coast Guard to impose additional port security measures to ships traveling to or arriving in U.S. ports that have previously been departing from Syria or have called on Syrian ports. (See item 20)

• The Associated Press reports unsafe medical procedures that spread hepatitis C among six patients at the Endoscopy Center of Southern Nevada in Las Vegas may be more widespread and may have resulted in more infections than first believed. Health inspections at 13 other outpatient surgical centers in the Las Vegas area have also found several violations of standard practices. (See item 29)

Information Technology

38. March 7, Washington Post – (National) Washington prepares for cyber war games. The U.S. government will conduct a series of cyber war games throughout next week to test its ability to recover from and respond to digital attacks. Code-named ‘Cyber Storm II,’ this is the largest-ever exercise designed to evaluate the mettle of information technology experts and incident response teams from 18 federal agencies, including the CIA, Department of Defense, FBI, and NSA, as well as officials from nine states, including Delaware, Pennsylvania and Virginia. In addition, more than 40 companies will be playing, including Cisco Systems, Dow Chemical, McAfee, and Microsoft. In the inaugural Cyber Storm two years ago, planners simulated attacks against the communications and information technology sector, as well as the energy and airline industries. This year’s exercise will feature mock attacks by nation states, terrorists and saboteurs against the IT and communications sector and the chemical, pipeline and rail transportation industries. A former director of the National Cyber Security Division at the Department of Homeland Security who helped to plan both exercises said Cyber Storm is designed to be a situational pressure-cooker for players. Those who adopt the proper stance or response to a given incident are quickly rewarded by having to respond to even more complex and potentially disastrous scenarios. Players will receive information about the latest threats in part from a simulated news outlet, and at least a portion of the feeds they receive will be intentionally misleading, he said. At a cost of roughly $6.2 million, Cyber Storm II has been nearly 18 months in the planning, with representatives from across the government and technology industry devising attack scenarios aimed at testing specific areas of weakness in their respective disaster recovery and response plans.

39. March 6, CNet News – (National) Google says spam is huge corporate headache. Google released a white paper on Thursday about trends in electronic communications systems at corporations and found, to no surprise, that spam is a huge problem and getting worse. While overall e-mail message volume per user grew 47 percent, the spam volume was up 57 percent in 2007 to record levels, according to data cited in the 2008 Annual Google Communications Intelligence Report. The average “unprotected user” would have received 36,000 spam messages in the year, up from 23,000 in 2006, the report said. Stopping spam and other malware is the top priority for the government, legal, manufacturing and, for the most part the tech industry, while healthcare, financial and retail companies are more concerned with complying with government regulations, according to online surveys of 575 CEOs, CIOs, and CTOs.

40. March 6, The Inquirer – (International) Olympic Games set to be malware fest. The Beijing 2008 Olympics may attract more than just the world’s finest sporting talents, according to online insecurity firm Websense. Cyber-criminals are very likely to focus attacks on the upcoming Games, reckons Websense’s technical consultant for Southeast Asia. It would not be the first time that such attacks had taken place, he said. During the FIFA World Cup 2006, he warned, malware writers set up a replica counterfeit site which made sure that every football fan took away their very own Trojan horse. There is a “possibility of large-scale denial of service attacks on Beijing 2008-related sites as political statements and fraud attempts spread through e-mail and the web,” he noted. He reckoned that Olympic news streams, viewed by millions online, would be a great place to try and stick the odd trojan horse or two.

Communications Sector

Nothing to Report